• February 24, 2025, 07:17:17 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: Just setup VPN on DFL-800 - questions  (Read 6651 times)

unnamedplayer

  • Level 1 Member
  • *
  • Posts: 13
Just setup VPN on DFL-800 - questions
« on: January 29, 2010, 05:47:18 PM »
OK, so I finally implemented a VPN!

I followed the FAQ "How do I add a L2TP over IPSec Server using PSK and Local User Authentication?" at http://www.dlink.com/support/faqDetail/?prod_id=3248&print=1 and it was pretty painless, but I have a few questions.

Mainly, how secure is this? I ask because when setting up the VPN on the router, specifically configuring the User Authentication Rule, the FAQ said under the PPP Agent Options to Allow Unauthenticated Users, Unencrypted Password (PAP).

Also, to setup the client I used the FAQ "How do I configure my Windows Vista & Windows 7 computer to connect to a L2TP over IPsec Tunnel on my DFL series firewall?" at http://www.dlink.com/support/faqDetail/?prod_id=3250&print=1

On the advanced Security settings of the VPN connection properties it says to allow Unencrypted Password (PAP) and CHAP. Which when I do I get a warning that if one of these protocols is negotiated, data encryption will not occur.

As you can tell I am a newb with VPN stuff, so any help would be appreciated. I have a client who will need remote access to the network and want to make sure I've taken the appropriate precautions to keep things secure.

Thanks!
Logged

Fatman

  • Level 9 Member
  • ****
  • Posts: 1675
Re: Just setup VPN on DFL-800 - questions
« Reply #1 on: February 01, 2010, 10:40:35 AM »
It is as secure as any PSK IPsec implementation.  The reason the documents had you use unencrypted L2TP modes is because that traffic is being tunnelled inside of a IPsec Tunnel that is encrypted, as such the L2TP encryption (which is less secure) is redundant.
Logged
non progredi est regredi

unnamedplayer

  • Level 1 Member
  • *
  • Posts: 13
Re: Just setup VPN on DFL-800 - questions
« Reply #2 on: February 01, 2010, 06:34:23 PM »
Ah, thanks Fatman.

Another question, it seems (and I may have to do more testing but I don't have my laptop here to try) that if I was connected from my home desktop to one of my servers via Remote Desktop and then I VPN in on my laptop, that I would lose my connection on my desktop.

Does that sound right? Is there any way I can fix that?

Thanks!
Logged

danilovav

  • Level 4 Member
  • ****
  • Posts: 424
  • Alexandr Danilov
Re: Just setup VPN on DFL-800 - questions
« Reply #3 on: February 01, 2010, 08:14:06 PM »
Do you have remote gateway on VPN enabled? Seems yes.
Logged
BR, Alexandr Danilov

Fatman

  • Level 9 Member
  • ****
  • Posts: 1675
Re: Just setup VPN on DFL-800 - questions
« Reply #4 on: February 03, 2010, 08:29:41 AM »
There are not nearly enough details there to give a good suggestion, and I don't want to work from assumptions.  Where are the desktop and laptop in relation to each other?  Chere is the server?  Where is the VPN connection to?  In other words I would need more information about what networks (and potential NAT devices) are all these devices on.
Logged
non progredi est regredi