What am I missing in this VPN

[mizzy]

Do you ever find that when you are new to something that sometimes you can solve the difficult things without really understanding the fundamentals? Well this is one of those occasions.

I have done some work with VPNs but I am now at the stage where I wish to setup a VPN connection to my company LAN from home(and I am failing badly). You see I do not really know what is required to make a VPN(the fundamentals)

Currently I have the following.

Work:
A Smoothwall firewall with two ethernet cards
A 512k leased line to the internet.
192.168.1.252 Local Address on Firewall
v.w.x.y Public IP on firewall

Home:
A Windows 2000 PC with a static IP address
I wish to connect to my work network using a Windows 2000 VPN connection.

Apart from the firewall do I need anthing else? Am I missing anything like a VPN server? or is my firewall a VPN server?
I do not need any help configuring Smoothwall, hopefully I will find that info elsewhere. I just need to know "Am I missing anything?"

Apologies for this extremly thick question,

 

[mizzy]

Hi,

I should mention that I am using "Smoothwall Express 2.0 Beta 6 voyager" as my firewall.

regards,

 

[mizzy]

Hello there,

I have been asking this question on a number of forums.

Please see the following, it is not a solution but it really helped me understand VPN's alot better.

http://community.smoothwall.org/forum/viewtopic.php?p=7424#7424

When I have the full solution I'll post it up there.

Regards,

 

[june1980]

Hello.

How far along are you in setting up the connection?

Have you tried looking for any Smoothwall VPN client software? I use Sonicwall, and the only thing it will accept it's own client software.

Are you using shared key or certs of your athentication?

The important thing to remember is that both side's of the connection, both your home and work, should be identical in configuration. if you use MD5 on one end, you'll need to use it on the other. If your shared secert key is 123 on one end, it'll need to be that way on the other. Furthermore, determine if you use PPTP or L2PT (these are the only types supported by W2K's built-in VPN client).

Final tip. When you create your connection under windows, double check your IP settings. If you use a NIC for your Inet, don't give it the same IP address as you primary network connection - that mistake beat me down for a while.

 

[mizzy]

Hi there,

Its very kind of you to take the time.

I'm still plugging away, reading mostly before I do anything(will save time in the long run)

I'm using an IPSec client. I've been told that Smoothwall does not support PPTP. See the following site on how I found this out .

http://community.smoothwall.org/forum/viewtopic.php?t=1530)

This IPSEC client that I'm using can be found on this site

http://vpn.ebootis.de/.

I am going to use a certificate because it the site above provides a very detaied guide on how to do this.

Your last comment is interesting. Currently I am testing the configuration at work. I have a Win 2k laptop which has got a single ethernet card. This will serve as the client. I have given this card a public IP address and connect it directly to the internet (so its out there on the internet). Will this be a problem (based on your comment)

Thanks & Regards,

 

[june1980]

Not a problem. I enjoy this stuff so much I made a career out of it!

I'm not sure if it could be a problem - I'm not familiar with your VPN client. I downloaded it to take a look, but I still couldn't tell you anything about it. However, in my experience, so long as your VPN connection and your internet connection don't use the same IP address, that should be one less problem popping up later.

Be aware that your IPSEC client software may not work. If all else fails and you can't get it to work, I would try a different VPN client.