Help newb set up VPN :)

[CMYK78]

Hello -

I am a longtime Mac user and just purchased a shiny new MBP. I would like to have access to my office network. Specifically I have an app that needs to be connected to the office LAN in order to run.

The office network consists of several Macs and PC's as well as an Xserve. Each machine is hardwired to a gigabit switch. The switch is connected to a Linksys WRT54G router and the router is then wired to our cable modem.

So...what do I need in order to connect to our office network? Do I need to get a VPN capable router? Or do I need to set something up on the Xserve?

Any help would be greatly appreciated!

 

[dampfdruck]

Hello,

I'm using OpenVPN. It's secure, easy to configure/use and robust.

You need to install the OpenVPN client (tunnelblick) on your remote host and the openvpn (in server mode) on your Xserve. Then all that is left to do is to forward the port on your NAT device.

Check the OpenVPN site. There are tons of examples. It's really straight forward.

Jorg

 

[ramases]

Doesn't XServe come with OS X Server?

From Apple.com OS X Server Page
"Secure private network access.
Virtual private network (VPN) access enables your users to take advantage of network services while they’re offsite and simultaneously prevent access by unauthorized individuals. Leopard Server supports standards-based L2TP/IPSec and PPTP tunneling protocols to provide encrypted VPN connections for Mac and Windows systems — and even Apple’s iPhone. These VPN services use secure authentication methods, including MS-CHAP and network-layer IPSec."


If so why not setup the VPN component of OS X Server? Then providing the Linksys WRT54G can support VPN passthru you shouldn't have a problem. My personal preference would be for a VPN capable router, that way you could have access to the LAN from the router instead of using the XServe to bounce the packets around.

 

[CMYK78]

My personal preference would be for a VPN capable router, that way you could have access to the LAN from the router instead of using the XServe to bounce the packets around.

I was leaning toward a VPN capable router. Seemed like the least complicated approach. I was considering buying a new router that could run the full version of DD-WRT. Any suggestions on what to get?

 

[belvdr]

I have a WRT54GL, and it will run OpenVPN with no issue. I use OpenWRT, but DD-WRT works as well.

 

[ramases]

I've always used Dray Tek kit, currently on a Vigor 2820n, with both remote "dial in VPN" for half a dozen travelling users and LAN-LAN VPN's enabled, with USB 3G backup. It even happily supports VPN from my iPhone. But I guess it's down to personal prev's.

 

[CMYK78]

I have a WRT54GL, and it will run OpenVPN with no issue. I use OpenWRT, but DD-WRT works as well.

I think I'm going to go with a router, probably the WRT54GL as you mentioned above. For $60 how can I go wrong.

So....I buy the router, install OpenWRT or DD-WRT and enable VPN through the web GUI. Is it really that simple?

 

[belvdr]

Yes, from what I remember. In OpenWRT, once installed you go to the System tab, and then refresh the package list. Install OpenVPN, and then an OpenVPN tab should appear.

Make sure you get the WRT54GL version. The current WRT54G will not run OpenWRT/DD-WRT.

 

[CMYK78]

Make sure you get the WRT54GL version. The current WRT54G will not run OpenWRT/DD-WRT.

Yeah, I found the "GL" version on Amazon pretty cheap. Wish I would have researched this a little further before I purchased the WRT54G last year.

Thanks for your help!

 

[CMYK78]

Ok...I have my router set up.

I'm running DD-WRT and have enabled OpenVPN. The part I'm having trouble with is setting up the certificates. How do I do this...I don't have a clue!! If someone can point me in the right direction I'd appreciate it.

 

[John Musbach]

Ok...I have my router set up.

I'm running DD-WRT and have enabled OpenVPN. The part I'm having trouble with is setting up the certificates. How do I do this...I don't have a clue!! If someone can point me in the right direction I'd appreciate it.

1) Learn to Google
2) http://mycert.sandbox.cz/

 

[LyonJT]

I've always used Dray Tek kit, currently on a Vigor 2820n, with both remote "dial in VPN" for half a dozen travelling users and LAN-LAN VPN's enabled, with USB 3G backup. It even happily supports VPN from my iPhone. But I guess it's down to personal prev's.

I would highly recommened draytek as well!

I use to have a netgear then brought a draytek never looked back!