|
Home > Archive > VPN > April 2006 > VPN and Internet Access
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
VPN and Internet Access
|
|
| stuie_norris@yahoo.com.au 2006-04-02, 7:00 pm |
| Hi Group,
I am a newbie to network stuff and I am planning on setting up a VPN
between my broadband and my parents broadband connection to control
there PC (XP) using VNC when they need assistance. Quiet rare but it
will make life easier.
The main use of each broadband connection would be to use the Internet.
I am currently looking at 2 x Draytrek Vigor 2800 ADSL router to
acheive this using a ADSL 512 kbps Down/128 kbps link at both ends with
static IP addresses.
Each site will have a maximum of two computers and a USB printer.
I can see from the Vigor documentation that the VPNs support the
following PPTP, IPSec Tunnel (main mode), IPSec Tunnel (aggressive
mode), L2TP, L2TP over IPsec.
I am thinking of using L2TP over IPsec as that seems the most secure.
Here comes the confusion - usage of the routers for access not to the
VPN.
Can each site access the Internet as well from end point?
(That is my parents the client VPN connection goes to the internet from
there connection.)
Can I have NATed addresses onto the Internet?
Any good documentation around on this?
Thanks
Staurt
| |
| Tim Murray 2006-04-02, 7:00 pm |
| On Apr 1, 2006, stuie_norris@yahoo.com.au wrote:
> Hi Group,
>
> I am a newbie to network stuff and I am planning on setting up a VPN
> between my broadband and my parents broadband connection to control
> there PC (XP) using VNC when they need assistance. Quiet rare but it
> will make life easier.
>
> The main use of each broadband connection would be to use the Internet.
>
> I am currently looking at 2 x Draytrek Vigor 2800 ADSL router to
> acheive this using a ADSL 512 kbps Down/128 kbps link at both ends with
> static IP addresses.
>
> Each site will have a maximum of two computers and a USB printer.
>
> I can see from the Vigor documentation that the VPNs support the
> following PPTP, IPSec Tunnel (main mode), IPSec Tunnel (aggressive
> mode), L2TP, L2TP over IPsec.
>
> I am thinking of using L2TP over IPsec as that seems the most secure.
>
> Here comes the confusion - usage of the routers for access not to the
> VPN.
>
> Can each site access the Internet as well from end point?
> (That is my parents the client VPN connection goes to the internet from
> there connection.)
>
> Can I have NATed addresses onto the Internet?
>
> Any good documentation around on this?
Do your folks work for the Pentagon? Seriously, why not just a VNC solution
with a password, and show them how to turn the port on and off when
necessary?
| |
|
| stuie_norris@yahoo.com.au wrote:
> Hi Group,
>
> I am a newbie to network stuff and I am planning on setting up a VPN
> between my broadband and my parents broadband connection to control
> there PC (XP) using VNC when they need assistance. Quiet rare but it
> will make life easier.
>
> The main use of each broadband connection would be to use the Internet.
>
> I am currently looking at 2 x Draytrek Vigor 2800 ADSL router to
> acheive this using a ADSL 512 kbps Down/128 kbps link at both ends with
> static IP addresses.
>
> Each site will have a maximum of two computers and a USB printer.
>
> I can see from the Vigor documentation that the VPNs support the
> following PPTP, IPSec Tunnel (main mode), IPSec Tunnel (aggressive
> mode), L2TP, L2TP over IPsec.
>
> I am thinking of using L2TP over IPsec as that seems the most secure.
>
> Here comes the confusion - usage of the routers for access not to the
> VPN.
>
> Can each site access the Internet as well from end point?
> (That is my parents the client VPN connection goes to the internet from
> there connection.)
>
> Can I have NATed addresses onto the Internet?
>
> Any good documentation around on this?
>
> Thanks
>
>
> Staurt
>
Stuart,
Only the traffic for the remote lan defined in the vpn config gets sent
over the tunnel, everything else goes out via the local internet
connection, and yes it will handle natting between the sites and the
internet, just make sure the subnet at each end is different, like
192.168.0.0/255.255.255.0 and 192.168.1.0/255.255.255.0
These devices work well with dynamic dns services too, so no need to get
static IPs.
Easier solution would be a 2800 at your parents house then set that up
to allow you to client vpn into it from your house, this works fine
using the inbuilt microsoft client and will save you the expense of one
of the 2800s. Go to draytek.co.uk, there's good how tos there and also a
forum you can join to get additional advice.
simon
|
|
|
|
|