1. Home
  2. Virtual Private Networks
  3. VPN to Single Application and/or Fileserver?

VPN to Single Application and/or Fileserver?

VPN to Single Application and/or Fileserver?

Hi I am very new to VPN technology and have been asked to setup a VPN to enable four branch offices to access a fileserver and application server located at a fifth office. We have purchased a Linksys VPN router for the fifth office and want to setup the computers in the branch offices to tunnel in to the VPN router. All of the PCs are running Windows XP Pro with SP2. I would prefer to use the VPN technology built in to Windows XP if at all possible for simplicit4y's sake. Here are my questions/concerns:

1) I have heard that PPTP (the VPN technology used by Windows) was severely broken at some point. Has it been fixed by SP2? Would you guys reccomend using it?

2) My limited understanding of VPN technology tells me that once a computer has established a VPN tunnel from a branch office to the fifth office, that computer will be relying soley on the Internet connection of the fifth office for any and all web browsing/email/etc. Is this correct? If possible I would prefer that the branch office computer rely solely on their local Internet connections for web browsing, and only use the fifth office's web connection for accessing the file and application servers located in that fifth office.

Reply to
Karl
Loading thread data ...

I don't think the Linksys routers allow software clients to use the tunnel. If the four PCs are in the same location, you will need to get one more Linksys router and put it in place for the other remote side. You can configure the tunnel to allow those PCs to access to tunnel to the remote router.

Don't know anything about this, but I assume that if you want to use PPTP, you won't need the LinkSys router. You should be able to set up a Incoming Connection on the fileserver machine (assuming it's Windows 2000 or better) and setup the four machines to log into it. The drawback to this is that you will have to create uses on the fileserver for each of the PCs wanting to connect to it. This isn't really a drawback ... more of an inconvenience, but it is nice to have for security. You *could* configure a single account and have them all connect using it, if you wanted to.

The PCs connecting through VPN tunnel will continue to use their own internet connection(s) independently of the tunnel established. Otherwise, they would drop the tunnel everytime a tunnel was made since the tunnel is made through their internet connection. When you are connected to the fileserver, you should be able to browse to the intranet web address (the private-side IP address assigned to the fileserver, more than likely) with no difficulties.

Undrhil

Reply to
Trousle Undrhil

I did something very similar last year. I wouldnt use linksys gear, I would use Cisco router at the 5th office and RRAS / Windows XP VPN. Or something like Watchguard at each office.

You didnt say if your clients are VPN'ing direct or if you are creating site-to-site tunnels.

If your doing the former, and clients are XP you can possibly use L2TP, instead of PPTP. If you want to use the LAN for Internet/Email and the VPN at the same time, you may need to look into split tunnelling. Good Luck!

Reply to
hals left

A few questions/suggestions:

  1. What model of VPN router did you install at the 5th office? Whatever it is make sure that you have the latest firmware installed on the router. (I purchased multiple BEFVP41's V2 for a similar setup last year and found that they all had old firmware revisions. Check the Linksys.com website for the updates & update information).

  1. Are the branch offices on static or dynamic IP's? If on dynamic set up DDNS domain names for each location - I recommend
    formatting link
    - then set the branch routers or a DDNS client to update the domain information automatically. Also see:
    formatting link
    To make life easier for all: at the other 4 offices install the *exact same* VPN router at those locations. [Regardless of whether you use a Linksys, Netgear, whatever, installing the same at all locations will make your life much easier.]

Setting up the same VPN routers you won't need to mess with configuring each PC for VPN access at the remotes, you simply set up the VPN tunnels in the routers and let them do the work. If you are using Linksys BEFVP41's at each location (as an example), each location will be able to VPN to the end-point (5th office in this case) for application access, and will also be able to access the internet, e-mail etc from their own connection. They do not need to rely on office 5 to get the access.

Reply to
glgxg

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.