Having a bit of issues with my VPN I am attempting to set up. I'll start with what I am wanting to do. I am wanting to have my parents house able to network with mine through VPN. Mostly so that their PC's can back up to my server. I also would like to be able to connect to their network and print to their printer. This is what I have done. I have a WHS 2011 server which I set up as a VPN Server and connected to with my parents laptop following these steps: http://thedigitalmediazone.com/2012/03/26/how-to-set-up-vpn-for-windows-home-server-2011/ I changed the IP of my parents router to be on a different subnet than mine to not have any ip address conflicts. So now my network is 192.168.1.1/24 And their network is 192.168.2.1/24 The VPN is working and they are able to connect to my network. Now this the issues I am having now: All their internet connections are going through the VPN. I do not want their web browsing to go through VPN. Only for LAN connections on my network (accessing my server, etc.) I am not able to connect to their network from mine. I would like to limit how much of my network they can connect to. Any way I can limit what IP's they can connect to? Some info that may help. My router is a Trendnet TEW639GR Their router is a Linksys WRT310N with DD-WRT firmware. Now it may come down to the fact that I can't do the VPN this way and may need to use something like Open VPN. If thats the case thats fine, but I will need a guide for that as I could not figure out how to do it. lol Ultimately I would like to have it all done just with the routers. I would like to someday get 2 new identical routers and run DD-WRT on them and do the VPN with that somehow. But that I'm sure will be a lot more difficult than this. lol Anyways, if anyone can help me out or point me in the right direction that'd be great. thanks!
You need a split tunnel list, and you need an L2L VPN, not a dial-up client VPN really. You might get away with the split tunnel and putting the VPN client on the Linksys. Your client VPN works like this: receive any traffic > send to VPN A split tunnel works like this: receive traffic for 192.168.1.0/24 > send to VPN receive traffic for 192.168.2.0/24 > send to VPN receive traffic for anything else > internet
I was able to use this page to configure it so that only connections to 192.168.1.0 went through VPN. http://blog.foreignkid.net/2012/03/pptp-vpn-and-split-tunneling/ But now I still want to be able to access their network from mine. I wish I could do it all via our routers as then no settings would need to be changed on the PCs.
I had this issue when trying to set up my parents PC to connect to my own too I'm at work at the moment so I'm going from memory, so sorry if the instructions are not 100% precise. On your PARENTS pc... right click the VPN connection you have set up, find the IPv4 option, select it and click properties. Go to 'advanced' and there should be an option there saying something along the lines of "use default gateway" or something. Uncheck this option and it should no longer divert net traffic through your VPN, also you should have full access to your local network. Hope it helps! (When I get home I will double check the exact wording of the options and edit this appropriately.) Edit: Ok, home now. It's in Properties -> Networking -> IPv4 -> Properties -> Advanced -> IP Settings Uncheck the 'Use use default gateway on remote network' box.
You are setting up a "remote access VPN", but you want "site to site VPN". Unfortunately, that is not so easy : http://www.smallnetbuilder.com/secu...how-to-set-up-a-site-to-site-vpn-with-openvpn
Yep it's working. Cant seem to ping by hostname though. And my PC's dont show up under Network on their laptop. I can connect to my server from their laptop fine, but it would be nice to be able to see it under network and stuff. Seems more and more likely that I will want to have the VPN done with the routers.
Yes, I had a couple of issues with that too. The firewall can block it very easily. It took a bit of tweaking AVG on my parents PC to get it seeing the network properly. Try connecting with the firwall turned off, if it connect, then you know where to look. Also, my home router was running Buffalo's version of DD-WRT and this seemed to be bugged and stopped the descovery on the network. Once I flashed it with the latest non-buffalo version of DD_WRT it worked like a charm.
'dega, to echo various comments, you really need a L2L VPN here. You don't have the kit in place to do that, so try this: 1. Use your Linksys DD-WRT router to connect to your Windows Home Server. 2. Ensure the split tunnel is between 192.168.1.x and 192.168.2.x only. 3. On all your laptops/PCs open a command prompt and type route add 192.168.2.0 mask 255.255.255.0 <ip_of_Windows_Home_Server> -p Do not miss out the -p - very important!! This will sort-of make it a L2L tunnel because: a) Your parents' PCs will point all traffic at the Linksys, which will either VPN or send to the internet b) Your PCs will point all traffic at your router for internet, or divert the VPN traffic to your WHS which should encap it down the VPN This may, or may not work, as WHS isn't really designed for this. Worth a shot though. Failing that, you need to get another Linksys router and get DD-WRT on it. Try ebay? After you sell the old one you might be less out of pocket than you'd think
I'm totally open to getting another router to run DD-WRT on. That is what I want in the long run as that is the proper way of dong a VPN connection, right? Only problem is I don't really know how to set up a VPN on DD-WRT.
I think that LogMeIn Hamachi would do something like what you want. Branch office VPN is the other option.
You want an L2L vpn really rather than a dial up, it would make it much easier. Get either two of the routers Rich has suggested or a couple of drayteks. I have never used dd-wrt so I can't help you there but I have set up many many many site to site links and networks using draytek's.
http://www.dd-wrt.com/wiki/index.php/OpenVPN_-_Site-to-Site_routed_VPN_between_two_routers might help in that case? Never done it myself either tbh.
That seems doable. Just need to get another router. Was thinking of replacing my parents router as well and just get 2 identical routers. Their router is a Linksys WRT310N. What router would you recommend? I'm leaning towards staying with linksys, but would be open to other brands. I don't want to spend too much money on one though. I dont think gigabit is needed as my network is all wired with gigabit switches except for the laptops which dont need gigabit. I'm fine with used or refurbs off ebay too. I wouldn't want to spend more than $40-$50 per router.
For what its worth, I'd say grab another Linksys or a Netgear which can run DD-WRT. Its easier to get the same thing talking to itself... if you take my meaning.
These are the routers I was looking at possibly getting. http://www.ebay.com/ctg/Linksys-E20...=p5877.c0.m299&_sop=15-state-15_bin_qqq_58282 http://www.amazon.com/s/ref=nb_ss?url=search-alias=aps&field-keywords=E3000-RM http://www.ebay.com/ctg/Linksys-WRT...=p5877.c0.m299&_sop=15-state-15_bin_qqq_58282 Obviously the cheaper the better, but I also want one that will work well.
I've never used any frankly, but all three are on the compatibility list: http://www.dd-wrt.com/wiki/index.php/Supported_Devices#Cisco_Linksys_.28Wired.29
I went with the refurbished E2000. We shall see how well it works. If it's good I think I'll replace my parents' WRT310N with one.
