VPN / Security

Hi

I am trying to secure a small network with a few servers.  I want to setup a vpn for remote access, something open source and also ensure only locations allowed to access from certain locations.   I do not want to use ip security as some of the remote sites will have dynamic ip's.  Does anyone have any idea's?

thanks
Jack_son_Asked:
Who is Participating?
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Is user/certificate sufficient for security in your case? Guess so, as you do not gain security by restricting public and dynamic IP addresses.
IPsec works with dynamic IPs, btw.  Only site-2-site tunnels are restricted to that regard.
0
 
JohnBusiness Consultant (Owner)Commented:
Best to get Static IP (External) if you can. Otherwise use DynDNS to fake a static IP.

Then put in a VPN router and provide access only to the users you wish. This will be secure.
0
 
Jack_son_Author Commented:
great, some of the remote people will have dynamic ip's, so dyn DNS will work for that?
0
Turn Raw Data into a Real Career

There’s a growing demand for qualified analysts who can make sense of Big Data. With an MS in Data Analytics, you can become the data mining, management, mapping, and munging expert that today’s leading corporations desperately need.

 
JohnBusiness Consultant (Owner)Commented:
It the remote people have dynamic IP address and use a Client Application to access the VPN, it should work fine. I have done that a while back.
0
 
Jack_son_Author Commented:
The only issue is I want to only allow about 7 users ip addresses from specific locations.   How could this be managed easily?
0
 
JohnBusiness Consultant (Owner)Commented:
Restricting to 7 users is very easy. They need user names and shared secret to access. Adding all the possible IP locations would be a nightmare. You would need a policy for every possible IP. Since the users can move around (that IS the point of client software) then they would have to tell you where they are.

User name and shared secret should work just fine.
0
 
bbaoIT ConsultantCommented:
may i know the available platform for building the VPN solution? Windows? Linux? OS X? or simply hardware based using your exisiting router?
0
 
Jack_son_Author Commented:
windows or linux would be the available platform
0
 
bbaoIT ConsultantCommented:
regarding VPN solutiions not based on IP Sec, for Windows platforms from NT4 to today's 2012 they all support PPTP based VPN though the recent versions is much better in terms of performance, reliability, secuirty and management capability. The most good points are the solution is built-in and free of charge, and has been proved workable in dynamic IP scenarios.

for Linux, PPTP VPN servers are also available in most distributions. check your version's release notes and manuals for more information.
0
 
JohnBusiness Consultant (Owner)Commented:
It is easiest just to use a hardware VPN box for the office solution and let people remote in. I do this all the time.
0
 
JohnBusiness Consultant (Owner)Commented:
@Jack_son_  - Thanks and I was happy to help you with this.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.