Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)What do I need to implement a vpn
bernardgbailey

150 posts

Master Geek
+1 received by user: 9


#24487 25-Jul-2008 15:05
Send private message


Hi Team

What I am looking for is what do I need to implement a vpn?

I understand the vpn connection works like this

1. Make a vpn connection from the client (remote) to the intended network (host)
2. When connected the vpn router/firewall at the host end redirects browser requests to the address/server specified
3. The server/address specified serves up the response to the browser requests and returns it to the client in the remote location.

The key to this is a vpn router/firewall?  What box do I need to handle this?  Or am I completely off track here?

Cheers
Bernard
 




Going with the flow means going down the gurgler with everyone else. Dare to strike out on your own.

Create new topic
xcubed
195 posts

Master Geek
+1 received by user: 17

ID Verified
Lifetime subscriber

  #151311 25-Jul-2008 15:15
Send private message

You can do it purely in software using something like OpenVPN or Hamachi, but if you using it in a business situation or where multiple people need to be on at the same time you're best going for a hardware solution.

What are your requirements?



freitasm
BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41026

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #151314 25-Jul-2008 15:19
Send private message

Exactly what I was going to ask.

First, a VPN is not something for browser requests only, but it is a tunnel for any traffic.

Windows Servers provide the VPN software for these, but you will need to configure your firewall and router to direct packets to the server. Hamachi is a good alternative and works well for small networks - and don't require any changes on your firewall.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

bernardgbailey

150 posts

Master Geek
+1 received by user: 9


  #151316 25-Jul-2008 15:21
Send private message

Hi xcubed,

Thanks for the quick comments.

We have a CRM system whcih we want to allow access to by a telemarketing firm to run call sessions from.

Our expectation is 5 users max connecting to a MySQL database over a VPN.

I've never set this up beforee and would like to know where to start, and where are the hooks.

Cheers
Bernard 




Going with the flow means going down the gurgler with everyone else. Dare to strike out on your own.



tonyhughes
Hawkes Bay
8476 posts

Uber Geek
+1 received by user: 6

Retired Mod
Trusted
Lifetime subscriber

  #151320 25-Jul-2008 15:27
Send private message

bernardgbailey: Hi xcubed,

Thanks for the quick comments.

We have a CRM system whcih we want to allow access to by a telemarketing firm to run call sessions from.

Our expectation is 5 users max connecting to a MySQL database over a VPN.

I've never set this up beforee and would like to know where to start, and where are the hooks.

Cheers
Bernard 

Bernard, is VPN the right way to go? Who suggested it?
It can be easy, but you can also suffer performance issues.
How much data is each client application going to pull over the VPN?
What upstream DSL rates are on both ends?
How utilised are those internet links already?

Too much unanswered at the moment!







bernardgbailey

150 posts

Master Geek
+1 received by user: 9


  #151323 25-Jul-2008 15:38
Send private message

Hi Tony,

Good points, I'll try and answer

> Bernard, is VPN the right way to go? Who suggested it?
Wasn't my suggestion, client interest only

>How much data is each client application going to pull over the VPN?

The application is vTiger which sits on top of a MySql database and runs through IE7 or FireFox.  The requirement is to provide access to the database for offsite users who will look at their scheduled calls in a list and then process through each call, updating a call entry screen to complete the call.   

>What upstream DSL rates are on both ends?
 
256 upstream at the host end.

>How utilised are those internet links already?

Minimum use at this time.

Cheers
Bernard




Going with the flow means going down the gurgler with everyone else. Dare to strike out on your own.

freitasm
BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41026

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

#151328 25-Jul-2008 15:46
Send private message

For this size and numbers I would just add Free Hamachi to each client, and buy a Premiun license for the server ($35/yr). Join all in a single network and they can all access the server over any network.

I use Hamachi for things such as 15 GB backups every Sunday - from my hosted Geekzone server to my home server, plus about 2 GB traffic every day with updates. You won't have a problem if you use it for your project.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

 
 
 
 

Shop now for Lego sets and other gifts (affiliate link).
xcubed
195 posts

Master Geek
+1 received by user: 17

ID Verified
Lifetime subscriber

  #151371 25-Jul-2008 16:54
Send private message

Hamachi is definitely nice and easy to setup, and reliable, but for your circumstances I'm not sure it's the right fit.

If the application runs as a web app anyway, you can just make the web server externally accessible. You may wish to configure your firewall to only allow the HTTP traffic to and from their IP address. It might also be worth hosting the pages via HTTPS, if data confidentiality is a requirement (probably worth doing anyway).

Because the database traffic is only from the web server to the database server (both of which are on your LAN) you'll only need the one port open for HTTP traffic, nothing else. This also means that you retain the security of your network as they won't be able to do anything dodgy like browsing file shares and the like which they would be able to do with a stock VPN solution (although Hamachi has some options to help with this too).

The other benefits are that you are not relying on a third party (Hamachi run master servers that need to be live to be able to login) and the client doesn't have to do any configuration at their end.

ajobbins
5053 posts

Uber Geek
+1 received by user: 1279

Trusted

  #151381 25-Jul-2008 17:44
Send private message

Have a look at SSL Explorer Community Edition

bernardgbailey

150 posts

Master Geek
+1 received by user: 9


  #152277 29-Jul-2008 08:00
Send private message

Hi Mauricio et al,

Thank you for the VPN Server options.

The next thing is the VPN router.  I understand there are VPN pass through routers, but this is for the remote client end.

What thoughts do you have for the host end with a static ip address

Cheers
Bernard




Going with the flow means going down the gurgler with everyone else. Dare to strike out on your own.

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright