VPN to Single Application and/or Fileserver?
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||||||||
|
Posted by Karl on January 11, 2006, 11:23 am
Please log in for more thread options Hi I am very new to VPN technology and have been asked to setup a VPN to enable four branch offices to access a fileserver and application server located at a fifth office. We have purchased a Linksys VPN router for the fifth office and want to setup the computers in the branch offices to tunnel in to the VPN router. All of the PCs are running Windows XP Pro with SP2. I would prefer to use the VPN technology built in to Windows XP if at all possible for simplicit4y's sake. Here are my questions/concerns: 1) I have heard that PPTP (the VPN technology used by Windows) was severely broken at some point. Has it been fixed by SP2? Would you guys reccomend using it? 2) My limited understanding of VPN technology tells me that once a computer has established a VPN tunnel from a branch office to the fifth office, that computer will be relying soley on the Internet connection of the fifth office for any and all web browsing/email/etc. Is this correct? If possible I would prefer that the branch office computer rely solely on their local Internet connections for web browsing, and only use the fifth office's web connection for accessing the file and application servers located in that fifth office. | ||||||||||||||||
|
Posted by Trousle Undrhil on January 16, 2006, 1:27 pm
Please log in for more thread options I don't think the Linksys routers allow software clients to use the tunnel. If the four PCs are in the same location, you will need to get one more Linksys router and put it in place for the other remote side. You can configure the tunnel to allow those PCs to access to tunnel to the remote router. > 1) I have heard that PPTP (the VPN technology used by Windows) was
> severely broken at some point. Has it been fixed by SP2? Would you > guys reccomend using it? Don't know anything about this, but I assume that if you want to use PPTP, you won't need the LinkSys router. You should be able to set up a Incoming Connection on the fileserver machine (assuming it's Windows 2000 or better) and setup the four machines to log into it. The drawback to this is that you will have to create uses on the fileserver for each of the PCs wanting to connect to it. This isn't really a drawback ... more of an inconvenience, but it is nice to have for security. You *could* configure a single account and have them all connect using it, if you wanted to. > 2) My limited understanding of VPN technology tells me that once a
> computer has established a VPN tunnel from a branch office to the fifth > office, that computer will be relying soley on the Internet connection > of the fifth office for any and all web browsing/email/etc. Is this > correct? If possible I would prefer that the branch office computer > rely solely on their local Internet connections for web browsing, and > only use the fifth office's web connection for accessing the file and > application servers located in that fifth office. The PCs connecting through VPN tunnel will continue to use their own internet connection(s) independently of the tunnel established. Otherwise, they would drop the tunnel everytime a tunnel was made since the tunnel is made through their internet connection. When you are connected to the fileserver, you should be able to browse to the intranet web address (the private-side IP address assigned to the fileserver, more than likely) with no difficulties. Undrhil | ||||||||||||||||
|
Posted by hals left on January 16, 2006, 6:14 pm
Please log in for more thread options I did something very similar last year.
I wouldnt use linksys gear, I would use Cisco router at the 5th office and RRAS / Windows XP VPN. Or something like Watchguard at each office. You didnt say if your clients are VPN'ing direct or if you are creating site-to-site tunnels. If your doing the former, and clients are XP you can possibly use L2TP, instead of PPTP. If you want to use the LAN for Internet/Email and the VPN at the same time, you may need to look into split tunnelling. Good Luck! | ||||||||||||||||
|
Posted by glgxg on January 16, 2006, 11:00 pm
Please log in for more thread options Karl wrote:
> VPN to Single Application and/or Fileserver?
> > Hi I am very new to VPN technology and have been asked to setup a VPN > to enable four branch offices to access a fileserver and application > server located at a fifth office. We have purchased a Linksys VPN > router for the fifth office and want to setup the computers in the > branch offices to tunnel in to the VPN router. All of the PCs are > running Windows XP Pro with SP2. I would prefer to use the VPN > technology built in to Windows XP if at all possible for simplicit4y's > sake. Here are my questions/concerns: > > 1) I have heard that PPTP (the VPN technology used by Windows) was > severely broken at some point. Has it been fixed by SP2? Would you > guys reccomend using it? > > 2) My limited understanding of VPN technology tells me that once a > computer has established a VPN tunnel from a branch office to the fifth > office, that computer will be relying soley on the Internet connection > of the fifth office for any and all web browsing/email/etc. Is this > correct? If possible I would prefer that the branch office computer > rely solely on their local Internet connections for web browsing, and > only use the fifth office's web connection for accessing the file and > application servers located in that fifth office. > A few questions/suggestions: 1. What model of VPN router did you install at the 5th office? Whatever it is make sure that you have the latest firmware installed on the router. (I purchased multiple BEFVP41's V2 for a similar setup last year and found that they all had old firmware revisions. Check the Linksys.com website for the updates & update information). 2. Are the branch offices on static or dynamic IP's? If on dynamic set up DDNS domain names for each location - I recommend http://www.dyndns.com/services/dns/dyndns/ - then set the branch routers or a DDNS client to update the domain information automatically. Also see: http://www.dyndns.com/support/clients/ To make life easier for all: at the other 4 offices install the *exact same* VPN router at those locations. [Regardless of whether you use a Linksys, Netgear, whatever, installing the same at all locations will make your life much easier.] Setting up the same VPN routers you won't need to mess with configuring each PC for VPN access at the remotes, you simply set up the VPN tunnels in the routers and let them do the work. If you are using Linksys BEFVP41's at each location (as an example), each location will be able to VPN to the end-point (5th office in this case) for application access, and will also be able to access the internet, e-mail etc from their own connection. They do not need to rely on office 5 to get the access. | ||||||||||||||||
| Similar Threads | Posted |
| VPN to Single Application and/or Fileserver? | January 11, 2006, 11:23 am |
| VPN between a LAN and a single PC | January 24, 2008, 12:19 pm |
| VPN application slow | March 21, 2005, 7:44 am |
| vpn for voice application | April 1, 2007, 12:46 am |
>
> Hi I am very new to VPN technology and have been asked to setup a VPN
> to enable four branch offices to access a fileserver and application
> server located at a fifth office. We have purchased a Linksys VPN
> router for the fifth office and want to setup the computers in the
> branch offices to tunnel in to the VPN router. All of the PCs are
> running Windows XP Pro with SP2. I would prefer to use the VPN
> technology built in to Windows XP if at all possible for simplicit4y's
> sake. Here are my questions/concerns: