Professional Opinion on this WAN/VPN Project Required

[ID01]

Scenario: Connect two internet cafes with their DSL connections together so both places can see the Counter stirke/other game server on each side right inside the game itself.

I realize almost all the cheaper hardware VPN/router(the snapgear one come to mind) will not support UDP packet to pass thru the VPN connection. Hence if one want to join the game on the other side they would need to manually type in the IP address of the server. plus they will not be able to see the number of players on that server, or what map it is currently playing.

Sinces it require UDP forwarding (i'm not even sure it is even possible). A Win2k server would seem inadeptes/too expensive for this project. (or is it?)

Look like Linux is the only "easy" option. I looked at something like http://www.freeswan.org/ but. For a linux beginner. it is just way too complex. It doens't even seem to answer if what I need to do is possible at all!

Giving a call to Redhat/Linuxcare seem to be rather hopeless, after some communcation it seem that they wouldn't be able to help me if I'm not willing to shell out at least a couple of thousand dollor just for the tech support time. For a low budget family run cafe like this. It is out of my reach.


So here's my questions:

Can what I mentioned above be done at all? Connect two internet cafes with their DSL connections together so both places can see the Counter stirke/other game server on each side right inside the game itself. look like UDP are required for Server browing within the Game clients. (mostly counter strikes)


*If* it is possible. How can I it do it by the cheapest means possible? (yes I'm willing to pay for professional help if needed but my budget is below $1,500us including hardware)


Thank you,

Please e-mail me directly if you are interested in helping me on this
hlht@hotmail.com

(Need help desprately)

 

[Garion]

A few comments..

A VPN will certainly pass routed VPN traffic, but it will not pass UDP broadcasts, just like it won't pass TCP broadcasts. Think of a VPN tunnel as a router-to-router link. Anything that works with that kind of connection will work across a VPN.

Now, for the obvious question.. Why do you need a VPN for that? You should be able to setup the CounterStrike servers in each of the LANS, then send traffic out to the server through the Internet, right? Simply forward the appropriate ports through the firewalls that you have at each of the sites (If you DO have firewalls at the sites) and let 'em connect to the public IP. You won't see any increase in performance with a VPN and it really doesn't buy you much. The only reason I can see to need a firewall is if CounterStrike is one of those apps that doesn't work when multiple people try to play out through the same router that's doing NAT.

If you do need it, your budget of $1,500 is a bit too low, unfortunatley. I saw two products - The SonicWall SOHO3 and the Cisco PIX 501. Both have a 50-user version that's available for about $900 each. The SonicWall is very easy to setup, and you should be able to do it without much problem. Good news is that it's also a very good firewall to replace whatever you have now. The PIX is also excellent, but much more complex (unless there's a different setup for the 501 than is used on the other PIXes). There are 10-user versions of both that are cheaper, but you probably have more than 10 PC's and that's how the licence them.

- G

 

[ID01]

Garion:
If I simply forward the appropriate ports through the firewalls. The other side won't be able to actually see the Servers on the other site in the "Local Server list" within the game. And therefore they won't be able to see what's going on in that game. If they still want to join something they don't know what's going. They would have have to manually type in an IP address to join. I know how to make it works like this but I simply want my customers to be able to just pick one of the server from the list and play. It sound a little too much trouble for too little thing but if it is possible I want to do it.
The SonicWall SOHO3 and the Cisco PIX 501 seem like a good deal. I'm not sure those two Product will even do what I wish it too do. But I'll definiately give it a look. $1800 isn't that much different from $1500. If it is the only easy option. I suppose it is worth it (I didn't include my budget for a router so I can add it in too)

 

[Garion]

Just remember that a VPN will create a routed network between the two sites. This means that UDP broadcasts will NOT be forwarded between the sites. If that's what you need to have working, then this isn't going to do it. If you simply need the ability to route UDP, then that's doable across the VPN.

Try this - Get a Win2K machine with two NIC's and enable routing on it. That's close enough to how a VPN will act to test to see if it will work for what you need.

- G

 

[spidey07]

Maybe use some kind of broadcast helper? as in cisco terms "helper-address"? you can combine this with the ip forward protocol command to send broadcasts to another network.

why not just specify the IP address of the game server? or place in the favorites of the game?

 

[Garion]

I thought about using the IP Helper on a cheapo Cisco, but that would get messy - Since the workstations themselves need to see the UDP packets, you'd have to setup every workstation on the other end as a IP Helper address so they'd see it - Probably not a very scaleable solution.

On another note, I did find a pretty cool app - aGSM which is a freeware game server monitor. Could be very useful for a CyberCafe where games are hosted.

- G

 

[ID01]

Thanks for the suggestion:

So far I have narrowed it down to software VPN, Windows 2k Server with Remote Acess Routing or www.astaro.com Linux with FreeWAN should do what I need it to.

By the way thanks for the aGSM, i'm checking on it now.