Question : VPN setup

i was tasked to design a system and create a software wherein a certain user from a remote office will be able to access the system from the main office. the distance between the remote office and the main office is quite far (i.e. located on two different countries). i've done several researches and learned that setting up a VPN is a solution to my problem. (but another problem came out...)

i have some knowledge on networking but i've never tried setting up a VPN. part of what i'm going to present are the hardware requirements of the system design. can anyone help me? i need product specifics (and prices if available).

thanks in advance...

third

note:
the system will be used for small-scale business so i need the most appropriate hardware specs you can give.

Answer : VPN setup

Third,

VPN tunneling is the way to go as encryption methods can be used to encrypt your IP packets with a high encryption key that can only be decrypted by the destination VPN. This way you can use the net along with everyone else and avoid paying for a dedicated line.

I would suggest using a small scale hardware VPN unit vs. Software as Win2K VPN was very unstable in all of my attempts to use it. You may have better luck than I did, but you can pay for a small price for a decent pair of VPN units.

VPN prices compared
So-called commodity VPNs are available for about $200 to $500, and are made by companies whose products traditionally share retail shelf space with the likes of mouse pads, ergonomic keyboards, and packs of floppy disks.

Business-class e VPNs range in price from $2,000 to $5,000 per component.

Here are some prices and comparisons:

http://searchnetworking.techtarget.com/bestWebLinks/0,289521,sid7_tax397,00.html

Sometimes you can find deals on hardware at:
http://dealsea.com

Also at:
http://www.pricewatch.com
----> Go to "Networking Other" and then select "VPN"
at the bottom of the page.

Note: You will need to check what laws and regulations exist for encryption overseas as I know they exist for general internet traffic. I am not sure about VPN tunneling though.

Here are some whitepapers with exhaustive information on many different options such as using Windows 2000 Advanced Server to Cisco Router VPN systems.

http://whitepapers.comdex.com/data/rlist?t=sys_40_14

Or:

http://www.vpnc.org/white-papers.html
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113t/113t_3/ipsec.htm
http://kubarb.phsx.ukans.edu/~tbird/vpn/FAQ.html
http://www.vpninsider.com/
http://www.linuxdoc.org/HOWTO/VPN-HOWTO.html

Typical VPN connection between PC's is secured through an IPSec tunnel with 3DES encryption. IPSec is the industrys leading VPN standard and is currently in use in many government ministries and financial institutions. 3DES is highest available encryption standard available for IPSec and for added security, the 3DES key is changed at regular intervals. While "brute force" attacks can crack any encryption key given the needed amount of time, changing the encryption key at periodic intervals practically eliminates the possibility of someone finding your encryption key over the Internet.

What are the overheads involved in VPN?

Due to the encryption, there will be some resource overheads involved. Typical bandwidth and CPU overheads is about 10% on a P2-233 for 3DES IPSec with 56k modem. Details of bandwidth overheads can be found here http://www.tisc2001.com/newsletters/39.html.

What kind of ISP connections are supported by VPN?
Modem dialups from all ISPs, SCV Cable Modem, ISDN and DSL connections.

Some ports that you will probably need to configure if you
go the software route:

UDP Port 500
UDP Port 4500 (NAT-T in definted in IETF's draft-ietf-ipsec-nat-t-ike-02)
UDP Port 10000 (Cisco's Proprietary IPSec over UDP)
TCP Port 10000 (Cisco's Proprietary IPSec over TCP)
IP Protocol 50 (also known as ESP)
IP Protocol 51 (also known as AH)

Am I able to use the built in VPN client in Windows XP instead of the VPN Windows Client?

The VPN Client in Windows XP supports IPSec over L2TP and PPTP protocol. Certificate and CAs are required (but not available to most people) in order to use the IPSec/L2TP VPN client in Windows. PPTP is an insecured protocol and is therefore not supported. Information on the weaknesses of PPTP can be found in the following:
http://www.counterpane.com/pptp.html
http://www.atstake.com/research/reports/pptpv2.pdf

I recommend to use a VPN IPSec Client which is a full-fledged IPSec client using 3DES encryption with IKE, which is highly secured, easy to use and supported on most platforms.

Installing a VPN-client with win95/98:

http://www.wown.com/j_helmig/vpn95ins.htm

Installing a VPN-client for Linux:

http://www.uni-stuttgart.de/rus/lan/wlan/install_vpn_linux.html

I hope this was helpful to you. If you need additional information on how to configure let me know and I will try to assist. If I can not I will direct you to where you can find some more information on the topic.

Random Solutions

Can't reach certain sites. DNS issues?

Novell network - transition from BNC to UTP - how hard is it?

Internet Connection Sharing Problems on Wireless Network since installing XP SP2

How to get the GPS data / NMEA right? Longitude, Latitude and distance between?

Mapping a Network Drive on Sharepoint

ASA 5510 Site-to-Site VPN

Difference between Router,Hub,Gateway,Subnet,<wbr />AP

LMhost - how to create one.