VPN: Two clients on home network connecting to same remote server

Kalith · 6 Jan 2011 at 00:47

Hi,

As the title says I have two computers at home and when I establish a VPN connection from one to the VPN server at the place I work everything is fine. When the second computer tries it can't connect.

Now I've checked my routers specs and it seems my router can only handle one tunnel at a time. The question is, will a router that can handle more than one tunnel be enough to make this work?

I've had some people say it would work and I've had some people say it wouldn't unless the tunnels were going to different VPN servers. Have tried searching around on Google but can't find an example exactly the same, or not one that I could understand the technical speak in anyway.

Someone from work said that I could create a single connection from the router itself instead of a connection from each computer, but I'm not sure if that makes sense/would work or how you would go about doing that.

Anyone have any knowledge on the subject?

Cheers,
-K

ncjok · 6 Jan 2011 at 01:02

For OpenVPN, which is the only framework I'm familiar with, then it wouldn't be that your router 'can only handle one tunnel' but that you are only able to forward the appropriate port to one LAN device.

You haven't mentioned anything about the home router or OSes you use.

If your router cannot act as a VPN endpoint then one trivial solution would be two server instances on different ports; this would allow two NATed clients to establish connectivity.

Sp00n · 6 Jan 2011 at 10:06

Setting up a point-to-point (Ipsec) connection would probably be the best solution, what hardware are you using?

Skidilliplop · 6 Jan 2011 at 11:52

Most elegant would be to use the Router at home as a VPN endpoint. However this might not be possible or practicable.
You could always use the one PC to VPN in, and then configure static routes on the other to reach the remote network that point to the PC that has a working VPN tunnel. Provided the PC is set to allow other PCs to connect through it and the source filter on the tunnel includes the IP address of the second machine this should work.
Possible failure points with this would be if the subnet at home overlaps with one of the ones you need it to reach at work. Possibly avoidable using NAT via ICS, but that's got the potential to get messy.
This also requires both PCs to be up for the non-VPN PC to connect.

Kalith · 6 Jan 2011 at 15:10

If I remember correctly I'm currently using a Netgear DG834 (need to double check) at home, wired version. Running Win 7 x64 on each computer.

It seems a router which can act as a VPN endpoint is the way to go. Is this what is used to create the point-to-point connection you mentioned Sp00n?

I'm currently looking to upgrade to a wireless router to use with a new laptop I've purchased and I've noticed VPN endpoint and Ipsec mentioned in the specifications of some. If I aim for a router with these capabilities would I be on the right track?

Skidilliplop · 6 Jan 2011 at 16:09

Yup. You can go for off the shelf ones or some of the linksys ones that support tomato, as most recent flavours of tomato support IPSEC VPN.

Kalith · 7 Jan 2011 at 11:45

I've done some digging around and think I may have found a good one.

DIR-655 XTREME N GIGABIT ROUTE

http://www.dlink.com/products/?pid=530&sec=1

"Secure Multiple/Concurrent Sessions - The DIR-655 can pass through VPN sessions. It supports multiple and concurrent IPSec and PPTP sessions, so users behind the DIR-655 can securely access corporate networks."

I read this in the specification and it seems this will do exactly what I need. It doesn't seem to be a VPN endpoint, which is a shame as it would be good to be able to connect to my home network from anywhere, but they are a bit more expensive.