Sign in with
Sign up | Sign in
Your question
Solved

VPN Gateway & Cable Modem

Last response: in Networking
Share
May 17, 2014 10:41:41 PM

Hi guys, please advise and share the solution for me too.

I'm using cable modem to for my home office
and want to allow IPSec VPN Client-to-Site from my notebook over 4G AirCard or Public WiFi
to securely access and use my home office network
including file and print sharing, WiFi NAS and if possible NetBIOS traffics.

Could you guys recommend which product to serve as
- Cable Modem
- VPN Gateway
- WiFi

And which VPN Client software to be used on my notebook Windows 7/8 & Android tablet?

Is there any all in one solution?
Split solution is fine if it will give more cost effective.

Thank you in advanced.

Best solution

May 18, 2014 9:33:30 AM

I would not load the VPN on the cable modem I would use a stupid cable modem that is only a modem and run the VPN on a router behind it. There are a number of routers that support VPN. Most asus ones do with the latest firmware since they run a common code base on many of their newer routers. Some of the higher end tp-link routers also have VPN. You of course can load dd-wrt on many different router platforms.

I would try not to use ipsec. It tends to have much more trouble when IP addresses are natted multiple times which is very common using 4g connections. SSL based vpn tends to pass though most anything since it looks like HTTPS, although if you run it in TCP mode to ensure it get though even a proxy it does not perform as well in situations where you have high latency.
Share
May 19, 2014 8:01:23 PM

Thanks for your comments to simplify things.
So, I decide to set my cable modem to bridge mode and will add a VPN router to my home-office topology.

But I'm new to VPN implementation.
So, the next question is which VPN router will actually suit my needs?

Will SSL VPN can make my devices seamlessly connected to my local home-office network?
I'm worry about some of my applications that use UDP traffics won't get passed through the SSL VPN tunnel?
Do I really need IPSec?

If SSL is possible to do the job, how about VPN client & Certificates?
If IPSce is a must, which router(s) has it's own / free VPN client for Windows 7/8 & Android devices.




In summary,
Please advise the list of VPN Routers that support UDP package and has VPN Client for Windows 7/8 & Android devices.

Thank you in advance.
m
0
l
May 19, 2014 11:56:44 PM

Most vpn devices have a couple of ways to configure them. The most common configuration give you a IP on your LAN so you appear as though you were plugged into a lan port on the router.

Many of the routers can run either IPSEC,PPTP or ssl some do all at the same time. This is mostly just getting used to setting up the routers. vpn tends to be tricky to describe but is pretty obvious once you start to play with the settings.

IPSEC tends to be the oldest one around so you get a lot of support for it. If you are always using networks you have control of both ends it tends to work the best of any VPN. The key here is control. It either uses NATT or it uses protocol 50 (ie not PORT 50 PROTOCOL). Both these cause issues for some hotspot type installations, they have to do something special and either choose not to or intentionally block it. The key one IPSEC can never get though are proxy servers. This is why SSLVPN is so popular it can pretty much get though anything.

A properly installed vpn client will force all traffic though the tunnel. This is actually a problem sometime when you want some traffic to go around the tunnel and others to run directly and you must configure the client to allow this. It should not care if it is UDP,TCP or whatever. You can actually run one form of VPN over another...ie IPSEC over SSL if you work at it hard enough.

The most popular free VPN is called openvpn. It has clients that run on pretty much any platform. Like any free software the documentation leave a lot to be desired. It of course does not compare with the ease of use commercial vpn appliances from juniper or cisco have. Those dynamically install activex or java clients to the users but they charge a yearly fee per user so they tend to not be cost effective for other than enterprise installs.
m
0
l
!