VPN: Server 2003 or IPCop

[TiziteLayinLow]

I am tryin to setup a VPN for my class lab.

First question, will I NEED 2 nics to get this accomplished?

Second, which would be easiest microsoft server enviroment or IPCop 1.4.6

any input is appreciated

-matt@tizite.com

 

[Cooky]

I've never used IPCop so can't comment on that.
If you have a MS 2000/2003 server box it's very easy to set up VPN. You need only 1 NIC if it's not at the edge of your network. (like acting as the gateway between your inside and outside networks)
Most docs on the Internet are for the 2-NIC configuration, for the 1-NIC setup, see step-by-step guide

 

[lansalot]

ipcop is very easy, and free. And will run on much lower spec hardware than the MS equivalent. Give it a try, and if you can't work it out, then feel free to spend a fortune on stuff you might not be able to figure out either

 

[TiziteLayinLow]

this is a lab project... all software is provided by the school. Ive been following the technet step by step on the ms vpn but it has me into 4 servers and i just think its overkill. to demonstrate the vpn i wont even be doing it over the internet just over the LAN to show what you can do. I dont know if i can simulate a DMZ with the access that I have. I might be able to possibly do it over VLAN but I dont think the network admin of the school even has it so VPNs can pass threw.

any more suggestions are appreciated.


edit: i followed that tutorual.. works great.. now my issue is this I have a cisco c831 router.. i am running class a internal IP addresses (10.10.10.0/24).. when I set static IP addresses in routing and remote access snap in its assigning 10.10.10.0/32 .. will I have an issue with this talking to my networks at 255.255.255.0 ? also - does anyone know the ports for VPN so I can forward them in my router to allow VPN over the internet now?

 

[loup garou]

Originally posted by: TiziteLayinLow
this is a lab project... all software is provided by the school. Ive been following the technet step by step on the ms vpn but it has me into 4 servers and i just think its overkill. to demonstrate the vpn i wont even be doing it over the internet just over the LAN to show what you can do. I dont know if i can simulate a DMZ with the access that I have. I might be able to possibly do it over VLAN but I dont think the network admin of the school even has it so VPNs can pass threw.

any more suggestions are appreciated.

Follow the step-by-step guide Cooky posted. It only requires one server and one NIC and it's very simple.

 

[TiziteLayinLow]

i followed that tutorual.. works great.. now my issue is this I have a cisco c831 router.. i am running class a internal IP addresses (10.10.10.0/24).. when I set static IP addresses in routing and remote access snap in its assigning 10.10.10.0/32 .. will I have an issue with this talking to my networks at 255.255.255.0 ? also - does anyone know the ports for VPN so I can forward them in my router to allow VPN over the internet now?

 

[Cooky]

You need to open TCP 1723 and 47 for PPTP VPN.

Edit: I think the /32 mask is normal.

 

[TiziteLayinLow]

I forwarded them in NAT and allowed in ACL. Is there anything else because trying to get in externally I'm getting Error 721: Remote computer did not respond.

Thanks for the help,
TiziteLayinLow

 

[TiziteLayinLow]

ok i found out what the prob was - i had 47 and 1723 tcp forwarded in NAT and ACL, but I needed GRE IP Protocol 47 in allowed in the ACL. I am going to try to take out the 47 tcp and see what happens because thats probably not needed.

thanks guys, matt

 

[loup garou]

Originally posted by: TiziteLayinLow
ok i found out what the prob was - i had 47 and 1723 tcp forwarded in NAT and ACL, but I needed GRE IP Protocol 47 in allowed in the ACL. I am going to try to take out the 47 tcp and see what happens because thats probably not needed.

thanks guys, matt

Yep, 47 TCP is not needed.

Here's some info.