Home VPN Server

sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
hey guys

Im thinking of setting up a home VPN Server and I had few things to confirm with you guys before I got started to make sure im doing it right in order for me get VPN Server up and running I need the following:

1. Domain Controller (on Server1)

2. RRAS with 2 network cards 1 internal ip e.g 192.168.2 and 1 public ip provide by ISP.(on Server2)

3. Need to configure Port Forwarding on home router

4. purchase Public IP from ISP

The stuff I provided above is that all I need to get a basic VPN up and running?

Thanks.
«1

Comments

  • undomielundomiel Member Posts: 2,818
    The RAS you can setup with just 1 nic. 2 is optimal but you can get by with 1. In which case you can consolidate it all onto 1 server. But it really depends upon what you're doing and how strapped you are for hardware. You could also use dynamic dns to work with a dynamic wan ip address. Also you'll want to check and see if your router can pass GRE traffic. Optionally if your router supports it you can put dd-wrt on it you could use your router for the vpn server.
    Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
  • crrussell3crrussell3 Member Posts: 561
    Use a service such as No-IP - Dynamic DNS, Static DNS for Your Dynamic IP instead of purchasing a static (or sticky) ip from isp.

    I also agree with undomiel on dd-wrt or even using that second server with www.untangle.com
    MCTS: Windows Vista, Configuration
    MCTS: Windows WS08 Active Directory, Configuration
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    Thanks undomiel for your reply and advice appreciate it.

    besides your advice the requirements to get a VPN server that I have said above are they correct or do I need additional resources to get it working.?
  • undomielundomiel Member Posts: 2,818
    Also you'll want to check and see if your router can pass GRE traffic.

    That's the important part as you may find you need to replace your router. Other than that no you would not need any additional hardware.
    Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    thanks undomiel for your reply.

    I know this is off topic i didnt want to start a new thread over it but i was interested in setting up remote desktop on my home computer to access it remotely and i wasnt successful in getting it done this is what I did in setting it up.

    1.configured the desktop computer to allow remote connections and allow it through windows firewall.

    2.Then I went to www.whatismyip.com and got my public IP and then went to home router and under port forwarding I typed in the public IP address of the computer im going to remote desktop to in the internet host IP address section and then under internal I typed in the IP of the remote desktop computer im going to remote desktop to but when im come to connect with remote desktop connection I cant get a connection by typing the public IP in.
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    sorry I forgot to add this in on a website it says that i need to put in the Routers Public IP in but I cant find it I looked under a few websites and it should be under wan IP but I cant see it on my router interface.
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    just an update I found my WAN IP and put in the internet IP in the port forwarding and still no luck.
  • CompuTron99CompuTron99 Member Posts: 542
    1. Does your Home PC have a static IP address (i.e. 192.168.x.x, 10.x.x.x, or 172.16.x.x)?

    2. Does your router have port 3389 forwarding to your PCs IP address?
    www.portforward.com

    3. Does the computer account have RDP permission and a password?
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    Hi computron thanks for the reply.

    yeah I have all numbers 1 to 3 done.
  • CompuTron99CompuTron99 Member Posts: 542
    sina2011 wrote: »
    Hi computron thanks for the reply.

    yeah I have all numbers 1 to 3 done.

    Can you RDP to that PC from another PC on the local (home) network?
  • ehndeehnde Member Posts: 1,103
    sina2011 wrote: »
    just an update I found my WAN IP and put in the internet IP in the port forwarding and still no luck.

    In your router configuration, you don't put in your routers public IP address. Port forwarding allows you to take one port (in this case RDP) and forward all RDP connections to an internal IP address. You need to put in the IP address of the computer you are running the RDP service on into your routers port forwarding configuration.

    You should configure the DHCP service of your router to assign a static internal IP address, such as 192.168.1.10 based on the MAC address of the windows computer you want to RDP in to. As an example, the address 192.168.1.10 would be the address you plug into your router's port forwarding for RDP connections. Does this make sense? I hope so...feels like my explanation was too complicated icon_lol.gif

    Let's say your public address is 12.12.12.12. This is what happens to RDP connections coming to your router:
    <RDP packet port 3389>
    > 12.12.12.12 (your router says hmm...all packets I get for 3389 are supposed to go to 192.168.1.10)
    > 192.168.1.10:3389 (your RDP computer)
    Climb a mountain, tell no one.
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    hey computron thanks for the reply yes I can ping internally.
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    Thanks for your reply ehnde.

    I just followed what you said I went and put in a DHCP reservation address in my router i did it for the IP address that im going to Remote Desktop to then i went to www.whatismyip.com and placed in the internet IP in the internet address and for the internal I placed in the IP address that I created a static one for in the DHCP reservation.

    I also had a look again my remote desktop is enabled both in the remote settings and in firewall settings so there isnt a problem there what im starting to think might be the issue is that when a create a custom portforwarding rule I choose custom where I choose the name of the Service and type in the internet and local address my self plus the port number.
    There is other options like predefined where it has the services name etc and you dont have to type the protocol number but it doesnt have anything called remote Desktop.

    Thanks.
  • CompuTron99CompuTron99 Member Posts: 542
    sina2011 wrote: »
    Thanks for your reply ehnde.

    I just followed what you said I went and put in a DHCP reservation address in my router i did it for the IP address that im going to Remote Desktop to then i went to www.whatismyip.com and placed in the internet IP in the internet address and for the internal I placed in the IP address that I created a static one for in the DHCP reservation.

    I also had a look again my remote desktop is enabled both in the remote settings and in firewall settings so there isnt a problem there what im starting to think might be the issue is that when a create a custom portforwarding rule I choose custom where I choose the name of the Service and type in the internet and local address my self plus the port number.
    There is other options like predefined where it has the services name etc and you dont have to type the protocol number but it doesnt have anything called remote Desktop.

    Thanks.

    What type of router are you using?
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
  • CompuTron99CompuTron99 Member Posts: 542
    sina2011 wrote: »


    Try this link, if you already haven't done so:

    Port Forwarding Remote Desktop on the Netcomm NB6Plus4 - PortForward.com

    I would go back and verify the information you have on the router.

    Good Luck.
  • CompuTron99CompuTron99 Member Posts: 542
    sina2011 wrote: »
    hey computron thanks for the reply yes I can ping internally.

    How about an RDP session?
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    hey thanks for the link I just did that and still doesnt work im kind of running out of ideas now icon_sad.gif yeah I can create RDP sessions internally.
  • CompuTron99CompuTron99 Member Posts: 542
    What are the computers running for their OS?

    When you are outside of the your network, are you using your Public IP address for the computer?
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    im running Windows 7 Ultimate.

    for connecting with remote desktop connection i type in the public ip of the remote computer and then followed by :3389.
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    just an update I looked on the router it said new router configuration settings dont take place until router is rebooted so I rebooted and tried connect my type public ip in the remote desktop connection followed by :3389 this time it only says initation remote session but after 2 minutes it times out.

    It doesnt automactially timeout like before when I clicked on connect so im guessing im getting closer.
  • CompuTron99CompuTron99 Member Posts: 542
    Have you tried not using the :3389? The port forwarding in the router should take care that.
  • kriscamaro68kriscamaro68 A+, Net+, Server+, Security+, Win7 MCP, Server 2012 Virtualization Specialist, MCSA 2012 Member Posts: 1,186 ■■■■■■■□□□
    You need to get rid of :3389 rdp knows to use that by default. Also in the routher config you need to ditch the public ip address for the port forwarding. The router already knows its own ip address (which is the public ip) for the internet address. Yes it has an internal ip address as well but the outside facing port (or internet port on the back of the router) is using the public ip as its address. You will be using the ip address from whatsmyipaddress.com in the connection for the rdp session.

    Like said before your remote computer will send a request for drp session to your external ip (12.12.12.12) which gets directed to the outside facing port on the router. At that point the router says hey that is on port 3389 and anything coming in on port 3389 goes to the internal ip address 192.168.1.10 which is tghe static ip address on your home computer.

    If you can't get it take screen shots of your routers config page and post them so we can see what it looks like.
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    ey guys thanks for your replies yeah I also tried it with :3389 and without but still no luck I have provided a screenshot that you asked for.


    Thanks.
    PF.jpg 25.4K
  • undomielundomiel Member Posts: 2,818
    Are you trying to connect from inside your network or outside it?
    Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    Im trying to connect from inside by using the public IP.
  • kriscamaro68kriscamaro68 A+, Net+, Server+, Security+, Win7 MCP, Server 2012 Virtualization Specialist, MCSA 2012 Member Posts: 1,186 ■■■■■■■□□□
    sina2011 wrote: »
    ey guys thanks for your replies yeah I also tried it with :3389 and without but still no luck I have provided a screenshot that you asked for.


    Thanks.

    THe screen shot is very small so it is hard to read but it looks like your internal ip is 192.165.1.1? Also if it is correct and its 192.168.1.1 then what is your routers internal ip address? Generally your router will take that ip address by default if thats the ip range it uses from the factory. So tell me what your routers internal ip address is and what you set your static ip address to on your desktop. Also if you cant get it working try setting your desktops static ip address in the dmz briefly and make sure to apply the settings. If ou can get to the computer then, then its an issue with the port forwarding. If you still cant then its either an issue with rdp setup on the computers(firewall or network authentication) or your isp blocks it.

    Also you ISP may only lease you your ip address for 24 hours so always check whatsmyipaddress.com often to see if it has changed.
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    thanks for your reply kriscamaro.

    Firstly in the screenshot you see in the Portforwarding its 192.168.1.3 thats the IP i have setup staticlly on my desktop and above if you can see its just configured to ALL.

    In the DMZ section under DMZ host IP:I placed the Internal IP of the computer I want to remote desktop to, the same IP I placed in portforwarding rule as you asked for.

    My routers Internal IP which is the same in getting into the interface is:192.168.1.1 and 211.27.14.152 for external.

    Thanks.
  • kriscamaro68kriscamaro68 A+, Net+, Server+, Security+, Win7 MCP, Server 2012 Virtualization Specialist, MCSA 2012 Member Posts: 1,186 ■■■■■■■□□□
    Not sure cause I have never tried but I dont think you are going to be able to connect from inside your network using the external ip. Have you tested this at all from another location? Like I said if you go to another location and your computer is setup in the dmz and all the rdp settings are correct then it should work. If it doesn't then either your isp is blocking it or there is something wrong with your pc's firewall on either end.
  • sina2011sina2011 Member Posts: 239 ■□□□□□□□□□
    sorry I forgot to mention I called up Netcomm Tech Support and spoke to the guy and explained my scenario and situation and long story short just with the Portforwarding and remote management enabled he was able to connect to my computer by using the WAN IP address of the router which is connected to my desktop computer Im trying to RDP to.
    Now that you said that Im starting to think maybe it wont RDP from inside using a External IP and as you suggested maybe that is the cause?
Sign In or Register to comment.