New to VPN; trying to configure

Discussion in 'Computer Support' started by Mike T., Feb 18, 2007.

  1. Mike T.

    Mike T. Guest

    Hi,

    I'm trying to set up a VPN connection from the corporate network to my home
    network. I need to use a VPN connection because company policy does not
    allow the use of Remote Desktop. My home network consists of 3 computers
    (all XP Pro) sitting behing a Zyxel Prestige 660HW-67 router/firewall with
    VPN capabilities (provided by my ISP in Germany), which in turn sits behind
    a DSL modem.

    I've been reading all over the place and I'm still not clear on the
    configuration. There are sample config pages at
    http://www.zyxeltech.de/previews/p660hw67340qd4/VPN_IKE1.html and
    http://www.zyxeltech.de/previews/p660hw67340qd4/VPN_AdvIKE.html (they're in
    German and I can't find any English counterparts). I do speak German, but I
    still can't figure out how these entries would relate to my network.

    The home network is set up as a workgroup. It's set up behind NAT in the
    192.168.1.0/24 block. I have a dynamic IP, but I'm using a dynamic DNS
    service (which I'll call blablabla.dyndns.org).

    The work computer is part of an AD domain, and uses NAT internally. I don't
    know the firewall setup, nor do I have any sort of access to it.

    In the VPN/IPSec settings of the router, I've set up the following:

    Menu 27.1.1 - IPSec Setup

    Index #= 1 Name= blablabla.dyndns.org //not real address
    Active= No Keep Alive= No //not yet activated
    Local ID type= DNS Content= 12345
    My IP Addr= 0.0.0.0
    Peer ID type= DNS Content= 12345
    Secure Gateway Address= blablabla.dyndns.org
    Protocol= 0 DNS Server= 0.0.0.0
    Local: Addr Type= SUBNET
    IP Addr Start= 192.168.1.0
    End/Subnet Mask= 255.255.255.0
    Port Start= 0 End= N/A
    Remote: Addr Type= SUBNET
    IP Addr Start= 192.168.2.0
    End/Subnet Mask= 255.255.255.0
    Port Start= 0 End= N/A
    Enable Replay Detection= No
    Key Management= IKE
    Edit Key Management Setup= No

    In the Key Management Setup:

    Menu 27.1.1.1 - IKE Setup

    Phase 1
    Negotiation Mode= Main
    PSK= 12345678
    Encryption Algorithm= DES
    Authentication Algorithm= MD5
    SA Life Time (Seconds)= 28800
    Key Group= DH1

    Phase 2
    Active Protocol= ESP
    Encryption Algorithm= DES
    Authentication Algorithm= SHA1
    SA Life Time (Seconds)= 28800
    Encapsulation= Tunnel
    Perfect Forward Secrecy (PFS)= None

    The router manual isn't much help. I'm planning to create the connection
    using the XP client from work. I haven't been able to connect to it from
    work yet. Does anyone see any glaring errors in the above configuration
    that's stopping it from working?

    I know that there's connectivity to the dynamic DNS because I set up an FTP
    server on one of the machines, forwarded port 21 through the firewall to
    that machine with a static IP address, and was able to connect to the server
    from work.

    I also plan to be traveling quite a bit in the next few months. Would this
    work no matter where I am? (of course, if I'm not inside the company's
    network, I have a chance of being able to use RDP).

    Thanks,
    Mike
     
    Mike T., Feb 18, 2007
    #1
    1. Advertising

  2. Mike T.

    WhzzKdd Guest

    Mike T. wrote:
    > Hi,
    >
    > I'm trying to set up a VPN connection from the corporate network to
    > my home network. I need to use a VPN connection because company
    > policy does not allow the use of Remote Desktop.


    If you need a VPN, your company needs to set it up for/with you. Trying to
    put your own VPN in place without them knowing could be grounds for
    immediate dismissal.
     
    WhzzKdd, Feb 18, 2007
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. NewScene
    Replies:
    2
    Views:
    526
    Ravikumar Eswaran
    Jul 25, 2003
  2. John
    Replies:
    6
    Views:
    5,493
  3. Replies:
    26
    Views:
    2,828
  4. deca2499
    Replies:
    0
    Views:
    1,733
    deca2499
    Apr 14, 2006
  5. BF
    Replies:
    2
    Views:
    810
Loading...

Share This Page