• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

VPN noobie

G

GoFigureItOut

Joined
Dec 13, 2011
Messages
433 (0.09/day)
System Specs
Processor Core i5 3470 (3.20 GHZ)
Cooling Intel OC27vv
Memory 16 GB DDR3 667mhz
Video Card(s) XFX Radeon HD 5670
Storage Seagate - 500GB | 7200RPM | 32MB Cache | Sata-3G
Display(s) BenQ RL2455
Case Dell Tower
Audio Device(s) On-board
Power Supply Corsair 600w
I have a basic question about creating a VPN. Does the VPN server (I'm using a desktop) need to be directly connected to the router with an Ethernet cord? I'm trying to create a VPN just for the experience.

I'm not sure if this matters, but I have a TrendNet Tew-731BR WiFi Router
 
GoFigureItOut said:
Does the VPN server (I'm using a desktop) need to be directly connected to the router with an Ethernet cord?
Click to expand...
There is no requirement that it is wired in however, a wire tends to be more stable than wireless with more bandwidth. For the sake of playing around with it, wireless will work fine but, I wouldn't do that to any production setup.
 
No need to.
Popular software, such as OpenVPN, should be able to do ok even if your wifi loses a packet or two. (at least, as they claim)

PS
Quick googling revealed there is no dd-wrt firmware for your router (at least for r1) but open-wrt might be available.
If so, you can setup VPN server directly on your router.

PPS
Relevant thread: https://forum.openwrt.org/viewtopic.php?id=31551

WARNING: messing up with firmware might brick your router.
 
So, there's no other way of setting up a VPN without installing new Firmware? I thought allowing the port would suffice. I have much to learn!
 
It seems you want to use it to connect to your network from an outside source, and what you could do is use an old laptop and install Ubuntu on it and make it an OpenVPN server. I've done that many times with success. Then you do a port forward for port 1194 (OpenVPN) and what other ports are necessary once you've created the server and services on that laptop to accept the connection from your router, meaning your router doesn't have to try to encrypt the traffic as the laptop will handle that part as data gets funneled to it.

Likely your router could handle a weak PPTP encrypted VPN tunnel, as many modern routers within the last 5 years usually can. But they're weak, and as such don't require much hardware offloading to handle the encryption load so most of these fancy underpowered routers can handle that much. Using AES and OpenVPN can cause some pretty serious stress to processing hardware in routers...many cannot cope, and ones that do might not be able to run at full WAN speed depending on the level of encryption you choose. Regardless...it is good stuff to experience and know, and OpenVPN is MUCH better than PPTP. You can look into IPSec as well, but really it's bulky and a pain to setup compared to OpenVPN, even in Linux command-line...

If you're just getting familiar with it, a cheap old PC or laptop should suffice, look up how to port forward from your router (should be pretty easy). I prefer running Linux for OpenVPN servers, for a set-it-and-forget-it kinda situation.

Go here, read: https://openvpn.net/index.php/open-source/documentation/howto.html

If you go the Ubuntu route: http://linoxide.com/ubuntu-how-to/configure-openvpn-server-client-ubuntu-15-04/

http://vpnpick.com/setup-openvpn-server-ubuntu-15-04/

https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-14-04

Take a read, these will help guide you through a simple OVPN lab setup. :toast:
 
GoFigureItOut said:
So, there's no other way of setting up a VPN without installing new Firmware? I thought allowing the port would suffice. I have much to learn!
Click to expand...
No, why, you can certainly forward right ports and do it on your PCs.
 
So, I was able to get it to work on my network. I had to forward more ports and allow them with Windows firewall. Unfortunately, it doesn't work when I am away from my home.
 
Do you have a dynamic wan IP? You could setup a dynamic DNS...I use Afraid.org and then use dns-o-matic and a script on my router (you can run an app on your PC also) to make sure if my IP changes...the A record gets updated so my homenet.org address goes to the proper location.

Makes life easier on dynamic ISP connections.

Also more details about what you're using for VPN servers, what ports you're needing for forward, etc. can be helpful in us assisting you.
 
I forwarded three ports. I'm not sure if they were all necessary, but that's what made it work. They are: L2TP (1701), IKE (500), and IPSec (5500).

I believe the IP might be dynamic. Right now, it's 192.168.10.111. Is it normal to lose Internet connection when connected to a VPN? I'm a little new to this hence the questions. When I connected to my laptop that I set up as the VPN, I couldn't access any websites from my desktop
 
GoFigureItOut said:
I forwarded three ports. I'm not sure if they were all necessary, but that's what made it work. They are: L2TP (1701), IKE (500), and IPSec (5500).

I believe the IP might be dynamic. Right now, it's 192.168.10.111. Is it normal to lose Internet connection when connected to a VPN? I'm a little new to this hence the questions. When I connected to my laptop that I set up as the VPN, I couldn't access any websites from my desktop
Click to expand...

IPs starting with 192.168 and 172.16 and 10. are "private" (for in-house/in-company routing). If ISP gets packet with source IP from one of those networks, it will simply disregard it.

So this is definitely not your IP as seen from the public internet. (and real IP it is very likely dynamic, most ISPs change it once per day or so)
 
Yeah, I know. I gave my friend my public IP to see if he could connect, but he wasn't able to. It might have been because he didn't allow the ports with Windows Firewall
 
How do you have your VPN server/tunnel setup? Forwarding ports for all common VPNs shouldn't need to happen. You should only need to forward the ones needed for that type of connection.

What are you using to create this tunnel...can't help you if you don't disclose what you've actually setup and with what protocol.

You need to forward the correct ports to your VPN server...decide if they map to your local subnet or a different one with rules to allow traversal. If your PC is the server then you might need to setup the ports.

What error is your friend getting when he's trying to connect? Research that...could be a server and/or client issue.

I'm curious to see how and what you have setup! Hopefully we can get ya sorted!

:toast:
 
You must log in or register to reply here.
Back
Top