VPN

[Dantes]

Hi

I have been working on this a while.
I am confused about VPN, I am going away for 3 months and would like to be
able to transfer files from my home PC. I will be able to use Win2K or WinXP
at the remote location and I have Win2K at home. I will be OK setting up the
connection from the other end but I don't understand what to do at home. I
have the following:

Zen ADSL
PC running Win2K
Netgear router using DCHP to assign IP to my PC and also to collect the IP
from Zen.

I know I can get 8 further IPs from Zen.

I don't understand what happens then. Presumably I give one IP to my router
and one to my PC, is this correct?. When I am away which IP do I use to
connect through VPN, the IP of my PC? If so how does "the internet" know
that my PC is sitting behind my router and behind all of Zens setup?

Any help would be fantastic.

Cheers

R

 

[PauK]

Hi

I have been working on this a while.
I am confused about VPN, I am going away for 3 months and would like to be
able to transfer files from my home PC. I will be able to use Win2K or WinXP
at the remote location and I have Win2K at home. I will be OK setting up the
connection from the other end but I don't understand what to do at home. I
have the following:

Zen ADSL
PC running Win2K
Netgear router using DCHP to assign IP to my PC and also to collect the IP
from Zen.

I know I can get 8 further IPs from Zen.

I don't understand what happens then. Presumably I give one IP to my router
and one to my PC, is this correct?. When I am away which IP do I use to
connect through VPN, the IP of my PC?

* No you have to use the IP of your router, because the IP on your pc is
only a intern IP.

If so how does "the internet" know

 

[Dantes]

* No you have to use the IP of your router, because the IP on your pc
is
only a intern IP.

OK, so if I have more than one PC connected to the router how do I specify
which one?

Thanks very much for your reply

R

 

[PauK]

OK, so if I have more than one PC connected to the router how do I specify
which one?

Thanks very much for your reply

R

Each PC has his own Internal IP, wich you have to configure in your router.
Your router has his own IP, whitch you got from your provider. If you want
connect from an outside location you do have to install a server

 

[Dantes]

Each PC has his own Internal IP, wich you have to configure in your
router. Your router has his own IP, whitch you got from your
provider. If you want connect from an outside location you do have to
install a server

Hi

Thanks again
I was under the impression that I could use VPN to connect two Win2K/WinXP
machines. If, for example, there was no router I would just need the IP of
the destination PC to connect via VPN, this is correct isn't it?
Therefore, how is this managed with a router, I know my router has "VPN
passthrough" but don't know much more than that.

All the best

R

 

[BobC]

Hi

Thanks again
I was under the impression that I could use VPN to connect two
Win2K/WinXP machines. If, for example, there was no router I would
just need the IP of the destination PC to connect via VPN, this is
correct isn't it? Therefore, how is this managed with a router, I know
my router has "VPN passthrough" but don't know much more than that.

All the best

R

Your router is performing NAT and is assigning non-routable private IP
addresses to your lan computers. Most home consumer quality routers only
allow port forwarding to one computer behind the NAT router on the lan.
For example you can only forward port 80 to one web server on your lan,
or port 21 to one ftp server on your lan, and it then follows that you
can only forward the vpn ports to one vpn server on your lan.

A work around is to run for example a web server on another port other
than port 80 then forward this new port to another server ip address in
your lan. You therefor could have multiple computers serving web pages,
each using different ports to serve the pages.

Another solution would be to get an expensive router.

If you have multiple public IP addresses, you could replace your router
with a switch. Each computer would then receive a public IP address and
you would vpn to your computer IP address. This presents additional
security problems as each computer is accessable from the Interent.

 

[Dantes]

Your router is performing NAT and is assigning non-routable private IP
addresses to your lan computers. Most home consumer quality routers
only allow port forwarding to one computer behind the NAT router on
the lan. For example you can only forward port 80 to one web server
on your lan, or port 21 to one ftp server on your lan, and it then
follows that you can only forward the vpn ports to one vpn server on
your lan.

A work around is to run for example a web server on another port other
than port 80 then forward this new port to another server ip address
in your lan. You therefor could have multiple computers serving web
pages, each using different ports to serve the pages.

Another solution would be to get an expensive router.

If you have multiple public IP addresses, you could replace your
router with a switch. Each computer would then receive a public IP
address and you would vpn to your computer IP address. This presents
additional security problems as each computer is accessable from the
Interent.

Ahh, the idea of port forwarding seems to make things fit together.
So, if my router is IP 123.123.123.0 and my PC is 123.123.123.1 any VPN to
123.123.123.0 will be forwarded to 123.123.123.1 because VPN will come in on
a particular port and therefore will be forwarded. Have I started to get the
hang of it?

Cheers

R

 

[BobC]

Ahh, the idea of port forwarding seems to make things fit together.
So, if my router is IP 123.123.123.0 and my PC is 123.123.123.1 any
VPN to 123.123.123.0 will be forwarded to 123.123.123.1 because VPN
will come in on a particular port and therefore will be forwarded.
Have I started to get the hang of it?

Cheers

R

Yes. You configure in the router which ports to forward to which
computer.