Sign in with
Sign up | Sign in
Your question
Solved

Possible to create L2TP VPN w/o having a Domain?

Last response: in Networking
Share
November 24, 2012 10:42:24 PM

Hello everyone, we are currently implementing a new program at work and need to have some other computers on site to be able to connect to the network the server is on. The other computers are on different connections so I believe using a VPN would be the best way to connect the computers. I wanted to do a PPTP vpn, but from my understanding, it's very insecure so it seems that L2TP is the way to go. We are all currently just connected to a workgroup, mainly because there's only about 6 computers to the network and I'd like to keep it that way if possible. After reading a bit, it seems that I need to certify the computers before I can do L2TP but I'm not finding any resource that shows if it's possible to do without a domain. Is there anyone who could help inform me a bit on this? Thanks!

More about : create l2tp vpn domain

Best solution

November 24, 2012 11:45:51 PM
Share

If you cannot use a certificate server you are better off using pre shared keys. I think there is a way to use self signed certificates but that is really no better than pre shared keys.

Be aware if you are attempting to run multiple IPSEC connections though a NATed IP you are going to have some problems. Something like openvpn running ssl/vpn would be a better choice since it tolerates nat much better.

Many times its easier to form the tunnels with the routers rather than the end machines.
November 26, 2012 4:15:53 PM

Thanks for the answer, i haven't been able to get on in a bit. I've tried using PPTP VPN and others like Hamachi and NeoRouter but the problem I'm having is unusually high ping. When I connect to the lan and try to ping my server, the ms latency averages around 300-500 ping. Any idea with what would cause this? Could it be my internet connection? The upload speed that the server's on is around 0.6 Mbps, shouldn't that be good enough?
Related resources
November 26, 2012 4:16:28 PM

Best answer selected by Mattb25.
November 26, 2012 10:09:18 PM

You would need to ping the external address and compare it to the ping time of one thought the tunnel.

Encryption does place a load on the equipment but in general you cannot detect it until your encryption devices hits 100% cpu. So it will be perfectly fine and then spike to very bad. If it is always bad it is something else. 300-500ms sounds like the delay you would see on a satellite.
November 27, 2012 12:03:14 AM

I really appreciate the information. I will definitely do that tomorrow, but I was playing with it a bit and it seems that the ms is around 80-100 as soon as I connect via VPN but as soon as I try to open the program from the server, the latency jumps to 300-500ms, sometimes getting as high as 700ms. So what ends up happening is that I try to bring up our program, and it'll come up with the prompt if I want to run it. When I click run, nothing ever pops up, but the latency will never get back to normal because I assume it's still trying to bring up the program. I'm hoping I can get the speeds up, otherwise I'm not sure how else to get all the networks connected to be able to access the program.

Edit: Forgot to mention, I took the server to another internet connection with the same upload speed but I'm still having the issue. I'm starting to wonder if something on the server is causing this or possibly the routers.
!