VPN Setup for Routers - Getting it to work with an IPSec Client Configuration Challenge
Level: Meduim
Technical
Summary:
This article will show how to setup a Broadband Router that has IPSec
VPN capabilities for secure remote access to your home network from anywhere on the
Internet. Detailed configuration will be shown for multiple brands of routers. The VPN IPSec
client will be SSH-Sentinel since it is free for non-commercial use.
Greetings!
How many times have you been at a friends
house or at work and said 'Gosh, I wish I could get at that file on
my hard drive at home'. With a broadband Internet connection and a
shiny new 'VPN Router', you can connect to your home network over
the Internet from anywhere on the planet SECURELY. This article will
show you how.
Our goal will be to establish an IPSec VPN
connection from somewhere on the Internet to your home network. In
addition, the remote computer will be able to mount network file
shares (and printers too!) located on the home network.
Possible Uses
You can connect to your home hard drive:
From work
From a friends house
From your laptop while on the road
You could also allow your friends and
relatives access to your network over the internet. That makes file
sharing especially!
Equipment Needed
1 Solid Broadband
Connection to your home
(Preferably
with a static IP address)
Most of the consumer level VPN routers operate
just about the same way because they all licensed the same IPSec
code. The only differences are the number of simultaneous 'VPN
Tunnels' they support and how many different 'VPN Profiles' they
support at once. They also have the same performance levels -
500kbps to 700kbps max IPSec throughput.
A 'VPN Tunnel' is simply an IPSec VPN
connection in this case. Each remote computer connecting to your
home network is one VPN Tunnel.
A 'VPN Profile' is a set of parameters that
define how your router will connect to other VPN end points. Some
routers support multiple profiles making it easy to use for
connecting to your work Intranet 'and' using it to dial into from
the road.
Configuration Overview
In this example, we will be working with two
computers and a VPN Router. Throughout the screen shots and the rest
of the article, I will refer to the following IP address. Please
write them down or print them for reference, it will help you
understand the rest of the article.
Home WAN IP: 24.60.60.100 (from your ISP)
Home LAN Router IP: 192.168.100.1
Home LAN IP Network: 192.168.100.0: Subnet
255.255.255.0
Computer on Home LAN: 192.168.100.2
Remote (friends) computer on the Internet:
24.60.60.200
Notes about IP Your Configuration
It is wise to change the IP Schema of your
home network from the default your router configures. This will aid
you in connecting multiple networks together - especially two VPN
routers of the same brand. Often the IP Schema is
192.168.1.0/255.255.255.0. All you need to do is change the second
from the last number (octet) to something higher than 2 and less
than 255. In this example, I made my LAN
192.160.100.0/255.255.255.0. This step is not totally necessary but
it could save you some routing headaches later.
It is also wise to convert your computers over
to STATIC IP address instead of dynamic IP address. If your
computers have dynamic IP address, you will not know what the IP
address is of the computer you want to connect to from the road. One
day it might be .2 the next day it might be .5. Again this is not
necessary, but it will save you headaches later.
Static IP Schema
Example
LAN Computer 1
IP Address: 192.168.100.51
subnet: 255.255.255.0
Gateway: 192.168.100.1 (router
address)
DNS: 192,168.100.1 (router address
again)
LAN Computer 2
IP Address: 192.168.100.52
subnet: 255.255.255.0
Gateway: 192.168.100.1 (router
address)
DNS: 192,168.100.1 (router address
again)
etc...
Next Configure the Router
I have a
(more routers listed in
the future)
Article TOC |
|
|
If you enjoyed this tutorial, please LINK to it! |
| 
Routing config and Mounting Drives
Menu:
