Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: VPN Setup Recommendations
« previous next »
Pages: [1]   Go Down

VPN Setup Recommendations

  • 2 Replies
  • 713 Views

Graeme Fleming

VPN Setup Recommendations
« on: November 14, 2003, 08:18:23 AM »
Yo all

I need to provide a secure connection to an SME 6b3 server sitting behind a Netgear DG814 router from a WinXP box:


XP box <------> ADSL modem <-/-/-/-> Netgear DG814 <-------> SME <--> LAN
                       (dynamic IP)                  (static IP)        NAT            NAT

What would you guys suggest as the optimum config for the SME box & the XP box?

If I wanted to see a Windows NT server behind the SME box what would need to be configured?

All suggestions gratefully received.

TIA
Logged

Greg Zartman

Re: VPN Setup Recommendations
« Reply #1 on: November 14, 2003, 08:38:45 AM »
Graeme,

I recently setup a couple Multitech IPsec VPN routers in a situation very simular to the situation you have.  Setup is a breeze and price is very good (~$240 US for two refurbished routers).

Here is a very nice article:

http://www.aplawrence.com/Reviews/rf550vpn.html

The article states that WINS service across the VPN doesn't work.  I didn't find this to be true.  I simply hand input the IP address of my WINS server (i.e., my SME server) in my remote Win XP client and WINS lookups worked just fine.  I was able to browse the entire network from my Win XP client no prob.

If you do decide to try these routers, I'd highly recommend that you get them talking to each other at a workbench before doing the remote install.  In my case, I simply connected the routers with a crossover cable and assigned the WAN connection on each router IPs on totally different subnets (Note: These routers will not talk to each other if the WAN IPs are on the same subnet).   This exercise allowed me to work out the bugs and get each router setup and working before running them on the net from two locations.

Good luck.

Greg Zartman
Logged

John Crisp

Re: VPN Setup Recommendations
« Reply #2 on: November 14, 2003, 04:24:25 PM »
Graeme,

You should be able to use the standard PPTP VPN connections from WIn XP. I have a XP user with a laptop who VPNs into a 5.6 server easily. There are various things around here about using IPSEC instead, along with comments as to the security of each - I think that IPSEC is meant to be better. Personally, they don't have that any state secrets hidden on their server so they operate an 'acceptable risk' policy.

The only fly in the ointment MIGHT be the Netgear router. They originally had a Netgear DM602 single port router which steadfastly refused to accept incoming VPN connections. You could easily VPN out through it to A.N. Other server, but there is something in the firmware that blocks incoming on GRE port 47. This wasn't mentioned on the documentation.

I spoke to Netgear and they acknowledged that this was a problem with the router and offered a very 'beta' firmwar hack - something to do with the way it does NAT I believe. I decided against it and bought a Vigor 2600 instead. A doddle to setup and use and so far very reliable.

HTH

B. Rgds
John
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: VPN Setup Recommendations