Results 1 to 11 of 11

Thread: VPN over ADSL

  1. #1
    Throbbing Member
    Join Date
    Aug 2004
    Location
    Scotlandshire
    Posts
    640
    Thanks
    15
    Thanked
    9 times in 8 posts
    • 8bit's system
      • Motherboard:
      • MSI Z170A-G43 PLUS
      • CPU:
      • Intel i7-6700K
      • Memory:
      • 2x Kingston HyperX Fury Black (8GB)
      • Storage:
      • 1x Crucial MX100 512GB, 1x Western Digital Caviar Black 1TB (WD1001FALS)
      • Graphics card(s):
      • Sapphire AMD R9 390 Nitro
      • PSU:
      • Corsair RM650x
      • Case:
      • Corsair Carbide Air 540
      • Operating System:
      • Windows 10 Home
      • Monitor(s):
      • LG 29UM67 29", 21:9, 2560x1080
      • Internet:
      • PlusNet Fibre

    VPN over ADSL

    Hi folks,

    I have a homer on at the moment which requires me to set up a VPN between 3 sites. One of these is a central site and the other 2 should be able to connect to that central site on demand.

    I've done a good bit of networking stuff but never any VPN stuff before so...

    I've been recommended the Draytek 2600i router since that acts as a VPN "endpoint" (pls correct my terminology where required!). The dude that's selling these things tells me i need one at each site, but I have a VPN software client app I use for my work that lets me get a VPN to the sonicwall firewalls in the office, could I use a free VPN client app to connect the other 2 sites and avoid having my client shell out for 3 routers instead of just 1?

    Also, I've never used Draytek kit before, have used Linksys, D-Link (personal favourite) and NetGear. Is the Draytek stuff any good? Anyone recommend a better alternative?

    Cheers
    8bit
    "shiro" - Windows 11 Home x64 :: Intel i5-12600K :: Corsair H115i :: MSI Z690-A Pro :: 2x 16GB Kingston HyperX DDR5 :: NVidia 4070 Super FE :: Corsair Force MP600 (1TB) :: WD Caviar Black (2TB) :: WD Caviar Green (2TB) :: Corsair Carbide Air 540 (white) :: LG 32QK500 2560x1440 :: Razer Pro Click :: Cherry KC6000 Slim ::

  2. #2
    Will work for beer... nichomach's Avatar
    Join Date
    Jul 2003
    Location
    Preston, Lancs
    Posts
    6,137
    Thanks
    564
    Thanked
    139 times in 100 posts
    • nichomach's system
      • Motherboard:
      • Gigabyte GA-870A-UD3
      • CPU:
      • AMD Phenom II X6 1055T 95W
      • Memory:
      • 16GB DR3
      • Storage:
      • 1x250GB Maxtor SATAII, 1x 400GB Hitachi SATAII
      • Graphics card(s):
      • Zotac GTX 1060 3GB
      • PSU:
      • Coolermaster 500W
      • Case:
      • Coolermaster Elite 430
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Dell 20" TFT
      • Internet:
      • Virgin Media Cable
    I'd be using three routers, myself. I have similar setups with multiple little routers doing gateway-to-gateway IPSec VPNs to enable connection to our head office from building sites. VPN endpoint is fine as far as terminology goes. Basically, the three-router solution is a good one if you have three fixed locations to connect; saves a shedload of admin hassle, and routers are cheap. You could try using the XP VPN client of you want, but unless your client wants VPN access on the move as well, I wouldn't. If he wants that as well, you should be able to use L2TP/IPSec with the Drayteks. I've not heard anything bad about Draytek. It'd help if your central site had a static IP address, but the other two shouldn't have to unless you want to initiate connections on demand from either end, or you want to provide remote access to those sites. Having a gander at Draytek's site, the 2600i looks to have a good feature set (as does its wireless cousing the 2600Gi). I notice they have RADIUS support as well, which could be handy if your client has a Win2000 (or later) server kicking around his network.
    Last edited by nichomach; 31-03-2005 at 01:54 PM.

  3. #3
    Throbbing Member
    Join Date
    Aug 2004
    Location
    Scotlandshire
    Posts
    640
    Thanks
    15
    Thanked
    9 times in 8 posts
    • 8bit's system
      • Motherboard:
      • MSI Z170A-G43 PLUS
      • CPU:
      • Intel i7-6700K
      • Memory:
      • 2x Kingston HyperX Fury Black (8GB)
      • Storage:
      • 1x Crucial MX100 512GB, 1x Western Digital Caviar Black 1TB (WD1001FALS)
      • Graphics card(s):
      • Sapphire AMD R9 390 Nitro
      • PSU:
      • Corsair RM650x
      • Case:
      • Corsair Carbide Air 540
      • Operating System:
      • Windows 10 Home
      • Monitor(s):
      • LG 29UM67 29", 21:9, 2560x1080
      • Internet:
      • PlusNet Fibre
    thx nichomach,

    All three have broadband already and have routers etc. which support VPN pass-thru. You mentioned that using the three VPN routers (as opposed to one at the central site and the other two using a software client) would be less admin hassle, how so?

    Basically the link is purely to allow remote access to their case management software which will run on the machine at the main site, that's where I planned on installing the Draytek or similar. Also, there is no requirement for either of the other sites to communicate with each other, only the central site.

    Obviously I'd be getting a static address for that site. Given the VPN is only required for this one application and the fact that I've had to visit each of the three persons concerned to sort out virus and spyware problems, surely having a software client that they had to deliberately connect and disconnect when required, surely the more secure option is to use software clients?
    "shiro" - Windows 11 Home x64 :: Intel i5-12600K :: Corsair H115i :: MSI Z690-A Pro :: 2x 16GB Kingston HyperX DDR5 :: NVidia 4070 Super FE :: Corsair Force MP600 (1TB) :: WD Caviar Black (2TB) :: WD Caviar Green (2TB) :: Corsair Carbide Air 540 (white) :: LG 32QK500 2560x1440 :: Razer Pro Click :: Cherry KC6000 Slim ::

  4. #4
    Will work for beer... nichomach's Avatar
    Join Date
    Jul 2003
    Location
    Preston, Lancs
    Posts
    6,137
    Thanks
    564
    Thanked
    139 times in 100 posts
    • nichomach's system
      • Motherboard:
      • Gigabyte GA-870A-UD3
      • CPU:
      • AMD Phenom II X6 1055T 95W
      • Memory:
      • 16GB DR3
      • Storage:
      • 1x250GB Maxtor SATAII, 1x 400GB Hitachi SATAII
      • Graphics card(s):
      • Zotac GTX 1060 3GB
      • PSU:
      • Coolermaster 500W
      • Case:
      • Coolermaster Elite 430
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Dell 20" TFT
      • Internet:
      • Virgin Media Cable
    OK, fair enough; if its only 3 people, then a client-based VPN solution could work. I didn't realise that there were routers already onsite. I find gateway-to-gateway to be less hassle usually for fixed sites if only because I don't then have to go around configuring each machine individually, and if a user changes machines I don't have top go through the process again. There's no security advantage to using a software VPN client except in the sense that they'd need to input a username and password. Once they'd done that, however, their machines would be on the central site's network, so if malware is on their machines it'll spread anyway. Do the existing routers not support functioning as endpoints for VPNs?

  5. #5
    Throbbing Member
    Join Date
    Aug 2004
    Location
    Scotlandshire
    Posts
    640
    Thanks
    15
    Thanked
    9 times in 8 posts
    • 8bit's system
      • Motherboard:
      • MSI Z170A-G43 PLUS
      • CPU:
      • Intel i7-6700K
      • Memory:
      • 2x Kingston HyperX Fury Black (8GB)
      • Storage:
      • 1x Crucial MX100 512GB, 1x Western Digital Caviar Black 1TB (WD1001FALS)
      • Graphics card(s):
      • Sapphire AMD R9 390 Nitro
      • PSU:
      • Corsair RM650x
      • Case:
      • Corsair Carbide Air 540
      • Operating System:
      • Windows 10 Home
      • Monitor(s):
      • LG 29UM67 29", 21:9, 2560x1080
      • Internet:
      • PlusNet Fibre
    Hi again,

    Yes there will be one person at each site only. The existing routers do not function as endpoints, only have VPN pass-thru option (like mine, a D-Link DSL-504) which can be enabled or disabled in the admin GUI.

    It's highly unlikely any of the users will be changing machines even semi-regularly, although one of the users may have to purchase a Wintel machine as he presently uses a Mac - I'm investigating whether or not he could use the Mac Remote Desktop client for accessing the application, but that's another story.

    And yes I realise the malware thing will still have the potential to spread using a software to hardware setup but if the software client must be started and stopped on demand then the VPN isn't up permenantly so hopefully they'll spot the problem while they're not connected and will follow my instructions to not use the VPN client and call me first!

    As for the Drayteks, is this what you've used in the past and/or can you recommend an alternative unit?
    "shiro" - Windows 11 Home x64 :: Intel i5-12600K :: Corsair H115i :: MSI Z690-A Pro :: 2x 16GB Kingston HyperX DDR5 :: NVidia 4070 Super FE :: Corsair Force MP600 (1TB) :: WD Caviar Black (2TB) :: WD Caviar Green (2TB) :: Corsair Carbide Air 540 (white) :: LG 32QK500 2560x1440 :: Razer Pro Click :: Cherry KC6000 Slim ::

  6. #6
    Will work for beer... nichomach's Avatar
    Join Date
    Jul 2003
    Location
    Preston, Lancs
    Posts
    6,137
    Thanks
    564
    Thanked
    139 times in 100 posts
    • nichomach's system
      • Motherboard:
      • Gigabyte GA-870A-UD3
      • CPU:
      • AMD Phenom II X6 1055T 95W
      • Memory:
      • 16GB DR3
      • Storage:
      • 1x250GB Maxtor SATAII, 1x 400GB Hitachi SATAII
      • Graphics card(s):
      • Zotac GTX 1060 3GB
      • PSU:
      • Coolermaster 500W
      • Case:
      • Coolermaster Elite 430
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Dell 20" TFT
      • Internet:
      • Virgin Media Cable
    Well, I've actually mostly used 3Com units for the stuff we do here - specifically the Officeconnect VPN firewall, and that requires an external modem. As I say, the Drayteks look pretty good, and I haven't heard anything bad about them.

  7. #7
    Senior Member
    Join Date
    Jan 2004
    Location
    Leicestershire
    Posts
    1,212
    Thanks
    7
    Thanked
    31 times in 30 posts
    • madman045's system
      • Motherboard:
      • P9X79 Pro
      • CPU:
      • I7-3820
      • Memory:
      • 32GB
      • Storage:
      • Not enough!
      • Graphics card(s):
      • HD7970
      • PSU:
      • 850w Corsair
      • Case:
      • Corsair Carbide 300R
      • Operating System:
      • Win 7 Ultimate X64
      • Monitor(s):
      • Dell U2713HM & 2007WFP
      • Internet:
      • Plusnet FTTC - 30mbit/7mbit
    We use Drayteks for all our customer broadband installs, one client has three sites linked via vpn using the 2600I Plus.

    Easy to set up, all sites have a static ip & can see all the other pc's on the network.

    Even looking at setting up a domain across the VPN, but this is only a possibility.

  8. #8
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,665
    Thanks
    53
    Thanked
    384 times in 313 posts
    another vote for the drayteks - the 2600plus is about £100 - its 100 well spent imo.

    http://www.broadbandbuyer.co.uk/Shop...&ProductID=963

    If its a big hard core WAN then I'd use somethign like a watchguard , but for small stuff the drayteks are just fine.
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  9. #9
    Throbbing Member
    Join Date
    Aug 2004
    Location
    Scotlandshire
    Posts
    640
    Thanks
    15
    Thanked
    9 times in 8 posts
    • 8bit's system
      • Motherboard:
      • MSI Z170A-G43 PLUS
      • CPU:
      • Intel i7-6700K
      • Memory:
      • 2x Kingston HyperX Fury Black (8GB)
      • Storage:
      • 1x Crucial MX100 512GB, 1x Western Digital Caviar Black 1TB (WD1001FALS)
      • Graphics card(s):
      • Sapphire AMD R9 390 Nitro
      • PSU:
      • Corsair RM650x
      • Case:
      • Corsair Carbide Air 540
      • Operating System:
      • Windows 10 Home
      • Monitor(s):
      • LG 29UM67 29", 21:9, 2560x1080
      • Internet:
      • PlusNet Fibre
    Quote Originally Posted by madman045
    We use Drayteks for all our customer broadband installs, one client has three sites linked via vpn using the 2600I Plus.

    Easy to set up, all sites have a static ip & can see all the other pc's on the network.

    Even looking at setting up a domain across the VPN, but this is only a possibility.
    Madman, at work we have sites in Aberdeen (head office where I work), Slough, Perth (Australia) and Kuala Lumpur in Malaysia. The domain is W2K Active Dir, the top level domain is in Aberdeen with a sub-domain in each of the three other sites. OK we're not using Drayteks on DSL connections, the VPN stuff is handled by the Sonicwall VPN/DMZ firewalls through Cisco routers in each site using fibre connections all with the same global teir 1 ISP to keep the speeds up as much as possible. (4Mb/s in Aberdeen, 2 in Slough and 1 in each of the others). But basically that's pretty much what we do.

    Thanks all I'll get hold of at least one Draytek to kick off with and see how we get on with a software VPN client as my client needs to keep his costs down as much as possible initially (new business).

    Cheers again
    8bit
    "shiro" - Windows 11 Home x64 :: Intel i5-12600K :: Corsair H115i :: MSI Z690-A Pro :: 2x 16GB Kingston HyperX DDR5 :: NVidia 4070 Super FE :: Corsair Force MP600 (1TB) :: WD Caviar Black (2TB) :: WD Caviar Green (2TB) :: Corsair Carbide Air 540 (white) :: LG 32QK500 2560x1440 :: Razer Pro Click :: Cherry KC6000 Slim ::

  10. #10
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,665
    Thanks
    53
    Thanked
    384 times in 313 posts
    A safenet client licence ( the sonic wall IPSec end point software )is suprisingly expensive
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  11. #11
    Throbbing Member
    Join Date
    Aug 2004
    Location
    Scotlandshire
    Posts
    640
    Thanks
    15
    Thanked
    9 times in 8 posts
    • 8bit's system
      • Motherboard:
      • MSI Z170A-G43 PLUS
      • CPU:
      • Intel i7-6700K
      • Memory:
      • 2x Kingston HyperX Fury Black (8GB)
      • Storage:
      • 1x Crucial MX100 512GB, 1x Western Digital Caviar Black 1TB (WD1001FALS)
      • Graphics card(s):
      • Sapphire AMD R9 390 Nitro
      • PSU:
      • Corsair RM650x
      • Case:
      • Corsair Carbide Air 540
      • Operating System:
      • Windows 10 Home
      • Monitor(s):
      • LG 29UM67 29", 21:9, 2560x1080
      • Internet:
      • PlusNet Fibre
    k guys thx so far...

    got the central site all set up and am about to go round and configure the other sites to connect in. I was going to use the stanard Windows stuff to connect to the VPN from the windows side, was wondering if anyone knows a free or cheap VPN client for OS X? This is a slight cross post as i have asked the same question in the applejuice forum but thought if any of you guys know of one but dont check the applejuice forums...


    cheers
    8
    "shiro" - Windows 11 Home x64 :: Intel i5-12600K :: Corsair H115i :: MSI Z690-A Pro :: 2x 16GB Kingston HyperX DDR5 :: NVidia 4070 Super FE :: Corsair Force MP600 (1TB) :: WD Caviar Black (2TB) :: WD Caviar Green (2TB) :: Corsair Carbide Air 540 (white) :: LG 32QK500 2560x1440 :: Razer Pro Click :: Cherry KC6000 Slim ::

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. ADSL modem router & VPN Questions
    By rc55 in forum Networking and Broadband
    Replies: 0
    Last Post: 05-10-2004, 04:26 PM
  2. Netgear DG834 NEW V.2 ADSL
    By shamus21 in forum Networking and Broadband
    Replies: 1
    Last Post: 02-09-2004, 11:09 PM
  3. VPN features
    By comtree in forum Networking and Broadband
    Replies: 3
    Last Post: 07-01-2004, 04:35 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •