Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)What do I need to implement a vpn


150 posts

Master Geek
+1 received by user: 9


Topic # 24487 25-Jul-2008 15:05
Send private message


Hi Team

What I am looking for is what do I need to implement a vpn?

I understand the vpn connection works like this

1. Make a vpn connection from the client (remote) to the intended network (host)
2. When connected the vpn router/firewall at the host end redirects browser requests to the address/server specified
3. The server/address specified serves up the response to the browser requests and returns it to the client in the remote location.

The key to this is a vpn router/firewall?  What box do I need to handle this?  Or am I completely off track here?

Cheers
Bernard
 

Create new topic
170 posts

Master Geek
+1 received by user: 8


  Reply # 151311 25-Jul-2008 15:15
Send private message

You can do it purely in software using something like OpenVPN or Hamachi, but if you using it in a business situation or where multiple people need to be on at the same time you're best going for a hardware solution.

What are your requirements?

BDFL - Memuneh
62040 posts

Uber Geek
+1 received by user: 12655

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 151314 25-Jul-2008 15:19
Send private message

Exactly what I was going to ask.

First, a VPN is not something for browser requests only, but it is a tunnel for any traffic.

Windows Servers provide the VPN software for these, but you will need to configure your firewall and router to direct packets to the server. Hamachi is a good alternative and works well for small networks - and don't require any changes on your firewall.




Backblaze cloud backup (personal and business) | Geekzone broadband switch | Amazon (Geekzone aff) | MightyApe (Geekzone aff)

 

My technology disclosure | Business Transformation | Enterprise Content Management | Customer Relationship Management | Sharesies investment fund

 
 
 
 




150 posts

Master Geek
+1 received by user: 9


  Reply # 151316 25-Jul-2008 15:21
Send private message

Hi xcubed,

Thanks for the quick comments.

We have a CRM system whcih we want to allow access to by a telemarketing firm to run call sessions from.

Our expectation is 5 users max connecting to a MySQL database over a VPN.

I've never set this up beforee and would like to know where to start, and where are the hooks.

Cheers
Bernard 

Hawkes Bay
8477 posts

Uber Geek
+1 received by user: 5

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 151320 25-Jul-2008 15:27
Send private message

bernardgbailey: Hi xcubed,

Thanks for the quick comments.

We have a CRM system whcih we want to allow access to by a telemarketing firm to run call sessions from.

Our expectation is 5 users max connecting to a MySQL database over a VPN.

I've never set this up beforee and would like to know where to start, and where are the hooks.

Cheers
Bernard 

Bernard, is VPN the right way to go? Who suggested it?
It can be easy, but you can also suffer performance issues.
How much data is each client application going to pull over the VPN?
What upstream DSL rates are on both ends?
How utilised are those internet links already?

Too much unanswered at the moment!









150 posts

Master Geek
+1 received by user: 9


  Reply # 151323 25-Jul-2008 15:38
Send private message

Hi Tony,

Good points, I'll try and answer

> Bernard, is VPN the right way to go? Who suggested it?
Wasn't my suggestion, client interest only

>How much data is each client application going to pull over the VPN?

The application is vTiger which sits on top of a MySql database and runs through IE7 or FireFox.  The requirement is to provide access to the database for offsite users who will look at their scheduled calls in a list and then process through each call, updating a call entry screen to complete the call.   

>What upstream DSL rates are on both ends?
 
256 upstream at the host end.

>How utilised are those internet links already?

Minimum use at this time.

Cheers
Bernard

BDFL - Memuneh
62040 posts

Uber Geek
+1 received by user: 12655

Administrator
Trusted
Geekzone
Lifetime subscriber

Reply # 151328 25-Jul-2008 15:46
Send private message

For this size and numbers I would just add Free Hamachi to each client, and buy a Premiun license for the server ($35/yr). Join all in a single network and they can all access the server over any network.

I use Hamachi for things such as 15 GB backups every Sunday - from my hosted Geekzone server to my home server, plus about 2 GB traffic every day with updates. You won't have a problem if you use it for your project.




Backblaze cloud backup (personal and business) | Geekzone broadband switch | Amazon (Geekzone aff) | MightyApe (Geekzone aff)

 

My technology disclosure | Business Transformation | Enterprise Content Management | Customer Relationship Management | Sharesies investment fund

170 posts

Master Geek
+1 received by user: 8


  Reply # 151371 25-Jul-2008 16:54
Send private message

Hamachi is definitely nice and easy to setup, and reliable, but for your circumstances I'm not sure it's the right fit.

If the application runs as a web app anyway, you can just make the web server externally accessible. You may wish to configure your firewall to only allow the HTTP traffic to and from their IP address. It might also be worth hosting the pages via HTTPS, if data confidentiality is a requirement (probably worth doing anyway).

Because the database traffic is only from the web server to the database server (both of which are on your LAN) you'll only need the one port open for HTTP traffic, nothing else. This also means that you retain the security of your network as they won't be able to do anything dodgy like browsing file shares and the like which they would be able to do with a stock VPN solution (although Hamachi has some options to help with this too).

The other benefits are that you are not relying on a third party (Hamachi run master servers that need to be live to be able to login) and the client doesn't have to do any configuration at their end.

Awesome
4832 posts

Uber Geek
+1 received by user: 1091

Trusted
Subscriber

  Reply # 151381 25-Jul-2008 17:44
Send private message

Have a look at SSL Explorer Community Edition



150 posts

Master Geek
+1 received by user: 9


  Reply # 152277 29-Jul-2008 08:00
Send private message

Hi Mauricio et al,

Thank you for the VPN Server options.

The next thing is the VPN router.  I understand there are VPN pass through routers, but this is for the remote client end.

What thoughts do you have for the host end with a static ip address

Cheers
Bernard

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Geekzone Live »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.