I'm quite new to networking and am trying to set up my first VPN connection.
The Situation:
I have been contracted for some programming at a facility some distance from my location. I would like to be able to set up a simple VPN connection to their network so that I may make adjustments without significant travel.
Their Current Network:
Six devices (one I need to connect to) plugged into a basic router (Dlink). This router has an internet connection and a static ip address.
My Hopeful (questionable) Proposal:
I attach a VPN Firewall I happen to own (Netgear FVS318) as device number seven on the client network. I disable routing / DHCP in the Netgear. I forward the appropriate IPSec ports from the Dlink to the Netgear. I then create a VPN connection on my office Windows 7 machine to the remote network. The request is forwarded from the Dlink to the Netgear where the VPN connection is authenticated. I now have a remote-access connection from my office PC to the client's local network.
The Question:
Will this proposal work? If not, would another possibility be to attach a computer with a VPN server to the client network?
Also, as a note: the client has requested I not replace their router or place mine in-between theirs and the internet 🙁
Thanks very much!
Updates:
2012-06-04-0844:
Been trying to test proposed setup with no success. Not yet sure if problem is with network organization or connection configuration.
2012-06-04-1240:
I can access the Dlink network when I do one of the following:
- Place the Netgear VPN between the internet and Dlink (although this is NOT allowed by client)
- Attach a computer running a VPN server to the Dlink network
I cannot, however, create a VPN tunnel when just using the Netgear VPN firewall as another device on the Dlink network.
This leads me to a tentative answer of "No, attaching a VPN firewall to an existing network does not seem to be enough to create a remote-access VPN."
2012-06-04-1617 (final update):
Thanks @MikeAWood ! My proposed setup will not work as desired because the Netgear is designed to tunnel from the WAN to LAN. I instead implemented a solution by connecting an additional PC (with a VPN server) to the Dlink network.
Best Answer
The issue will be that the netgear will assume that you are connecting to its WAN interface and VPNing to his LAN interface. In order to accomplish what you are trying to do, you will need to put the netgear beween the internet an the dlink or the dlink and the network. Or simply replace the dlink with the netgear.
The more complicated explanation is that the VPN tunnel is created on the LAN side of the router. But the IPSec part of the communications tunnel is expected to originate from the WAn side of the router. So it is unable to create a tunnel on the same network it is trying to connect to.