New to VPN, seeking advice

Hi,

I'm trying to set up a VPN connection from the corporate network to my home
network. I need to use a VPN connection because company policy does not
allow the use of Remote Desktop. My home network consists of 3 computers
(all XP Pro) sitting behing a Zyxel Prestige 660HW router/firewall with VPN
capabilities, which in turn sits behind a DSL modem.

I've been reading all over the place and I'm still not clear on the
configuration.

The home network is set up as a workgroup. It's set up behind NAT in the
192.168.1.0/24 block. I have a dynamic IP, but I'm using a dynamic DNS
service (which I'll call blablabla.dyndns.org).

The work computer is part of an AD domain, and uses NAT in the 172.16.0.0/12
range. I don't know the firewall setup, nor do I have any sort of access to
it.

In the VPN/IPSec settings of the router, I've set up the following:

Menu 27.1.1 - IPSec Setup

Index #= 1 Name= blablabla.dyndns.org //not real address
Active= No Keep Alive= No //not yet activated
Local ID type= DNS Content= 12345
My IP Addr= 0.0.0.0
Peer ID type= DNS Content= 12345
Secure Gateway Address= blablabla.dyndns.org
Protocol= 0 DNS Server= 0.0.0.0
Local: Addr Type= SUBNET
IP Addr Start= 192.168.1.0 End/Subnet Mask= 255.255.255.0
Port Start= 0 End= N/A
Remote: Addr Type= SUBNET
IP Addr Start= 192.168.2.0 End/Subnet Mask= 255.255.255.0
Port Start= 0 End= N/A
Enable Replay Detection= No
Key Management= IKE
Edit Key Management Setup= No


In the Key Management Setup:

Menu 27.1.1.1 - IKE Setup

Phase 1
Negotiation Mode= Main
PSK= 12345678
Encryption Algorithm= DES
Authentication Algorithm= MD5
SA Life Time (Seconds)= 28800
Key Group= DH1

Phase 2
Active Protocol= ESP
Encryption Algorithm= DES
Authentication Algorithm= SHA1
SA Life Time (Seconds)= 28800
Encapsulation= Tunnel
Perfect Forward Secrecy (PFS)= None


The router manual isn't much help. I'm planning to create the connection
using the XP client from work. I haven't tried it from work yet (will do it
tomorrow), but does anyone see any glaring errors in the above configuration
that might not cause it to work, so that I can change it today while I'm
still home?

I also plan to be traveling quite a bit in the next few months. Would this
work no matter where I am? (of course, if I'm not inside the company's
network, I have a chance of being able to use RDP).

Thanks,
Mike




Mike T.

Mike T. wrote:
> Hi,
>
> I'm trying to set up a VPN connection from the corporate network to my home
> network. I need to use a VPN connection because company policy does not
> allow the use of Remote Desktop. My home network consists of 3 computers
> (all XP Pro) sitting behing a Zyxel Prestige 660HW router/firewall with VPN
> capabilities, which in turn sits behind a DSL modem.
>
> I've been reading all over the place and I'm still not clear on the
> configuration.

Not sure of the capabilities of the Zyxel router but what does VPN
capabilities mean?

Many routers have a VPN pass through but on your home network you will
need some sort of VPN server.

Geoff Lane