VPN: Router-to-Router or Client-to-Router??
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
|||||||||||||
|
Posted by Jester on November 30, 2005, 12:14 pm
Please log in for more thread options Want to set up a VPN between a small peer-to-peer lan and two other home users. Two sites are on DSL, third is FiOS... all have dynamic IPs. I'm quite familiar with D-Link products, so I'll be using these models for reference, but feel free to suggest other options (but tell me why please)... here are my brainstorming results... 1- Three inexpensive DI-804HVs... One at each site... using best security available between them. PROS (As I perceive them): - Possibly better security than using XP client?? - If any site expands, can just plug in additional PCs to to local lans and not bother with additional connections on PC. Not a big deal, but hey. - Dial-up access to each site through modem plugged into DB9 port on DI-804HV (Don't need it right now, but easily might in future) CONS: - "Always on" VPN between sites. Greater possibility of attack?? 2- One inexpensive DI-804HV at main site... XP client at each remote PC. PROS: - Least expensive option. - When remote PCs are off, there's no tunnel active. Although I realize the router would be willing to "accept" a potential connection. So I don;t knwo if my "always on" fear is valid. - Dial-up access to main site through DB9 port. CONS: - Limits me to PPTP. - Any other security/performance concerns I might be missing. 3- One DFL-200 at main site, NETDEFEND client or DI_804HVs at remotes. PROS: - Faster VPN performance (supposedly) I know the "A" in ADSL will affect speed more than anything. - Can use NETDEFEND client at remote sites for more robust security. - Can manage bandwidth to each tunnel. - Can also use XP client in a pinch. - Also has DB9 port CONS: - A bit more money than I planned. So basically, my main question is: What are the advantages/disadvantages of router-to-router vs. client-to-router setups?? Which of the above is best for simple file-sharing between sites? Each site has net access, each site has printers. We just need some very simple 50-100k files accessed every now and then, and at worst, a 1-2mb PDF might have to be opened on occasion. Thanks in advance! Jester | |||||||||||||
|
Posted by ilwingsfan on December 1, 2005, 7:52 am
Please log in for more thread options DI-804HV but 8 ports). As far as I know you cannot set up direct "Always On" VPN between the two sites where both have Dynamic IP...even using Dynamic DNS via dyndns.org,etc. You can setup PPTP server on DI-804HV and create a VPN tunnel from any Windows XP machine or by using software you could create the tunnel on other OS's. The setup on the DI-804HV requires an IP address for the other end - you cannot enter a URL. Took quite a lot of tinkering to solve my problems with the DI-808 - seems to be working OK now but rather slow. I'd like to hear how your project turns out. Jester wrote: | |||||||||||||
|
Posted by Jester on December 1, 2005, 12:01 pm
Please log in for more thread options Thanks for the info!
Anyhow, my situation has changed a bit... we found a great deal on a used DFL-200 and took it. Should be receiving it by next week. So now the question is, what's the best way to set up the sites having a DFL-200 at the main site... would it be DI-804HV's or NETDEFEND clients at each site?? Or even plain old XP client at the remotes??? I kind of like the idea of a hardware solution at each site to avoid using resources from the remote PCs, at least to use as little as possible... Can the DFL-200 allow a remote site to have a URL instead of IP? Thanks -- Jester > Jester - Just went through setting up VPN with DI-808HV (same as
> DI-804HV but 8 ports). > > As far as I know you cannot set up direct "Always On" VPN between the > two sites where both have Dynamic IP...even using Dynamic DNS via > dyndns.org,etc. You can setup PPTP server on DI-804HV and create a VPN > tunnel from any Windows XP machine or by using software you could > create the tunnel on other OS's. > > The setup on the DI-804HV requires an IP address for the other end - > you cannot enter a URL. > > Took quite a lot of tinkering to solve my problems with the DI-808 - > seems to be working OK now but rather slow. I'd like to hear how your > project turns out. > > > > Jester wrote: >> Hi all,
>> >> Want to set up a VPN between a small peer-to-peer lan and two other >> home >> users. Two sites are on DSL, third is FiOS... all have dynamic IPs. I'm >> quite familiar with D-Link products, so I'll be using these models for >> reference, but feel free to suggest other options (but tell me why >> please)... here are my brainstorming results... >> >> 1- Three inexpensive DI-804HVs... One at each site... using best security >> available between them. >> >> PROS (As I perceive them): >> - Possibly better security than using XP client?? >> - If any site expands, can just plug in additional PCs to to local lans >> and >> not bother with additional connections on PC. Not a big deal, but hey. >> - Dial-up access to each site through modem plugged into DB9 port on >> DI-804HV (Don't need it right now, but easily might in future) >> >> CONS: >> - "Always on" VPN between sites. Greater possibility of attack?? >> >> 2- One inexpensive DI-804HV at main site... XP client at each remote PC. >> PROS: >> - Least expensive option. >> - When remote PCs are off, there's no tunnel active. Although I realize >> the >> router would be willing to "accept" a potential connection. So I don;t >> knwo >> if my "always on" fear is valid. >> - Dial-up access to main site through DB9 port. >> CONS: >> - Limits me to PPTP. >> - Any other security/performance concerns I might be missing. >> >> 3- One DFL-200 at main site, NETDEFEND client or DI_804HVs at remotes. >> PROS: >> - Faster VPN performance (supposedly) I know the "A" in ADSL will >> affect >> speed more than anything. >> - Can use NETDEFEND client at remote sites for more robust security. >> - Can manage bandwidth to each tunnel. >> - Can also use XP client in a pinch. >> - Also has DB9 port >> CONS: >> - A bit more money than I planned. >> >> >> So basically, my main question is: What are the >> advantages/disadvantages >> of router-to-router vs. client-to-router setups?? >> Which of the above is best for simple file-sharing between sites? Each >> site >> has net access, each site has printers. We just need some very simple >> 50-100k files accessed every now and then, and at worst, a 1-2mb PDF >> might >> have to be opened on occasion. >> >> Thanks in advance! >> >> Jester >
| |||||||||||||
>
> Want to set up a VPN between a small peer-to-peer lan and two other home
> users. Two sites are on DSL, third is FiOS... all have dynamic IPs. I'm
> quite familiar with D-Link products, so I'll be using these models for
> reference, but feel free to suggest other options (but tell me why
> please)... here are my brainstorming results...
>
> 1- Three inexpensive DI-804HVs... One at each site... using best security
> available between them.
>
> PROS (As I perceive them):
> - Possibly better security than using XP client??
> - If any site expands, can just plug in additional PCs to to local lans and
> not bother with additional connections on PC. Not a big deal, but hey.
> - Dial-up access to each site through modem plugged into DB9 port on
> DI-804HV (Don't need it right now, but easily might in future)
>
> CONS:
> - "Always on" VPN between sites. Greater possibility of attack??
>
> 2- One inexpensive DI-804HV at main site... XP client at each remote PC.
> PROS:
> - Least expensive option.
> - When remote PCs are off, there's no tunnel active. Although I realize the
> router would be willing to "accept" a potential connection. So I don;t knwo
> if my "always on" fear is valid.
> - Dial-up access to main site through DB9 port.
> CONS:
> - Limits me to PPTP.
> - Any other security/performance concerns I might be missing.
>
> 3- One DFL-200 at main site, NETDEFEND client or DI_804HVs at remotes.
> PROS:
> - Faster VPN performance (supposedly) I know the "A" in ADSL will affect
> speed more than anything.
> - Can use NETDEFEND client at remote sites for more robust security.
> - Can manage bandwidth to each tunnel.
> - Can also use XP client in a pinch.
> - Also has DB9 port
> CONS:
> - A bit more money than I planned.
>
>
> So basically, my main question is: What are the advantages/disadvantages
> of router-to-router vs. client-to-router setups??
> Which of the above is best for simple file-sharing between sites? Each site
> has net access, each site has printers. We just need some very simple
> 50-100k files accessed every now and then, and at worst, a 1-2mb PDF might
> have to be opened on occasion.
>
> Thanks in advance!
>
> Jester