VPN for home lab
I'd like to set up a VPN connection to my lab at home. This is related to CCNA:Security, and I thought it might help solidify my understanding of how VPNs work and also give me a way to remote into the lab (other than logmein, ssh, or RDP over a nonstandard port).
Criteria:
Criteria:
- no cost at all
- cannot install software at work, but have access to Windows 7 and Windows XP. I frequently use different desktops.
- Windows VPN client, java, putty, VNC, web browser at work
- a netgear router, two cisco 1721s running IOS 12.4 advanced IP services, and a server (machine I'm using at home as a combo dynamips/console server box)
- switches and routers connected to the dynamips box/console server that have nothing to do with this project except for the need to access these devices as part of the lab
Climb a mountain, tell no one.
Comments
-
Kasor Member Posts: 934 ■■■■□□□□□□Use logmein to remote to your home workstation, then you can access your home network from the workstation that you setup logmein.
Otherwise, I don't see any free tool unless you are going buy the HW/SW to support VPN.Kill All Suffer T "o" ReBorn -
ehnde Member Posts: 1,103Hey, thanks for the reply! I use logmein right now, and it works great - serves my needs well...but I would like to set up a vpn partly to reinforce my studies in CCNA Security.
Doesn't the Cisco 1721 with advanced ip services support vpn connectivity? I could forward whatever ports I need from my home netgear router over to a spare 1721, then pass the traffic into my lab. What additional software would be needed?Climb a mountain, tell no one. -
exampasser Member Posts: 718 ■■■□□□□□□□If you have an MSDNAA account you can get a free copy of Server 2008 R2 and run a VPN server on that. You can also run a VPN server on XP/Win7 but you're limited to PPTP(professional editions at least, dunno about home editions). If you can get a copy of Server 2008 R2 you can run SSTP which will give you less problems with firewalls blocking it as it uses port 443.
-
keenon Member Posts: 1,922 ■■■■□□□□□□you can run ssl vpn via adito it runs under windows or linux.Become the stainless steel sharp knife in a drawer full of rusty spoons
-
demonfurbie Member Posts: 1,819 ■■■■■□□□□□you can setup a vpn server on linux fairly easy
shoot you can do it via web based linux on some distros
Untangle Lite Packagewgu undergrad: done ... woot!!
WGU MS IT Management: done ... double woot :cheers: -
jibbajabba Member Posts: 4,317 ■■■■■■■■□□According to some quick google the 1721 seems to support VPNs. I have setup my 877 for both, IPSec and pptp so I can connect either way, depending here I am. In the office I have setup a site-2-site IPSec to my 877 and for iPad / iPhones and laptops I am using PPTP. PPTP is certainly the easiest to setup:
Configuring the Cisco Router and VPN Clients Using PPTP and MPPE [IP Tunneling] - Cisco Systems
Windows XP can then connect just fine using the built-in client.My own knowledge base made public: http://open902.com -
ehnde Member Posts: 1,103jibbajabba wrote: »According to some quick google the 1721 seems to support VPNs. I have setup my 877 for both, IPSec and pptp so I can connect either way, depending here I am. In the office I have setup a site-2-site IPSec to my 877 and for iPad / iPhones and laptops I am using PPTP. PPTP is certainly the easiest to setup:
Configuring the Cisco Router and VPN Clients Using PPTP and MPPE [IP Tunneling] - Cisco Systems
Windows XP can then connect just fine using the built-in client.
So the two possibilities come down to using a Cisco 1721 that I have available as a vpn terminator, or using the server I'm running dynamips on. How tough would this be on the 1721? I don't have a vpn module in it. Also how much overhead would this create using my server as a vpn terminator? (In this case I'm leaning towards openvpn if I must use the server).Climb a mountain, tell no one. -
jibbajabba Member Posts: 4,317 ■■■■■■■■□□Overhead - I don't know. Wouldn't think it is an issue in a lab anyway. I run a server 2008 server as DC and VPN server, running just a GB of Ram. And I only just see that the VPN module is optional in the 1721. So if you don't have one then that option is not available to you.
Surely your office has a static IP, why not just open all ports for this IP on the firewall? Again, for a lab surely an option ?
Or simply use a CentOS machine, or even virtual machine, you can run this as a VPN server as well (need to do your own google homework on that though).My own knowledge base made public: http://open902.com