I've been using LogMeIn Hamachi for a while for personal use and recently I started to wonder how to (and if at all) implement it as full blown VPN solution for my multiple clients.
Those are usually small companies ranging from 5 to 60 people having Active Directory / Exchange / SharePoint and alike. Some of them have static IP's but crappy router or multiple locations where only main location has AD server and rest is kind cut off from the main location. This brings a lot of problems with Active Directory, passwords etc which I think LogMein Hamachi could solve as it would be connected to company at all times, with it's ability to create special types of network that limit users to be able to access only particular servers (depending on group). No need for user to do anything out of ordinary, do anything special. Just plug & play. Sounds Great!
What do you think about it? Is it secure, reliable solution ? What are possible drawbacks? Would you do it for small companies like the ones I support? As additional note I wanted to run multiple companies on same account to split the costs (200$/year isn't the cheapest for small 5-10 people company) but considering I can create special/separate networks I don't consider this to be security risk for any of those companies (or should I worry?).
I've been trying to set it up with my domain controller and my machine but I'm hitting some problems as I set DNS on my Hamachi IP and my Domain Controller (currently having 2 IP Addresses) seems to respond properly just it's returning internal IP address names instead of Hamachi IP addresses which causes some problems to access resources. Any advice on that would be additonally appreciated.
As a side note I've been using LogMeIn Free for years and it's been a blessing.
Best Answer
I'd say it's worth a shot, though as https://serverfault.com/users/984/zoredache is mentioning, you may want to look at alternatives.
That said, Hamachi is probably significantly easier to get going with and maintain since you already have experience using it.
You'd definitely want several networks and to plan out which computers should be able to access which in advance.
The easiest approach may be to use the Gateway model, though. I use that personally, and that way I only need to connect to the gateway. I can then talk to other computers on the network as well, even if I'm not connected to them via Hamachi.
I don't recommend using a Hamachi IP as your DNS server, though. I've never done it, but it just sets off warning bells (which may or may not be valid) in me.
Finally, just make sure Hamachi's licensing doesn't say anything about using one account for several clients...since it'd cause trouble for your clients if they suspended your account for a violation! Not saying this is one - just saying to check and not rely on us for an authoritative answer.
You probably also want to talk to Hamachi's sales team or something since I'm sure they get these questions all the time. Take their answers with a grain of salt, obviously :)