Teach me about VPN - Want to connect to work from home

[Desmo]

Got a Netgear DG834 router at work which supports VPN connections and I'll be connecting from Ubuntu at home to OS X at work.

I know what a VPN is, but never set one up before. Do I need to use software on the Mac or does the router take care of the connection totally? Once it's set up, I assume any drives connected to the Mac will just show as network drives on my laptop at home?

[leowyatt]

Well from my understanding you need to setup a VPN connection from work to home, the routers will take care of that and then just log on. It's what we do at our outer offices, but I may be missing some steps

[Mark]

The DG834 supports VPN passthrough (as almost all routers do). VPN termination, however, is less common. It does appear that you may be in luck though as it seems that the DG834G with recent firmware will support VPN termination.

If not, then the alternative is to have a computer behind the router handle the termination. I don't know if OS X Server will do that (probably).

[Desmo]

So I need some kind of software on the remote machine, like a VPN server?

[Mark]

Yes, assuming you can't get the router to do that job.

I have very limited experience with the DG834, sadly, and since I can use my router for VPN termination, I don't have much experience with doing that in software either.

[Matblack]

I'm sure you can do this with a couple of little programs and knowing the IP of your target machine, as this changes I think there is a way of getting the IP to broadcast to somewhere private just in case it does change when you want to log in. I did set it up but never used it anywhere apart from over my LAN and wasn't really using it so took it off in the end.

MB

[Burble]

First thing to check, what IP ranges are in use at home and work? If they're the same (say 192.168.0.0 for example) then you can easily run into problems. If they're different then that's good!

I've never tried using a DG834 as an endpoint for a VPN client (though I have done it for a DG834G - DG834G VPN) but Netgear do a VPN client but last time I looked it was Windows only and also a product you had to buy.

A quick search tells me that shrew is the software package you need for Ubuntu. I've never used it so can't really help but there seems to be plenty of stuff on the net about it interacting with the DG834.

[Desmo]

Cheers guys, given me a few pointers to look at

Burble, they are running on the same IP range at the moment but that's easy enough to change. I've on got the one 834 and that's at the work end. Using O2's router at home.

I'll do a bit more digging about

[Daz]

fwiw, even Windows XP can receive/terminate a VPN endpoint - not just be a client, though it can do that as well. If you can get a router to do it (I dont think the DG834 can fwtw) that's generally better, as it'll probably be more secure (and by that I mean, not be running Windows and be less of a target for exploits), and cheaper to leave running 24/7 than a PC. If you can pick up a Draytek 28xx series router at a reasonable cost, then they work well, work with the built-in vpn client on Windows (so you can use someone elses machine to pop into work if you need to), and ubuntu has a pptp client which works also well (network-manager-pptp).

I do the reverse, my 24/7 server in the garage lets me vpn back home from work (or anywhere else), and for that I leverage Poptop, which is an open source pptp server, for the reasons above

[edit]Oh, and definitely change one of your IP ranges - pick something random in the 10.0.0.0 range, less chance of someone else having it as well

[Burble]

I should setup my home bound VPN again - there have been a few times this week when I've needed it but the PSU on my PIX went pop a couple of months back and I've not got around to finding a replacement.