Need help with VPN basics

Archived from groups: comp.dcom.vpn (More info?)

After searching and reading and getting all mixed up, I decided it
would be best to just ask the experts myself :) There´s so much
information lying around I don´t know anymore what´s right for me and
what isn´t...

Here´s the deal: I need to do some testing with vpn for future needs.
Right now, I just want to get some experience with remotely accessing
ressources at my office. Later on, a small number of users should be
able to simultaniously use vpn for remote access.

I´ve tried to get something done (within one LAN, just for testing
purposes) by using the Windows2000 vpn-features but I don´t even know
how to access files even though the vpn-connection is established.

We have ADSL with a public IP-Address and a router with no vpn
capabilities. My problem is: I don´t know where to start. Do I need
hardware, software or both? If a new router would be sufficient, what
would be a cheap way to get started?

I´m sure I´ll have more questions as things become clearer (hard to
believe that ever happens..), but I´ll let you guide me into the right
direction. If you need more information about our network etc. just
ask. I´d really appreciate some help!

Petr
3 answers Last reply
More about need basics
  1. Archived from groups: comp.dcom.vpn (More info?)

    Petr wrote:
    > After searching and reading and getting all mixed up, I decided it
    > would be best to just ask the experts myself :) There´s so much
    > information lying around I don´t know anymore what´s right for me and
    > what isn´t...
    >
    > Here´s the deal: I need to do some testing with vpn for future needs.
    > Right now, I just want to get some experience with remotely accessing
    > ressources at my office. Later on, a small number of users should be
    > able to simultaniously use vpn for remote access.
    >
    > I´ve tried to get something done (within one LAN, just for testing
    > purposes) by using the Windows2000 vpn-features but I don´t even know
    > how to access files even though the vpn-connection is established.
    >
    > We have ADSL with a public IP-Address and a router with no vpn
    > capabilities. My problem is: I don´t know where to start. Do I need
    > hardware, software or both? If a new router would be sufficient, what
    > would be a cheap way to get started?
    >
    > I´m sure I´ll have more questions as things become clearer (hard to
    > believe that ever happens..), but I´ll let you guide me into the right
    > direction. If you need more information about our network etc. just
    > ask. I´d really appreciate some help!
    >
    > Petr

    In most cases I go with an inexpensive VPN capable router for a small
    network. It's likely that any server you might have in a small network
    is also doing many other things like serving files, running as your
    active directory domain controller, database server, name resolution or
    all of the above. It's easy to setup the security incorrectly on a
    server and if that server is also your domain controller and file server
    then you will just be allowing unrestricted access to the most important
    resource in your network from the Internet.

    I like the Netopia 3386-ENT devices myself. It supports almost all the
    major VPN protocols for a cheap price (less than $200usd). This device
    is sufficient for most small networks. If your Internet connection is
    any faster than 10Mbit then you might consider something a bit better,
    the Netopia seems to handle your typical 5mbit download/1mbit upload
    ADSL and Cable modem type connections without slowing down.

    As far as gaining access to the resources on your network, this is
    mostly a separate issue. To gain access to the internal servers once
    the VPN is established is exactly the same as if you had a WAN link
    connecting the remote site and the network.
    You need to make sure that some form of name resolution is working, that
    means that the VPN server should give out the correct internal DNS/WINS
    settings to the client so it will be asking the correct server for
    network addresses. Also when it comes to network browsing you will
    likely need to type in the server address manually if you are connecting
    over a dynamic connection like a VPN. Even when you have all the
    required WINS servers running and the client is resolving the server
    correctly it can take some serious time before the client will build a
    local version of the browse list. Just make sure you know the proper
    names to connect to your servers before you worry about venturing into
    getting "network neighbourhood" type functionality to work.

    --
    WARNING! Email address has been altered for spam resistance.
    Please remove the -deletethispart-. section before replying directly.
    Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)
  2. Archived from groups: comp.dcom.vpn (More info?)

    Thanks for your Reply, Mike! It help a lot to know that making the vpn
    connection and accessing resources are two different things - I was
    really confused about this before. Every article about establishing a
    vpn in Windows describes how easy and great this feature is, but it
    always ends there and nobody sais how to get to the ressources after
    the vpn has been established...

    I actually once tried accessing shared ressources using the method of
    manually typing in the vpn server address, but I thought that to be so
    complicated it couldn´t possibly be the real solution.

    I´ll have a look at the router you mentioned, maybe that will help to
    understand vpn better, too. Thanks again for your helpful answer!
  3. Archived from groups: comp.dcom.vpn (More info?)

    Netopia Router will do. I personally like Sonicwalls. You would need
    to purchase a Sonicwall, the model will depend on the number or users
    that are on your local network, however, most likely a tz170 will do.
    You can find pricing on these at many places as in sonicguard.com etc.
    Just google.

    The reason I like Sonicwall is that it is relatively easy to setup and
    they run excellent! Dont waste your time on cheap routers, you will
    regret it. For a tz170, you are about $375-500 for a 10 user
    firewall/vpn router. They have a Global VPN client that is simple to
    setup.

    What you would need:

    1) A Sonicwall Firewall - most likely tz170
    2) Global VPN License - you can buy single , 5 pack, and 10 pack etc..
    (for each person accessing the network remotely)
    3) VPN Client Software- $40-50

    I would recommend getting the 8x5 support option as if you are new, you
    might need them to walk you through the setup.

    Hope that helps!
Ask a new question

Read More

vpn Remote Access Networking