PDA

View Full Version : VPN Servers



Brijaws
02-27-2005, 09:06 AM
Can anyone point me in the right dirrection on setting up a very simple VPN server on my Office Server (which is running WIN2K Server).

Do i really need hardware? Or can i just creat a new connection "Accept Incomming VPN Requets"??

vette84
02-27-2005, 12:21 PM
If you have a router or firewall at your office, you have to allow VPN passthrough to be able to get to your server. Every manufacturer has their own way to set it up. If you really want to get a VPN going, the quick and easy way I do it is to get a Netgear FVS318. Can be had for around $100, and the VPN is easy to setup and works well with a low number of clients. Always try to use a hardware solution before a software solution, you'll have more hair when you're done.

vette84
02-27-2005, 12:30 PM
Oh yeah, I forgot. Make sure your internet service has a static IP, or at least one that doesn't change often (like every 6 months), or you will have a REAL fun time keeping it working.

Anonymous
02-27-2005, 02:11 PM
Do i need to also buy there CLient Software in additon to the Router?

Brijaws
02-27-2005, 04:39 PM
Okay, iv installed the Router you described - now how do i set it up?

vette84
02-28-2005, 11:43 AM
This Netgear article pretty much walks you through the setup

http://kbserver.netgear.com/inquira/default.asp?ui_mode=answer&prior_transaction_id=87429&action_code=5&highlight_info=16778146,14,27&turl=http%3A%2F%2Fkbserver.netgear.com%2Fkb_web_fi les%2Fn101436.asp&answer_id=9755770#__highlight

If you need specific help, let me know. Email me and I could possibly help you over the phone.

Make sure that the Internet IP address on the basic settings page is set to "use static IP address" and you have your internet IP address (along with the subnet mask and gateway) in the box.

As to the client software. I personally have never tried the built in Windows VPN client. I mainly use these to connect two networks together (fvs on both ends). Whenever I have had to setup a client machine, I've always used the netgear client (again, ease of setup). I'll try connecting with the MS client to see where I get.

Brijaws
02-28-2005, 09:06 PM
Can you email me a copy of the client software? I cant seem to get all the availble setting without it.

Brijaws
03-01-2005, 09:06 PM
Okay, i got it to connect, but its not what i thought it would be. I do not see any of the devices on the network. What am i doing wrong?

Im connecting to the NETGEAR with the client software. I have the little KEY in the corner and says im connected when i view the router VPN status.

However, if you read the help files it has me set up a 192.168.100.1 address for my remote sec number. Is this basicly like my IP on my office network? Do i need to configure my server to be in that node? Im really confussed here. Im like ALLLLMMMOOOOSSST there but not quite.

vette84
03-01-2005, 10:40 PM
It consumes resources and is less secure to use netbios over a vpn, so connecting with ip addresses is the best way. You will not have "my network places" like functionallity.
To get your shared resources, like on your server, you need to use the ip address of your server.
At your server, click on "start" then "run", then type in "cmd" without the quotes.
At the prompt, type "ipconfig" (without quotes), and make note of the ip address.
On your client (remote) machine, click "start", then "run", then type in "\\<ip of server>" (without quotes). For example,

\\192.168.1.10

hit enter, and you will be shown a window with all the shares on your server. Double click to open any of them, or right click, then "map network drive" to assign a drive letter.
You can access any of your other machines on the network in the same manner.

Let me know if you need any more help

Brijaws
03-02-2005, 06:54 AM
Okay, i get the little Key in the connection box, and it says my connection is valid.

when i type in the run box \\192.168.1.113 (which is my remote server addy) i get address cannot be found.

In the Client Setup, there is "Internal Network IP address" which is 192.168.100.1 - is this correct for my network that is set to 192.168.1.1? It says it is wrong or cant be in the same subnet as the router if i try changing it.

Also, when im make the RUN request - im not getting a SEND bar on the VPN ICON as if its not do anything remotely.

vette84
03-02-2005, 02:06 PM
First, lets try something.

Make the VPN connection, then start, run, cmd
type ping 192.168.0.1
then ping 192.168.1.1

If you get a response on the first one, your router is setup incorrectly - see below
If you get a response on the second one, type ping 192.168.1.113
If you get a response, try running \\192.168.1.113




Check the IP address of your router and your server. Make sure they are on the same subnet.

If the server is 192.168.1.113, then the router should be 192.168.1.1 (for example) This is on the LAN IP setup in the router

Make sure that in step 2d, you enter the LAN ip address that is on the same subnet of the server, in your case 192.168.1.1 , with subnet mask of 255.255.255.0

Brijaws
03-02-2005, 08:26 PM
When i ping 192.168.1.113 i get no responce. However, when i ping 192.168.100.1 i get a respose. Im thinking that its putting me in the XXX.XXX.100.XXX node.

It connects fine. I just dont know what the steps im missing are. Remeber - im going from my home which is behind a LINKSYS BESFR which sits on a 192.168.1.1 IP addy itself.

HOME PC - 192.168.1.130
HOME GATEWAY - 192.168.1.1 (linksys router)

WORK SERVER - 192.168.1.113
WORK GATEWAY - 192.168.1.1 (Netgear)

HELP ????

vette84
03-02-2005, 08:42 PM
There's the problem. The local and remote networks can't be on the same subnet (in this case 192.168.1.x) Try reconfiguring your home router to 192.168.0.1 and make sure you change the DHCP settings as well (so your home PC will have a 192.168.0.x IP)
Then retry the VPN and it will most likely work

Anonymous
03-02-2005, 08:59 PM
That was it.

Now im just having a problem connected to my D-tools database. It finds the file and copys it over, but says somthing about the SQL server and permissions, ect...

vette84
03-02-2005, 09:55 PM
I am not familiar with D-tools and how it is setup, but I would guess that D-tools uses the server name as the SQL source, therefore it can't find the SQl server.
Click on start, run, then type in odbccp32.cpl
Look under the system DSN tab (might be under the user DSN)
look for a source that might be for d-tools, I have no clue to the name, but it will say "SQL Server" under the driver column.
Click on the line, then click configure.
In the server name box, it will probably say your server name. Make a note and change it to the server's ip address. Click next until you get to the screen that says "test data source" at the bottom. Click that button and make sure it says tests completed successfully. If it does, great, OK out of everything and open d-tools to check it. If it does not test successfully, cancel out and use the d-tools support that you pay dearly for to see if they recommend a way to accomplish this

vette84
03-02-2005, 09:59 PM
By the way, if changing the name to an ip address is allowed, d-tools will still work when you are connected to your work LAN, too.