What do I need to implement a vpn

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › What do I need to implement a vpn

bernardgbailey

150 posts

Master Geek

#24487 25-Jul-2008 15:05

Hi Team

What I am looking for is what do I need to implement a vpn?

I understand the vpn connection works like this

1. Make a vpn connection from the client (remote) to the intended network (host)
2. When connected the vpn router/firewall at the host end redirects browser requests to the address/server specified
3. The server/address specified serves up the response to the browser requests and returns it to the client in the remote location.

The key to this is a vpn router/firewall? What box do I need to handle this? Or am I completely off track here?

Cheers
Bernard

xcubed

194 posts

Master Geek

ID Verified

Lifetime subscriber

#151311 25-Jul-2008 15:15

You can do it purely in software using something like OpenVPN or Hamachi, but if you using it in a business situation or where multiple people need to be on at the same time you're best going for a hardware solution.

What are your requirements?

freitasm

BDFL - Memuneh
79270 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#151314 25-Jul-2008 15:19

Exactly what I was going to ask.

First, a VPN is not something for browser requests only, but it is a tunnel for any traffic.

Windows Servers provide the VPN software for these, but you will need to configure your firewall and router to direct packets to the server. Hamachi is a good alternative and works well for small networks - and don't require any changes on your firewall.

bernardgbailey

150 posts

Master Geek

#151316 25-Jul-2008 15:21

Hi xcubed,

Thanks for the quick comments.

We have a CRM system whcih we want to allow access to by a telemarketing firm to run call sessions from.

Our expectation is 5 users max connecting to a MySQL database over a VPN.

I've never set this up beforee and would like to know where to start, and where are the hooks.

Cheers
Bernard

tonyhughes

Hawkes Bay
8476 posts

Uber Geek

Retired Mod

Trusted

Lifetime subscriber

#151320 25-Jul-2008 15:27

bernardgbailey: Hi xcubed,

Thanks for the quick comments.

We have a CRM system whcih we want to allow access to by a telemarketing firm to run call sessions from.

Our expectation is 5 users max connecting to a MySQL database over a VPN.

I've never set this up beforee and would like to know where to start, and where are the hooks.

Cheers
Bernard

Bernard, is VPN the right way to go? Who suggested it?
It can be easy, but you can also suffer performance issues.
How much data is each client application going to pull over the VPN?
What upstream DSL rates are on both ends?
How utilised are those internet links already?

Too much unanswered at the moment!

bernardgbailey

150 posts

Master Geek

#151323 25-Jul-2008 15:38

Hi Tony,

Good points, I'll try and answer

> Bernard, is VPN the right way to go? Who suggested it?
Wasn't my suggestion, client interest only

>How much data is each client application going to pull over the VPN?

The application is vTiger which sits on top of a MySql database and runs through IE7 or FireFox. The requirement is to provide access to the database for offsite users who will look at their scheduled calls in a list and then process through each call, updating a call entry screen to complete the call.

>What upstream DSL rates are on both ends?

256 upstream at the host end.

>How utilised are those internet links already?

Minimum use at this time.

Cheers
Bernard

freitasm

BDFL - Memuneh
79270 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#151328 25-Jul-2008 15:46

For this size and numbers I would just add Free Hamachi to each client, and buy a Premiun license for the server ($35/yr). Join all in a single network and they can all access the server over any network.

I use Hamachi for things such as 15 GB backups every Sunday - from my hosted Geekzone server to my home server, plus about 2 GB traffic every day with updates. You won't have a problem if you use it for your project.

xcubed

194 posts

Master Geek

ID Verified

Lifetime subscriber

#151371 25-Jul-2008 16:54

Hamachi is definitely nice and easy to setup, and reliable, but for your circumstances I'm not sure it's the right fit.

If the application runs as a web app anyway, you can just make the web server externally accessible. You may wish to configure your firewall to only allow the HTTP traffic to and from their IP address. It might also be worth hosting the pages via HTTPS, if data confidentiality is a requirement (probably worth doing anyway).

Because the database traffic is only from the web server to the database server (both of which are on your LAN) you'll only need the one port open for HTTP traffic, nothing else. This also means that you retain the security of your network as they won't be able to do anything dodgy like browsing file shares and the like which they would be able to do with a stock VPN solution (although Hamachi has some options to help with this too).

The other benefits are that you are not relying on a third party (Hamachi run master servers that need to be live to be able to login) and the client doesn't have to do any configuration at their end.

Samsung

Shop now on Samsung phones, tablets, TVs and more (affiliate link).

ajobbins

5052 posts

Uber Geek

Trusted

#151381 25-Jul-2008 17:44

Have a look at SSL Explorer Community Edition

bernardgbailey

150 posts

Master Geek

#152277 29-Jul-2008 08:00

Hi Mauricio et al,

Thank you for the VPN Server options.

The next thing is the VPN router. I understand there are VPN pass through routers, but this is for the remote client end.

What thoughts do you have for the host end with a static ip address

Cheers
Bernard