A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.telecom.broadband (UK broadband)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.telecom.broadband (UK broadband) (uk.telecom.broadband) Discussion of broadband services, technology and equipment as provided in the UK. Discussions of specific services based on ADSL, cable modems or other broadband technology are also on-topic. Advertising is not allowed.

Multiple VPN connections



 
 
Thread Tools Display Modes
  #1  
Old May 12th 09, 05:30 PM posted to uk.telecom.broadband
Jim Howes
external usenet poster
 
Posts: 22
Default Multiple VPN connections

I am looking for recommendations for an ADSL2+ capable router (line
speed currently 16Mbit) that will permit external access to two remote
users simultaneously. One on a continuous basis, and one on an ad-hoc
basis.

The continuous access is currently achieved by forwarding ports 500 and
4500 to an internal IP address, at which sits a Cisco 800-series router,
which connects a number of wireless hotspots, which are part of The
Cloud's wireless network. They provide wireless access to guests at a
hotel. (Despite all logic suggesting that this should be an outbound
connection, it doesn't work without the port forwarding, which is weird.
I do not manage, or have any control of the Cisco box)

The second, ad-hoc, connection is for remote access support for the
hotel front-of-house software, which is achieved by 'Microsoft VPN'. I
admit, I don't know what Microsoft VPN is, and am assuming that it is a
normal VPN made significantly less secure, but I suspect it may also
require the use of the two ports previously mentioned.

If this is the case, I need to forward incoming connections on those
ports based on the source address, so if the connection comes from
A.B.C.D, forward to internal address X.Y.Z.Q, otherwise forward to
X.Y.Z.P - Something easily achievable via IPtables from the command
line of any linux box, but not something previously done by me, because
I have never really got into virtual private networks, because SSH works
so well.

Any particular ideas for routers that can implement this cleanly,
without otherwise SNAFU'ing what is otherwise a normal NAT'd single-IP
broadband connection?

Another alternative I have got is to forward the ports to one of the
various linux boxes currently doing menial tasks like internal DNS,
Squid proxies, equipment monitoring, and file and SQL serving, and let
it's IPtables take care of it, but there must be an easier way.

Jim
  #2  
Old May 12th 09, 05:39 PM posted to uk.telecom.broadband
Gordon Henderson
external usenet poster
 
Posts: 797
Default Multiple VPN connections

In article ,
Jim Howes wrote:
I am looking for recommendations for an ADSL2+ capable router (line
speed currently 16Mbit) that will permit external access to two remote
users simultaneously. One on a continuous basis, and one on an ad-hoc
basis.


Draytek 2820?

It has native PPTP server support to allow remote users access to the LAN.

They're not cheap though, but do generally work.. (Typically 130)

The continuous access is currently achieved by forwarding ports 500 and
4500 to an internal IP address, at which sits a Cisco 800-series router,
which connects a number of wireless hotspots, which are part of The
Cloud's wireless network. They provide wireless access to guests at a
hotel. (Despite all logic suggesting that this should be an outbound
connection, it doesn't work without the port forwarding, which is weird.
I do not manage, or have any control of the Cisco box)


You may still have to do this though. (ie the port forwarding)

The second, ad-hoc, connection is for remote access support for the
hotel front-of-house software, which is achieved by 'Microsoft VPN'. I
admit, I don't know what Microsoft VPN is, and am assuming that it is a
normal VPN made significantly less secure, but I suspect it may also
require the use of the two ports previously mentioned.


It's probably PPTP as that's fairly standard in the MS world.

If this is the case, I need to forward incoming connections on those
ports based on the source address, so if the connection comes from
A.B.C.D, forward to internal address X.Y.Z.Q, otherwise forward to
X.Y.Z.P - Something easily achievable via IPtables from the command
line of any linux box, but not something previously done by me, because
I have never really got into virtual private networks, because SSH works
so well.


You may be confusing port forwarding with VPNs - you don't generally
need to port-forward with a VPN.

However a remote VPN user may have full access to all hosts on the LAN
without additional firewalling...

Any particular ideas for routers that can implement this cleanly,
without otherwise SNAFU'ing what is otherwise a normal NAT'd single-IP
broadband connection?


Work out if you really need a VPN or just port forwarding. You may
find that the remote support people expect to VPN directly into the MS
server(s) in which case you may need to allow VPN pass-through, but you
can firewall remote VPN connections to an IP address.

Another alternative I have got is to forward the ports to one of the
various linux boxes currently doing menial tasks like internal DNS,
Squid proxies, equipment monitoring, and file and SQL serving, and let
it's IPtables take care of it, but there must be an easier way.


Do it in the router..

Gordon
  #3  
Old May 12th 09, 05:48 PM posted to uk.telecom.broadband
Jim Howes
external usenet poster
 
Posts: 22
Default Multiple VPN connections

Gordon Henderson wrote:
Draytek 2820?

It has native PPTP server support to allow remote users access to the LAN.


Very nice, but no ADSL modem built in. Presumably there is another
model with ADSL2+ available, (wireless is not a requirement, nor is a
second WAN)

Jim

  #4  
Old May 12th 09, 06:26 PM posted to uk.telecom.broadband
Andy Burns
external usenet poster
 
Posts: 122
Default Multiple VPN connections

Jim Howes wrote:

Gordon Henderson wrote:
Draytek 2820?

It has native PPTP server support to allow remote users access to the LAN.


Very nice, but no ADSL modem built in. Presumably there is another
model with ADSL2+ available, (wireless is not a requirement, nor is a
second WAN)


All the Vigor 2820 models have ADSL2+ build in, you can choose models
with/without WiFi, with/without voice ports, if you don't need 2nd WAN
(3G over USB or another ADSL via USB modem) then just don't use it.
  #5  
Old May 12th 09, 07:44 PM posted to uk.telecom.broadband
FlyerUK
external usenet poster
 
Posts: 16
Default Multiple VPN connections


"Jim Howes" wrote in message
...
Gordon Henderson wrote:
Draytek 2820?

It has native PPTP server support to allow remote users access to the
LAN.


Very nice, but no ADSL modem built in. Presumably there is another
model with ADSL2+ available, (wireless is not a requirement, nor is a
second WAN)

Jim


beg to differ Jim, my 2820n has ADSL2 built in...if it didn't, I wouldn't
be posting this ;-)

P.


  #6  
Old May 12th 09, 08:03 PM posted to uk.telecom.broadband
Graham J
external usenet poster
 
Posts: 389
Default Multiple VPN connections


"Jim Howes" wrote in message
...
Gordon Henderson wrote:
Draytek 2820?

It has native PPTP server support to allow remote users access to the
LAN.


Very nice, but no ADSL modem built in. Presumably there is another
model with ADSL2+ available, (wireless is not a requirement, nor is a
second WAN)


My V2820 has an ADSL modem built-in. This may be limited to 8Mbit/sec, and
you might be able to get more from your ISP. In which case a V2910 with an
external modem will do the job. Probably more cheaply than Cisco ...

--
Graham J










  #7  
Old May 12th 09, 10:37 PM posted to uk.telecom.broadband
FlyerUK
external usenet poster
 
Posts: 16
Default Multiple VPN connections


"Graham J" wrote in message
...

"Jim Howes" wrote in message
...
Gordon Henderson wrote:
Draytek 2820?

It has native PPTP server support to allow remote users access to the
LAN.


Very nice, but no ADSL modem built in. Presumably there is another
model with ADSL2+ available, (wireless is not a requirement, nor is a
second WAN)


My V2820 has an ADSL modem built-in. This may be limited to 8Mbit/sec,
and you might be able to get more from your ISP. In which case a V2910
with an external modem will do the job. Probably more cheaply than Cisco
...


my 2820n is currently pulling 15megabits/sec from BeThere ;-)

P.


  #8  
Old May 13th 09, 10:21 AM posted to uk.telecom.broadband
Jim Howes
external usenet poster
 
Posts: 22
Default Multiple VPN connections

Andy Burns wrote:
Jim Howes wrote:

Gordon Henderson wrote:
Draytek 2820?

It has native PPTP server support to allow remote users access to the
LAN.


Very nice, but no ADSL modem built in. Presumably there is another
model with ADSL2+ available, (wireless is not a requirement, nor is a
second WAN)


All the Vigor 2820 models have ADSL2+ build in, you can choose models
with/without WiFi, with/without voice ports, if you don't need 2nd WAN
(3G over USB or another ADSL via USB modem) then just don't use it.


Aha, dabs.com are lacking that information. Thankyou.
 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Multiple Connections tony h uk.telecom.broadband (UK broadband) 6 May 22nd 07 10:05 AM
multiple internet connections Paul uk.comp.home-networking (UK home networking) 5 February 28th 04 11:59 PM
multiple slimp3 multiple room arrangements K Bouton uk.comp.home-networking (UK home networking) 0 November 5th 03 11:21 AM


All times are GMT +1. The time now is 03:30 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2019 BroadbanterBanter.
The comments are property of their posters.