Remote access and VPNs

Nutter helps a reader who wants to learn about setting up a VPN.

I’m interested in learning how to set up a VPN using a cable modem. I’m not an IT professional, but I want to learn. Where’s a good place to start?

– Via the Internet

There are several good places you can go. Several vendors are offering this type of functionality in cable/DSL routers for not much more than the cost of the device without the functionality. MultiTech has extensive documentation on its Web site for its RF550VPN small office/home office router that has VPN functionality. Its online documentation gives several options for connecting things. Other vendors such as SMC, Zyxel and Cisco have this type of functionality at affordable prices. This is a good way to get started. What you will see early on is that each vendor has a different way of setting up its VPN service. You can mix solutions in most cases in which Vendor A is at one location and Vendor B is at another location, but I wouldn’t recommend that until you have a little more experience under your belt.

To connect remotely to your VPN device while at home isn’t much harder. The first thing to check is that your cable modem provider (i.e., ISP) isn’t blocking Protocols 50 and 51, and Port 500. These are all critical to running an IP Security (IPSec) VPN connection. You can also do Layer 2 Tunneling Protocol and Point-to-Point Tunneling Protocol instead of IPSec, but from my experience, IPSec can be the most secure when running the maximum level of encryption and a good key with which to set up the encryption. Assuming your ISP isn’t blocking anything that is going to keep the VPN connection from establishing, you will need to look at the VPN device you’re using to see what type of client software is required to remotely access the VPN device. In some cases, the VPN device you’re using will show you how to use the built-in functionality of Windows 2000 to establish a connection or you may be referred to getting an option such as SSH or a commercially available VPN client to establish the connection.

Once you have the tools in place, you will create some type of user ID on the VPN box to be used in authentication by the remote client. You will then either install the required software or set up the configuration as described by the vendor using items built in to the operating system you have. From your remote workstation, you will first establish a connection to the Internet, then use the additional software to establish a connection to your VPN device on your cable connection. After that’s done, you’ll be able to transfer files, mail, etc. over a private connection without worrying about who is watching you.