Hi, I'm looking for the best solution to my current need that are as follows:
At the office I have pc that is setup as a central file server that everyone stores their work on so that everyone can access the files if need be (mostly word documents). This includes our master templets as well. Now in the office this local setup works great but some of us have now started to develop a need to be able to access the server off site e.g. For home or abroad on work related travelling.
What I do have to my disposal to setup this is an uncapped adsl line (384kps, I know it's slow as hell but at least its uncapped now. Previous cap was 3gb)
My current bypass/method is to simply login on my desktop with remote desktop and take over my pc from where-ever I might be but the problem with this is that it firstly disables the pc at the office make it a dead resource if someone might have wanted to work on it while I was gone. Secondly is rather slow as you are actaully taking oveer the whole system and not just the file you want. Thirdly if you want to print it out the document where you are you will first need to email it to yourself other wise it will print out at the office that isn't always the case you'd want.
So in short I'd like to setup something that would be easy to use for any user requiring this for e.g. The file server is currently just mapped as a drive over the LAN with shortcut to it on everyones desktop. If possible I'd like to be able to have the remote setup similar to this for e.g. Just a icon the user double click that will take them to the server via the internet and loging them in to is.
From what I've been digging around with I think my answer would be to setup a sort of vpn?
Off course the requirment akso is it should be secure and not publicly viewable unless you have login details or something and the user should have read and write privileges on the files/server over the internet link.
And the last two things I need to mention is the the server is running WinXP Pro and the adsl line has a dynamic IP not static so I might need to run something like dyndns on it as well.
So any suggestion as to what I should look at would be appreciated? Preferably free solutions and links or howto's would be welcomed
Many thanks in advance
Remote network/server access
-
captain_twinkie
- DBB Ace
- Posts: 222
- Joined: Sun Mar 07, 2004 3:35 pm
- Location: Orem, Utah
I am a big fan of gbridge, http://www.gbridge.com/ you log in with your google account and then you add your friends onto google talk and then you can setup permissions based on the users and then you can also setup shares or also remote desktop, you can also use the same account and have it logged into multiple locations. I really like it and its free.
Okay I did some more digging into a VPN setup as it seems that it is exactly what I'm looking for.
Setting up the client connection seems pretty straight forward if I understand this page correctly
Client setup
Setting up the server it would seem I have two options available. 1) Server via Windows as set out here or 2) Via the router.
Now I've checked and our office router do support both dynamic DNS and VPN setups so I think I would like to opt to run these two on the router itself, I unfortunately haven't found a site explaining this for our router (Billion 800VGT) yet granted I haven't done an intensive search yet either
But what my logic is telling me is I should do the following.
Setup a Free DynDNS account first at DynDNS.org (just one thing I've noticed now is that if I enter .org in the browser it redirects met to a .com site? The Servers on our router are preset and there isn't a dyndns.com? Will this still work if I leave it at .org even thou the browser is redirected to .com?)
Enter the DynDNS domain name I've got together with the username and password on the router.
Then I need to setup the VPN Server on the Router. Here is where I need some advice I think. First question is which protocol would be best? PPTP, IPSec or L2TP?
Secondly once I go on create a new VPN on either PPTP and L2TP it asks me to choose Remote Access or LAN to LAN? IPSec goes directly to the config page. So which is the one I require RA / LAN-LAN?
On the config page I need to fill in the a lot of details: Taking a stab at the PPTP setup that looks like this:
my gut is telling me the following:
Connection Name, I take I can name this what ever I wish
Type Dial out or Dial in, I'm guessing I should set this to Dial In
Then there is Server IP address (or Domain Name) and Private IP Address Assigned to Dialin user.
Again I'm guessing here but if this is the VPN Server it doesn't make sense to me that I need to enter details here or should I enter the DynDNS domain name at the Server IP and what must I enter at Private IP? Or is this assigned automatically if left blank by the DHCP of the router.
Next is the Username and Password. This I'm guessing is details I can just put in that the client will need to access the VPN as login details?
Auth Type I can leave on Auto
Data Encryption I guess should be enabled as it is on auto by default.
Key length is set default to auto but the other options is 40bit and 128bit? What should I set this too. Then there are mode Stateful/stateless? Again which should I set this too.
Idle timeout is set to 0 minutes, does this mean idle timeout is disabled?
Active as default route I have the option to enable it. Should I leave this unchecked?
The IPSec looks like this
I'm a bit at a loss at to what needs to be entered here if this is the protocol I need to set.
And the L2TP looks like this
The additional settings are IPSec, enable uncheck?
Authentication? None, MD5, SHA1?
Encryption? NULL, DES, 3DES, AES 128, AES 192, AES 256?
Prefect Forward Secrecy? None, MODP 768, MODP 1024, MODP 1536?
Pre-shared key?
The next two I guess I can leave out as it states optional.
Tunnel Auth is unchecked? Leave as is
Secret? What should be entered here?
If either one of the above protocols are setup then the VPN Server should be set.
On the client I then just setup a VPN connection in Windows and instead of entering a IP during the setup I enter the DynDNS domain name.
When asked for the username and password I then enter the username and password as I've entered on the router setting up the VPN?
And that should be it right?
[EDIT]
Okay I've got hold of the router manual and the stuff makes more sense not as to what needs to be entered where. So far I've managed to get the link up but I cant see the file server as there is no network access but I think that is because my home routers internal ips (192.168.x.x) are on a different range than the office (10.0.x.x) and from what I gather they should be on the same range but just a different subnet? The manuals e.g. Shows if the server/client is 10.0.0.100 the client/server should be set to be assigned 10.0.1.0 or something like that but for some reason I cant change my routers ip range to the 10.x.x.x so I'll need to try and change the office ips.
This just brings me to a question as either I'm not understanding the manual or it's not clear but should the actaul ips of the one network be on 10.0.1.x or should the vpn server just assign it to the client that is on the same 10.0.0.x?
And one more thing how many remote pcs from different locations e.g. My house and the bosses house can I link via the vpn at once, just one or both of them at the same time?
(Think I found the answer. I just need to setup a VPN access point for each user that will require remote access on the router right?)
So if I have the office as the server and my house and the boss as clients then the office needs to be running for eg. an ip range of 10.0.0.X and my house should be on 10.0.1.X and my boss on 10.0.2.X or should it be 10.0.1.1X?
Thanks
Setting up the client connection seems pretty straight forward if I understand this page correctly
Client setupSetting up the server it would seem I have two options available. 1) Server via Windows as set out here or 2) Via the router.
Now I've checked and our office router do support both dynamic DNS and VPN setups so I think I would like to opt to run these two on the router itself, I unfortunately haven't found a site explaining this for our router (Billion 800VGT) yet granted I haven't done an intensive search yet either
But what my logic is telling me is I should do the following.
Setup a Free DynDNS account first at DynDNS.org (just one thing I've noticed now is that if I enter .org in the browser it redirects met to a .com site? The Servers on our router are preset and there isn't a dyndns.com? Will this still work if I leave it at .org even thou the browser is redirected to .com?)
Enter the DynDNS domain name I've got together with the username and password on the router.
Then I need to setup the VPN Server on the Router. Here is where I need some advice I think. First question is which protocol would be best? PPTP, IPSec or L2TP?
Secondly once I go on create a new VPN on either PPTP and L2TP it asks me to choose Remote Access or LAN to LAN? IPSec goes directly to the config page. So which is the one I require RA / LAN-LAN?
On the config page I need to fill in the a lot of details: Taking a stab at the PPTP setup that looks like this:
my gut is telling me the following:
Connection Name, I take I can name this what ever I wish
Type Dial out or Dial in, I'm guessing I should set this to Dial In
Then there is Server IP address (or Domain Name) and Private IP Address Assigned to Dialin user.
Again I'm guessing here but if this is the VPN Server it doesn't make sense to me that I need to enter details here or should I enter the DynDNS domain name at the Server IP and what must I enter at Private IP? Or is this assigned automatically if left blank by the DHCP of the router.
Next is the Username and Password. This I'm guessing is details I can just put in that the client will need to access the VPN as login details?
Auth Type I can leave on Auto
Data Encryption I guess should be enabled as it is on auto by default.
Key length is set default to auto but the other options is 40bit and 128bit? What should I set this too. Then there are mode Stateful/stateless? Again which should I set this too.
Idle timeout is set to 0 minutes, does this mean idle timeout is disabled?
Active as default route I have the option to enable it. Should I leave this unchecked?
The IPSec looks like this
I'm a bit at a loss at to what needs to be entered here if this is the protocol I need to set.
And the L2TP looks like this
The additional settings are IPSec, enable uncheck?
Authentication? None, MD5, SHA1?
Encryption? NULL, DES, 3DES, AES 128, AES 192, AES 256?
Prefect Forward Secrecy? None, MODP 768, MODP 1024, MODP 1536?
Pre-shared key?
The next two I guess I can leave out as it states optional.
Tunnel Auth is unchecked? Leave as is
Secret? What should be entered here?
If either one of the above protocols are setup then the VPN Server should be set.
On the client I then just setup a VPN connection in Windows and instead of entering a IP during the setup I enter the DynDNS domain name.
When asked for the username and password I then enter the username and password as I've entered on the router setting up the VPN?
And that should be it right?
[EDIT]
Okay I've got hold of the router manual and the stuff makes more sense not as to what needs to be entered where. So far I've managed to get the link up but I cant see the file server as there is no network access but I think that is because my home routers internal ips (192.168.x.x) are on a different range than the office (10.0.x.x) and from what I gather they should be on the same range but just a different subnet? The manuals e.g. Shows if the server/client is 10.0.0.100 the client/server should be set to be assigned 10.0.1.0 or something like that but for some reason I cant change my routers ip range to the 10.x.x.x so I'll need to try and change the office ips.
This just brings me to a question as either I'm not understanding the manual or it's not clear but should the actaul ips of the one network be on 10.0.1.x or should the vpn server just assign it to the client that is on the same 10.0.0.x?
And one more thing how many remote pcs from different locations e.g. My house and the bosses house can I link via the vpn at once, just one or both of them at the same time?
(Think I found the answer. I just need to setup a VPN access point for each user that will require remote access on the router right?)
So if I have the office as the server and my house and the boss as clients then the office needs to be running for eg. an ip range of 10.0.0.X and my house should be on 10.0.1.X and my boss on 10.0.2.X or should it be 10.0.1.1X?
Thanks