IPSec VPN into XP Pro

  • Thread starter Thread starter TC
  • Start date Start date
T

TC

Hey,

I need to set up a fully encrypted authentication, outside channels,etc.
tunnel from my laptop (XP Pro) to the XP Desktop.

I can setup a basic VPN and connect but it isn't secure. Can someone
help?

Also, what port do I need to open in my router?

Thank you,

TC
 
AFAIK, and I certainly could be wrong about this, but XP can't act as an IPSec server...Others can
speak to that issue.

You can, however, setup a PPTP VPN tunnel...

http://www.onecomputerguy.com/networking/xp_vpn_server.htm
http://www.onecomputerguy.com/networking/xp_vpn.htm

In the case of PPTP VPN you need to forward TCP Port 1723 and enable GRE Protocol 47 traffic through
any firewall/NAT/router at the server end to the private LAN IP of the PPTP VPN server. The later is
sometimes called "PPTP Pass Through" or "VPN Pass Through" on consumer grade routers...

Another alternative may be a SSH tunnel. I do that into my home LAN and use either Remote
Desktop/UltraVNC to access my XP Pro/Home desktops or WinSCP to transfer files to/from the home LAN
from a remote location... The SSH tunnel is encrypted end-to-end and is very easy to setup and use,
particularly for a home user.

http://theillustratednetwork.mvps.org/RemoteDesktop/SSH-RDP-VNC/RemoteDesktopVNCandSSH.html

In the case of SSH you need to forward TCP Port 22 through the firewall/NAT/router to the SSH
server's private LAN IP address.

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...
 
My main need is a SECURE tunnel (including athentication, side channels
etc). Also the use of my XP pro Desktop as a remote gateway for my laptop.
So that all traffic get routed though the secure tunnel.
i'm not totally familar with SSH. I know it as a secure telnet. I wasn't
away of it being able to do a tunnel. What other information can you give
me?

Thank you,

TC
 
XP can act as an IPSEC server.. It can't do NAT-T, though.. Thus you
must have static IP's and use the fullblown L2TP, which is much more
difficult to use...
---
Jeffrey Randow (Network MVP)

Remote Networking Technology FAQ -
http://www.remotenetworktechnology.com
My Networking Blog: http://www.networkblog.net
MS Network Community -
http://www.microsoft.com/windowsserver2003/community/centers/networking/default.mspx
MS Home Networking Community -
http://www.microsoft.com/windowsxp/expertzone/communities/wireless.mspx
 
SSH generally is used for setting up a secure shell. However, you can
tunnel and set up secure redirections via command line.

How is PPTP not secure, though? It is encrypted and all
communications between the computer is encapsulated in the tunnel..
---
Jeffrey Randow (Network MVP)

Remote Networking Technology FAQ -
http://www.remotenetworktechnology.com
My Networking Blog: http://www.networkblog.net
MS Network Community -
http://www.microsoft.com/windowsserver2003/community/centers/networking/default.mspx
MS Home Networking Community -
http://www.microsoft.com/windowsxp/expertzone/communities/wireless.mspx
 
Thanks...

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...
 
In addition...

This page has more information concerning the XP VPN...

http://www.microsoft.com/windowsxp/home/using/productdoc/en/conn_vpn.asp

As far as SSH is concerned, I just think its a whole lot easier for home users like myself to setup
and use a SSH connection into my home LAN versus the VPN route. This is based on my experience with
a few consumer grade routers and the problems encountered getting a PPTP tunnel through them...

Here is probably more information about SSH than anybody in their right mind would want to know...

http://www.ietf.org/html.charters/secsh-charter.html
http://www.employees.org/~satch/ssh/faq/ssh-faq.html

There are also VPN end-point routers that some folks use. My brother, for example, has a Linksys
BEFVP41. In his case he has a VPN tunnel between his home and his office so he can do after hours
support tasks...

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...
 
Yep.. I use SSH all the time - but not for tunneling on XP machines
(due to the complications by loopback + the fact that it isn't
portable - meaning I must install client software on a different
machine in order to connect).

I use the WRT54G with the Sveasoft firmware to our office "public"
network. It has a built in VPN engine...
---
Jeffrey Randow (Network MVP)

Remote Networking Technology FAQ -
http://www.remotenetworktechnology.com
My Networking Blog: http://www.networkblog.net
MS Network Community -
http://www.microsoft.com/windowsserver2003/community/centers/networking/default.mspx
MS Home Networking Community -
http://www.microsoft.com/windowsxp/expertzone/communities/wireless.mspx
 
Back
Top