Internet Sharing in a LAN using VPN

internetvpnwindows-server-2003

I have a Lan with 6 pcs, one of them I used as a server with windows 2003 server.
I want to share Internet between PCs on Lan , using VPN , and just how has valid user on server can access to Internet.
I setup VPN on server, the problem is steel some PCs without using VPN have Internet and I can't control them , I use DHCP and all pcs have IP forom 10.0.0.11 to 10.0.0.100 ( server IP is : 10.0.0.10)and I setup VPN to set IP from 10.0.0.101 to 10.0.0.121

other PCs can access to ftp , pop3 … without using VPN and just browsing web pages need to connect VPN.

What is wrong? how can I manage my Internet usage?

thanks

Best Answer

It sounds like you are looking for a proxy or gateway solution not necessarily a VPN.

If you want to enforce a policy using the 2003 server for Internet traffic you will need to either block all other hosts from the Internet by using your router's configuration tools or setup the 2003 server as a router and connect only it to the Internet. The first method is usually easier to implement but can cause some user confusion.

Depending on your needs you may want to also setup automatic proxy configuration.

I know this answer is somewhat general. I hope I covered it with enough information to get you pointed in the right direction.

Normally VPNs are used to connect hosts and networks privately across public networks. Proxies are used to enforce network policies on traffic crossing a network boundary. Gateways (routers) are used to actually pass traffic across boundaries.

Related Solutions

Manage local network Internet usage

SQUID won't do bandwidth control, but you can use it to see what users have been downloading and to restrict what they can download. See http://www.ratsauce.co.uk/notablog/squid27setup.asp for my setup guide.

Remember you need to use a group policy to configure Internet Explorer to use SQUID as the proxy server.

To answer Ashian's question (this is a bit long to put in a comment):

local_network.txt contains your local network address. Open a command prompt and type ipconfig. You'll see something like:

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   IPv4 Address. . . . . . . . . . . : 192.168.16.128
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.16.254

If the subnet mask is 255.255.255.0 (it usually is) then the network address is the IP address with the last number set to zero. So in the example above it would be 192.168.16.0. In that case local_network.txt needs to contain the one line:

192.168.16.0/24

The default local_network.txt contains "192.168.255.0/24" as an example and you will almost certainly have to change it to match your network. Remember you need to restart the Squid service after making the change. If it still doesn't work post the ouput you get from ipconfig here.

Connect PCs on LAN to internet (using RRAS)

You need to get your win2k box (3.) to do Network Address Translation with RRAS. It is possible, but painful.

I would personally either replace 3b with a DSL modem that will terminate & NAT the connection, or upgrade 3. to Windows Server 2003, which does allow NAT without so much pain.

Best Answer

Related Solutions

Manage local network Internet usage

Connect PCs on LAN to internet (using RRAS)

Related Topic