Solved

How to create a private VPN using a public VPN server?

Posted on 2014-01-15
6
370 Views
Last Modified: 2014-01-16
Hi all,

Two users, each with their own PC, and a printer in a remote network that cannot be reached in any normal way (the gateway/firewall doesn't allow anything, virtually). Hence our idea: we put a PC in that network, we make it connect to a public VPN server under a known name, we connect ourselves too to the VPN server, and then we can access the printer.

1. Is that possible?
2. Are there such servers available?
3. Free??
0
Comment
Question by:Sjef Bosman
  • 3
  • 3
6 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 39784413
I have never heard of a one.

Why can you setup a VPN server where the printer resides?  If there is a business need for this, then it should be justified and allowed.
0
 
LVL 46

Author Comment

by:Sjef Bosman
ID: 39784778
That printer and the additional PC are in the same network, behind the impenetrable firewall. The VPN server must be outside that network, in order to create a connection to the outside and allow traffic via that connection inwards. The problem with all networks is that they don't have a fixed IP address, so a provate VPN server becomes a little awkward. It's not impossible, using dyndns, but it would be a lot easier if there were an external public VPN (OpenVPN) server available that could create a VPN for only 4 or 5 PC's, of which one is the PC next to the printer. There is a way to configure an OpenVPN client so that reverse connections are allowed.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39786358
-- > ... , behind the impenetrable firewall.

If the firewall is that locked down are you sure you would be able to establish a outbound VPN connection?

If your firewall is that locked down, and you can not get an exception to allow this inbound are you sure your company's policy would allow you to connect to a VPN server?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 46

Author Comment

by:Sjef Bosman
ID: 39787025
Well, the policy is not so important (yet). First, I want to make sure it's technically feasible, which I think it is. I admit I've never tried to open a VPN port from the inside of the network through the firewall, but I assume it will work, give the fact that other network protocols go through without any problem.
NetworkThis is the general idea: A and B want to print on the remote printer. Normally it isn't accessible, but if a local PC sets up a VPN connection with a VPN server, and A and B can connect to the same VPN, the printer should become available. The remote PC might have to share the network printer, that I'm not sure of yet.
0
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 39787160
No, the policy is the FIRST thing you need to check.  Not sure about your work place but at mine even attempting something like this is grounds for termination.

Why?  Because the box you show as 'public vpn service' now has a connection to each network BEHIND your firewall.  Which means it has FULL access to everything behind your "impenetrable firewall".

This is why there is no such thing as a public VPN server.

It is possible that even with a direct VPN connection between "remote" and the other PC's could be against your company's policy if either of those sites are considered untrusted.  Why?  Again if you setup a VPN between "remote" and A they both have access to each other's networks behind their respective firewalls.  Same thing with "remote" and B.  In fact it is possible that since A and B both have connections to "remote" that they would have full access to each other networks.

If there is a business justification to share the printer at remote with A and B, then your technical team will come up with a supported and allowed configuration.  

If there is not a business justification and you could violate your company's policy and who knows what could happen.
0
 
LVL 46

Author Closing Comment

by:Sjef Bosman
ID: 39787259
Ok, got it, no public VPN server. So I'll have to set up my own, which is a thing I don't really intended to hear: it took me a lot of time to get both an OpenVPN sever and a few clients configured correctly. Far too many parameters ;-) But if it's the only way to go...

Thanks for your valuable comments!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question