| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 104886 | 2009-11-11 20:25:00 | VPN Config | inphinity (7274) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 829122 | 2009-11-11 20:25:00 | Heyas, So, I am trying to decide on the best way to set up a VPN connection, for usability & performance without sacrificing security. The network setup that the VPN will connect in to, is a DSL Router / Firewall appliance, the LAN port of which connects to a NIC on an SBS2003 box, and then the LAN is connected to a second NIC on the SBS2003 box. The router / firewall supporst PPTP, IPSec or L2TP with IPSec VPN connections. The SBS2003 box has RRAS installed. Is the best way to simply use PPTP, forward it through to the SBS box on the router, and do authentication / DHCP there. Is it better to use the router/firewall as the end point? If so, how do we handle LAN traffic to devices on the LAN other than the SBS server? Is there a third alternative I'm missing (IPSec to the router then PPTP to the SBS box? lol - hey if its best, I'll do it)? Thanks for your input! |
inphinity (7274) | ||
| 829123 | 2009-11-11 21:38:00 | No mention if the SBS Box is running ISA or not? I personally recommend OpenVPN (to the SBS box) its generally easy to setup and more secure than PPTP its also more resilient. If your running ISA on the SBS box its a bit more pain to get the rules to work right (OpenVPN is normally a piece of cake). |
razzarphenix (2626) | ||
| 829124 | 2009-11-12 01:50:00 | Yeah port forward the PPTP port to the box, generally the Wizard with SBS works quite well. I'm with razzarphenix though, give yourself an extra hour or two and play with OpenVPN. Much better! |
Chilling_Silence (9) | ||
| 829125 | 2009-11-12 02:53:00 | No, no ISA, all the firewalling is done by the router with just NAT at the SBS box - hence being a little hesitant to really use it as the VPN endpoint as well, but if we must, we must. I'll check out OpenVPN, but a cursory glance suggests I have to run it as a Virtual machine under Windows? I don't really want to add that much extra workload on to the SBS box, it struggles a bit as it is :X |
inphinity (7274) | ||
| 829126 | 2009-11-12 03:11:00 | ...but a cursory glance suggests I have to run it as a Virtual machine under Windows? Not at all - what gave you that idea? |
Erayd (23) | ||
| 829127 | 2009-11-12 03:20:00 | Not at all - what gave you that idea? The options for the Choose your OS in the download page are CentOS, RedHat, Fedore, Ubuntu, Virtual Appliance (VMWare), Virtual Appliance Windows (VHD). |
inphinity (7274) | ||
| 829128 | 2009-11-12 03:50:00 | The options for the Choose your OS in the download page are CentOS, RedHat, Fedore, Ubuntu, Virtual Appliance (VMWare), Virtual Appliance Windows (VHD). You're looking in the wrong place - that's the download page for OpenVPN Access Server. What you probably want is this (www.openvpn.net) page (the download page for OpenVPN.) |
Erayd (23) | ||
| 829129 | 2009-11-12 08:11:00 | This link (www.runpcrun.com) will get you started. | razzarphenix (2626) | ||
| 829130 | 2009-11-12 17:24:00 | ...not to be left out, have a look here: http://openvpn.se/ OpenVPNGui is a nice app that gives you a systray icon for connecting between multiple VPN connections (Or even just one) on windows systems. If you read the OpenVPN HowTo, you'll see there's actually quite a lot of references to Windows systems also :) |
Chilling_Silence (9) | ||
| 829131 | 2009-11-12 19:51:00 | Thanks :) | inphinity (7274) | ||
| 1 | |||||