1. Home
  2. Electronics Design
  3. VPN setup suggestions?
  4. Page 2

VPN setup suggestions?

This works if you only have one destination in mind, but I have 4 or so boxes on the LAN that all run sshd--the fancy simulation box, two hacked Linksys NSLU2 NAS devices, and a desktop machine. That means that I either have to put all but one on nonstandard ports, which makes life complicated, or else have a router that supports port translation so that they can talk to different ports on the WAN connection. (Or use a server as linnix suggested, and have it be an ssh proxy along with its other jobs.) The same applies to running rsync on all these boxes.

I'm well outside my comfort zone here, because network configuration can be a real time sink even for folks that are good at it.

Thanks

Phil Hobbs

--
Dr Philip C D Hobbs
Principal
ElectroOptical Innovations
55 Orchard Rd
Briarcliff Manor NY 10510
845-480-2058

email: hobbs (atsign) electrooptical (period) net
http://electrooptical.net
Reply to
Phil Hobbs
Loading thread data ...

do have

multiple

You can also use rsync over ssh:

formatting link 

--
Failure does not prove something is impossible, failure simply
indicates you are not using the right tools...
nico@nctdevpuntnl (punt=.)
--------------------------------------------------------------
Reply to
Nico Coesel

You should be able to set up a VPN with the list of stuff you provided. You need to get the VPN software clients from the cisco site for your endpoints. (or some VPN routers). DSL modem in bridge mode, easy. And as someone else pointed out, Tight VNC into the linux desktop.

You'll have complete access to all the boxes on the network.

I have a VOIP phone in CT that connects to Bohemia, Via a vpn with Dyndns. Works like a champ.

Cheers

Reply to
Martin Riddle

At one customer they tried the Cisco VPN with some success. They dumped it for Juniper with no real success and finally went with OpenVPN. OpenVPN has worked flawlessly for us for almost a year now.

Take a simple low end PC and put 2 nic cards in it. One will be your psuedo WAN connection and the other your LAN connection. I say psuedo WAN because you will connect to the firewall. Connect the WAN to your firewall and setup the firewall to port forward the openvpn UDP traffic.

On the PC setup openvpn to export the LAN network to the client. You can get OpenVPN clients for Linux, Windows and Mac.

formatting link

Most of the modern Linux distros have a GUI for OpenVPN.

--
Joe Chisolm
Marble Falls, Tx.
Reply to
Joe Chisolm

Thanks. Part of the point of the exercise is to save me time, though, which is in very short supply just now.

Cheers

Phil Hobbs

--
Dr Philip C D Hobbs
Principal
ElectroOptical Innovations
55 Orchard Rd
Briarcliff Manor NY 10510
845-480-2058

email: hobbs (atsign) electrooptical (period) net
http://electrooptical.net
Reply to
Phil Hobbs

Be aware that a VPN has some serious drawbacks. For starters you can't use broadcasts over a VPN connection and I doubt Windows filesharing works because of that. Another problem is that name resolving won't work because your computer will use the first nameserver (there is no hierarchy when it comes to nameservers).

A router with port translation is the easiest solution. Almost every 'simple' router supports it and lots of people know how to set it up. I'm using a similar setup to isolate many embedded Linux boxes from the customer's network.

--
Failure does not prove something is impossible, failure simply
indicates you are not using the right tools...
nico@nctdevpuntnl (punt=.)
--------------------------------------------------------------
Reply to
Nico Coesel

at

k
a

Not true for all VPN setups. You can at least route a subnet broadcast.

The whole point of VPN is for SMB sharings.

Same problem as local net.

Reply to
linnix

Once you get a linux distro setup on a spare (junk) pc with a couple of nic cards you can do the entire OpenVPN setup in maybe an hour or 2. Even a 10 year old PC running linux will keep up what what you can push through a ADSL line.

The hard part is doing your network planning. If you do not need outside access to the systems *except* thru VPN then it gets easier. With the vpn you have full access to the internal net and can even push dhcp options to the client to force your client to use the internal DNS. We do not do this and I just have internal systems put into my /etc/hosts file. Makes life a little easier since we dont send all DNS traffic through the VPN. The IP addresses on our internal systems dont change unless there is a major network change. I only have a half dozen systems to worry about anyway.

I looked back at my old emails and the problem we had was with the Cisco VPN client. It may work fine now as this was a couple of years back. If it's only you and a couple other folks using the VPN then configuring the router should be easy. Just double check and make sure what ever client you need will work with the OS you have on the client PC.

If you want to go the OpenVPN route send me a PM and I'll dig around and see if I can find some of the scripts we used.

PM is jchisolm6 at earthlink dot net

--
Joe Chisolm
Marble Falls, Tx.
Reply to
Joe Chisolm

I've seen problems with the Cisco VPN client. If the Client has 2 nics, it will block one of the nics. Some security 'feature', and did not work out for that user.

Cheers

Reply to
Martin Riddle

=20

=20

=20

avoid?

it.

I am trying to setup such with a Linksys/Cisco WRVS4400N VPN router which is linux based. I figure if i can get to the source i can get any linux box to talk to it.

Reply to
josephkk

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.