Let's talk about VPNs

nodle

Cheesemonger
Administrator
Ok i had fun learning to using putty. So lets talk about VPNs. First off why should i use one of these instead of using remote desktop connection? I'm gonna probably say the encryption correct? So basically do you need a client installed or do VPN get handled though the router itself? Then will i need some sort of client to connect to the VPN?
 

ndboarder

Bill Gates' Gimp
Members
Yes, for VPN you would need a host and client.  Win XP and up has a client built in to do VPN, but if you can get your hands on the cisco client I'd use that.  The advantage to your VPN (Virtual Private Network) is that you are creating a secure tunnel between the client and host.  You can of course use this to surf discretely using your home network from work, or you can create a tunnel between two networks, essentially joining them into one.

Linksys does make a few router models with VPN capability, personally I'd like to setup VPN software on two linux machines and open a VPN tunnel between them.  If the 'nix boxes were also used to handle DHCP requests and acting as DNS servers there are good possibilities there.  Flux can all get together and we'll create our own VPI (Virtual Private Internet) where no one from the outside Internet can access our internal one. 

Anyhow I'm starting to confuse myself...
 

nodle

Cheesemonger
Administrator
Yes, for VPN you would need a host and client.  Win XP and up has a client built in to do VPN, but if you can get your hands on the cisco client I'd use that.  The advantage to your VPN (Virtual Private Network) is that you are creating a secure tunnel between the client and host.  You can of course use this to surf discretely using your home network from work, or you can create a tunnel between two networks, essentially joining them into one.

Linksys does make a few router models with VPN capability, personally I'd like to setup VPN software on two linux machines and open a VPN tunnel between them.  If the 'nix boxes were also used to handle DHCP requests and acting as DNS servers there are good possibilities there.  Flux can all get together and we'll create our own VPI (Virtual Private Internet) where no one from the outside Internet can access our internal one. 

Anyhow I'm starting to confuse myself...
Do you mean like an "intranet"? We use to use them at my last job. Well because of my aftermarket firmware on the router it supports VPN. Normally you have to buy a special more expensive router for this feature. So would i still need a client? Or would the router handle the VPN traffic and direct it to the machines? i would still need a client on my side correct?
 

ndboarder

Bill Gates' Gimp
Members
Yeah, it would be like an Intranet.  You are correct in assuming that you would still need a client on your machines.  Although in win XP (I haven't looked at how to do this in Vista yet) you can just create a new connection and setup a VPN connection without having to install any 3rd party software.

I always wanted to set this up so I could VPN to home from work.  That way my work machine would have an IP on my local network, so by leaving it connected I could remote desktop to the work machine using it's local IP there.  Makes for a nice way around firewalls and such that a workplace may have.
 

nodle

Cheesemonger
Administrator
The client part is a snap naturally. But, the host and firewall traversal can be troubling.
The firewall part seems fairly easy, but i should just try it out. So is a VPN more secure than a SSH connection?
 

nodle

Cheesemonger
Administrator
Client error 800. Son of a ............
Sounds like you need to enable your router VPN or PPTP pass-through, and also forward port 1723 traffic to the machine's IP. Another words you need to forward the VPN traffic to the machine.
 

Davidc

Caulk Sucker
Members
Client error 800. Son of a ............
Sounds like you need to enable your router VPN or PPTP pass-through, and also forward port 1723 traffic to the machine's IP. Another words you need to forward the VPN traffic to the machine.
Let me check that quit here. Um or between calls that is. Which gives me about 45 seconds.
 

jmanz

I bought you the sims
Members
Client error 800. Son of a ............
Sounds like you need to enable your router VPN or PPTP pass-through, and also forward port 1723 traffic to the machine's IP. Another words you need to forward the VPN traffic to the machine.
Let me check that quit here. Um or between calls that is. Which gives me about 45 seconds.
don't be silly sir, today we have like 50 seconds at least.
 

Davidc

Caulk Sucker
Members
Error 721: Remote PPP peer or computer is not responding. Resolution: If you have tried many thing other people suggest like rebooting, reloading hardware and re-installing the VPN or dial in connection, you still get the same problem. I will suggest to check the router settings and make sure TCP Port 1723, IP Protocol 47 (GRE) are opened. Also make sure that the router has the PPTP enabled and not firewall block the traffic. On the RAS server, check the DHCP settings.
Have done the port forwarding. IP Protocol 47???? The DI 604 doesn't have any readily apparent locations for protocol pass through, like you would see on a linksys.
 

ndboarder

Bill Gates' Gimp
Members
The client part is a snap naturally. But, the host and firewall traversal can be troubling.
The firewall part seems fairly easy, but i should just try it out. So is a VPN more secure than a SSH connection?
I would say SSH is a more secure connection as the host/client share keys and encrypt data.  SSH was not traditionally intended for tunneling between networks.  It's primary use is as a remote connection to the linux bash shell.
 

Davidc

Caulk Sucker
Members
VPN Pass-Through

Allows VPN connections to work through the DI-604.

PPTP

Enabled Disabled

IPSec

Enabled Disabled

I also went in and verified that IPSEC service was started and set to auto.
 

nodle

Cheesemonger
Administrator
The client part is a snap naturally. But, the host and firewall traversal can be troubling.
The firewall part seems fairly easy, but i should just try it out. So is a VPN more secure than a SSH connection?
I would say SSH is a more secure connection as the host/client share keys and encrypt data.  SSH was not traditionally intended for tunneling between networks.  It's primary use is as a remote connection to the linux bash shell.
Well what i am kinda excited to try when i get home is, my router support the "magic packet" WOL feature. Which basically means i can wake up anymachine on my network from a turned off start just by using the MAC address. I can do this two ways either by turning on remote management and remoting into the router and then accessing the WOL panel then clicking "wake up" Or i can use the command ether-wake then the MAC address though the SSH shell. I am kinda excited to give this ago because I don't always like to leave my computer running all the time, and then i get to work and want to download something but i have to wait till i get home. Now i can kick in on anytime/anywhere and then remote in to have it turn itself off when i get done.
 

nodle

Cheesemonger
Administrator
VPN Pass-Through

Allows VPN connections to work through the DI-604.

PPTP

Enabled Disabled

IPSec

Enabled Disabled

I also went in and verified that IPSEC service was started and set to auto.
So could you get though?
 
Top