1. Home
  2. Virtual Private Networks
  3. Creating first VPN, seeking guidance

Creating first VPN, seeking guidance

Hi,

I'm trying to set up a VPN connection from the corporate network to my home network. I need to use a VPN connection because company policy does not allow the use of Remote Desktop. My home network consists of 3 computers (all XP Pro) sitting behing a Zyxel Prestige 660HW router/firewall with VPN capabilities, which in turn sits behind a DSL modem.

I've been reading all over the place and I'm still not clear on the configuration.

The home network is set up as a workgroup. It's set up behind NAT in the

192.168.1.0/24 block. I have a dynamic IP, but I'm using a dynamic DNS service (which I'll call blablabla.dyndns.org).

The work computer is part of an AD domain, and uses NAT in the 172.16.0.0/12 range. I don't know the firewall setup, nor do I have any sort of access to it.

In the VPN/IPSec settings of the router, I've set up the following:

Menu 27.1.1 - IPSec Setup

Index #= 1 Name= blablabla.dyndns.org //not real address Active= No Keep Alive= No //not yet activated Local ID type= DNS Content= 12345 My IP Addr= 0.0.0.0 Peer ID type= DNS Content= 12345 Secure Gateway Address= blablabla.dyndns.org Protocol= 0 DNS Server= 0.0.0.0 Local: Addr Type= SUBNET IP Addr Start= 192.168.1.0 End/Subnet Mask= 255.255.255.0 Port Start= 0 End= N/A Remote: Addr Type= SUBNET IP Addr Start= 192.168.2.0 End/Subnet Mask= 255.255.255.0 Port Start= 0 End= N/A Enable Replay Detection= No Key Management= IKE Edit Key Management Setup= No

In the Key Management Setup:

Menu 27.1.1.1 - IKE Setup

Phase 1 Negotiation Mode= Main PSK= 12345678 Encryption Algorithm= DES Authentication Algorithm= MD5 SA Life Time (Seconds)= 28800 Key Group= DH1

Phase 2 Active Protocol= ESP Encryption Algorithm= DES Authentication Algorithm= SHA1 SA Life Time (Seconds)= 28800 Encapsulation= Tunnel Perfect Forward Secrecy (PFS)= None

The router manual isn't much help. I'm planning to create the connection using the XP client from work. I haven't tried it from work yet (will do it tomorrow), but does anyone see any glaring errors in the above configuration that might not cause it to work, so that I can change it today while I'm still home?

I also plan to be traveling quite a bit in the next few months. Would this work no matter where I am? (of course, if I'm not inside the company's network, I have a chance of being able to use RDP).

Thanks, Mike

Reply to
Mike T.
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.