Odd Network Setup Question

March 22, 2010 at 21:57:48
Specs: Windows XP Pro, Not Important
Ok, I'm a bit of a security nut, and I have an internet setup that involves me pulling internet from the city public wifi network. I have one computer that I want to be visible on this network, and it is the first in my diagram. I don't want someone to be able to sniff my packets going out on the network, so I have the VPN. I want to share that VPN with everything else in my house, thus the ethernet card with connection sharing. Again, I don't want my other computers to be visible on the network, so I have the router changing the IP range.

I ask only because the VPN sharing isn't working quite right, and it has been a while since I worked with any networking setup...

How can I get this to work...

A Diagram.

And apparently this board doesn't support BBCode or html, here.

And it that diagram it shows my shared internet connection from my computer is 192.168.0.1, I only have that because it's window's default for internet sharing. I really don't care what that is, because it's going to be changed at the router anyway.


See More: Odd Network Setup Question

Report •


#1
March 22, 2010 at 22:18:29
If you connect the WAN port of the router to the computer connected to the city's Wi-Fi, it doesn't matter what IP addresses or subnet you use, the computer connected to that router won't be visible on the city's network because the router will be doing NAT between the WAN port and all of the computers on your LAN.

Also, I don't get the point of your VPN, as it only encrypts the data traveling from your LAN computers, to the computer on the WAN side of the router. All of your computers are still going to be sending data through the computer connected to the city's Wi-Fi, and this will be unencrypted. Plus, the VPN setup is almost circular in nature based on the way you have it setup, so not only will it not add an security, but it just plain won't work.

-Ryan Adams

Free Computer Tips and more:http://RyanTAdams.com
Paid Tech Support: Black Diamond


Report •

#2
March 22, 2010 at 22:26:09
The VPN is actually on the WAN side of the router, thus encrypting all data from that computer going out to the internet. I'm trying to get this to include all data within the network going out to the internet, but that's where I'm having issues.

But thanks for clearing up the other half of my question.


Report •

#3
March 22, 2010 at 22:54:02
I don't understand the VPN setup either.

The WAN side of the router?? The tunnel endpoint is at the router? So you have a VPN tunnel on the edge computer that only goes to the edge router??

Unless you're connecting to another site, your VPN will do nothing - you can't encrypt the outgoing traffic if the receiving host isn't setup to decrypt the traffic - where does the VPN terminate?


Report •

Related Solutions

#4
March 22, 2010 at 23:06:59
I'll just start over with the whole VPN thing.

The VPN is in the computer connected directly to the WAN network. The VPN connects to another site and terminates there.

I want to share this VPN connection through that computer's ethernet card, to the router, and subsequently to the rest of my network. This way all internet bound traffic, within my network, travels through the VPN.

I also want to be able to access the computer running the VPN from within my network.


Report •

#5
March 23, 2010 at 05:40:11
So now we know you actually have two VPN endpoints with an encrypted tunnel between them. This would have been good information to include on your very first post.

I want to share this VPN connection through that computer's ethernet card, to the router, and subsequently to the rest of my network. This way all internet bound traffic, within my network, travels through the VPN.

Considering your setup I would guess that your traffic leaves the tunnel (ie: becomes unencrypted) at the other end and from there goes out onto the internet? Is this correct? If yes then you already have all your traffic going out through the VPN.

I also want to be able to access the computer running the VPN from within my network.

I'm guessing that PC is located inside your house. Is there something stopping you from sitting down at it's keyboard and logging into it?

If the internet interface of that compute is on the same subnet of your LAN then you should be able to access it. If it's on a different subnet, then you won't be able to access it unless you have a router between it and your LAN with a route between the two separate subnets.



Report •

#6
March 23, 2010 at 10:51:22
So, you're saying that if I just share the VPN connection, it will work?

And what's stopping me from sitting down at the computer is that it will be located in my attic, so I'm logging in via Remote Desktop.


Report •

#7
March 24, 2010 at 07:23:58
So, you're saying that if I just share the VPN connection, it will work?

Technically speaking, yes. If I had created the VPN, I would have used a device capable of creating a VPN endpoint be it a SOHO router or a VPN device. In the first case, I would have a all clients plugged into it's LAN ports (or a switch which in turn was plugged into the LAN port on the SOHO Router) so they could all use the VPN as well.

In the second case, the VPN device would plug into a switch and then all clients could access it.

And what's stopping me from sitting down at the computer is that it will be located in my attic, so I'm logging in via Remote Desktop.

Nothing like locating your equipment in a convenient place! If you can't get to it physically then you'll need to put a router between your LAN and that unit because they're on different subnets and can't communicate without a route between them.


Report •


Ask Question