What I am looking for is what do I need to implement a vpn?
I understand the vpn connection works like this
1. Make a vpn connection from the client (remote) to the intended network (host) 2. When connected the vpn router/firewall at the host end redirects browser requests to the address/server specified 3. The server/address specified serves up the response to the browser requests and returns it to the client in the remote location.
The key to this is a vpn router/firewall? What box do I need to handle this? Or am I completely off track here?
You can do it purely in software using something like OpenVPN or Hamachi, but if you using it in a business situation or where multiple people need to be on at the same time you're best going for a hardware solution.
First, a VPN is not something for browser requests only, but it is a tunnel for any traffic.
Windows Servers provide the VPN software for these, but you will need to configure your firewall and router to direct packets to the server. Hamachi is a good alternative and works well for small networks - and don't require any changes on your firewall.
We have a CRM system whcih we want to allow access to by a telemarketing firm to run call sessions from.
Our expectation is 5 users max connecting to a MySQL database over a VPN.
I've never set this up beforee and would like to know where to start, and where are the hooks.
Cheers Bernard
Bernard, is VPN the right way to go? Who suggested it? It can be easy, but you can also suffer performance issues. How much data is each client application going to pull over the VPN? What upstream DSL rates are on both ends? How utilised are those internet links already?
> Bernard, is VPN the right way to go? Who suggested it? Wasn't my suggestion, client interest only
>How much data is each client application going to pull over the VPN?
The application is vTiger which sits on top of a MySql database and runs through IE7 or FireFox. The requirement is to provide access to the database for offsite users who will look at their scheduled calls in a list and then process through each call, updating a call entry screen to complete the call.
For this size and numbers I would just add Free Hamachi to each client, and buy a Premiun license for the server ($35/yr). Join all in a single network and they can all access the server over any network.
I use Hamachi for things such as 15 GB backups every Sunday - from my hosted Geekzone server to my home server, plus about 2 GB traffic every day with updates. You won't have a problem if you use it for your project.
Hamachi is definitely nice and easy to setup, and reliable, but for your circumstances I'm not sure it's the right fit.
If the application runs as a web app anyway, you can just make the web server externally accessible. You may wish to configure your firewall to only allow the HTTP traffic to and from their IP address. It might also be worth hosting the pages via HTTPS, if data confidentiality is a requirement (probably worth doing anyway).
Because the database traffic is only from the web server to the database server (both of which are on your LAN) you'll only need the one port open for HTTP traffic, nothing else. This also means that you retain the security of your network as they won't be able to do anything dodgy like browsing file shares and the like which they would be able to do with a stock VPN solution (although Hamachi has some options to help with this too).
The other benefits are that you are not relying on a third party (Hamachi run master servers that need to be live to be able to login) and the client doesn't have to do any configuration at their end.
Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly
to your computer or smartphone by using a feed reader.
Administrator
Trusted
Geekzone
