Slashdot Mirror

← Back to Stories (view on slashdot.org)

Multi-State Family Networking?

Posted by ryuzaki0 on from the would-that-then-make-it-a-FWAN dept.

Valley Redneck asks: "The last few members of my extended family just entered the 20th century and went to broadband. Now that we're all on-line with small home LANs in place, we'd like to start sharing stuff via a VPN. The only problem is I'm the only marginally tech savvy one in the bunch, and I'd rather not have to hop a plane to configure everyone's box. Any recommendations for a broadband router that supports VPN to use on the mother-ship network that will play nice with all versions of Windows XP SP 2 (Pro, Home and Media Center) and its VPN client?"

14 of 71 comments (clear)

  1. Do it in software by Cyberglich · · Score: 5, Informative

    Hardware can be trickey use software Hamachi is a very easy to use very powerfull very secure and it supports windows mac and linux. www.hamachi.cc

  2. hamachi by schwal · · Score: 4, Informative

    just install, and give em a password to your network. even has chat.

    --
    -schwal "Hanging is too good for punners, they should be drawn and quoted"
  3. Cool. But why? by peacefinder · · Score: 3, Informative

    You may not need to bother with hardware VPN devices. There are some reasonable software solutions that can run right on the endpoint computers.

    I've heard good things about Hamachi, but I haven't used it myself. I have used OpenVPN, and I love it. It's pretty simple to set up, even using certificate-based authentication and encryption. You can have everyone download and install it themselves, then you can send them configuration files.

    Before you do all this, though, there's an important question to ask: Is a VPN worth the additional risks? If all the machines are in a pseudo-local network over the VPN and someone gets a worm, you could all go down together. Unless you're planning to do something which actually requires pseudo-local network access, you might be better off to make whatever you're planning to do be web-based.

    --
    With reasonable men I will reason; with humane men I will plead; but to tyrants I will give no quarter. -- William Lloyd
    1. Re:Cool. But why? by ckulpa · · Score: 3, Informative

      Check out the Security Now Podcast or transcript http://www.grc.com/securitynow.htm http://www.grc.com/sn/SN-018.htm Episode 18 and 19 is about Hamachi.

  4. Use.. by hapoo · · Score: 2, Interesting

    The Linksys 54g with sveasoft firmware. Its easy, fast and you can setup and ship the routers out to whomever you wish.

    1. Re:Use.. by wolrahnaes · · Score: 3, Informative

      gah, no sveasoft!

      We've been through this quite a few times here, but for the benefit of those who missed the great Sveasoft debates, here's a quick summary:

      1. Linksys releases GPL code for WRT54G routers
      2. People start modifying this code
      3. Sveasoft forms a community around a particulat "distro"
      4. Sveasoft starts charging
      5. Sveasoft gets pissed that people are exercising their legal right to share the GPLed software for free
      6. Sveasoft cuts back on source releases, bans anyone who even mentions the GPL on their forums
      7. Sveasoft stops source releases entirely for "test" versions (a.k.a. current, release is the old outdated version)
      8. DD-WRT project starts as fork of last Sveasoft source releases
      9. Sveasoft threatens DD-WRT, calls it a ripoff of their product
      10. DD-WRT developers and community collectively laugh, continue developing and releasing both binaries and source regularly
      11. Sveasoft crawls back in to a hole

      Basically, don't use Sveasoft, and definately don't pay for it. They are repeat GPL violators and do not in any way support the WRT community. Use HyperWRT for basic features, DD-WRT for a fully-featured mega-distro, and OpenWRT for a top-end complete custom build.

      Personally, I run DD-WRT v23 SP1 VoIP edition, and it does an excellent job of both connecting my Xbox to XLink Kai and handling QoS for my IP phones, not to mention all the neat wireless tricks.

      --
      I used to get high on life, but I developed a tolerance. Now I need something stronger.
  5. openvpn? by dead.phoenix.616 · · Score: 2, Informative

    Hi,

    not sure exactly if you want to go the hardware way,
    and not sure if what I mention meets your criteria,
    but if you can set up a single linux box as a router
    some place, that box can run openvpn (server) while
    each client can hook up to it with the openvpn client
    software (windoze client too ;)
    trivial to set up:
    http://www.openvpn.org/

    cheers,

    j

    --
    GUI == Graphical User Interference
    1. Re:openvpn? by karnal · · Score: 2, Informative

      That should be http://www.openvpn.net/.net, not .org....

      --
      Karnal
  6. Smoothwall, mayhaps? by elwin_windleaf · · Score: 2, Informative

    I haven't used it in a while, but have you investigated Smoothwall linux? It's a linux distribution converts old PCs into very network-capable routers. Not only that, but it's manageable through web and SSH (I believe).

    One of the reasons it came to mind is that it supports VPN connections between routers (again, I believe; haven't worked with it in a while). If you've got some spare PCs lying around (usually a prerequisite to reading Slashdot), this might be a great way to get your family networked for free while cleaning out the basement.

  7. VPN Routers by tji · · Score: 2, Interesting

    Set them up with routers that also do IPSec. This gives them a firewall layer, and allows VPN among the sites (and, potentially client VPN remote access into the sites).

    I put a Linksys WRV54G at my parents home for just this sort of thing. Although it took a pretty good amount of tweaking to get everything right, it works well now. It provides NAT firewall service for their network, wireless access for their home, and VPN remote access for me (so I can VNC into their system to provide tech support).

    If you have a bigger budget, a cheap sonicwall, netscreen, or Check Point gateway might offer better usability and more features. The Check Point Safe@Office 500W looks like a good candidate.

  8. Just entered the 20th century?? by imperious_rex · · Score: 3, Funny

    The last few members of my extended family just entered the 20th century and went to broadband.
    I'm confused. Is this the 21st century, or are your kin time travelers?

  9. What is the itch this scratches? by patio11 · · Score: 2, Insightful

    If you're just sharing files, there is no reason to go with the hassle and expense of setting up a VPN, with its associated security risks. There are any number of options which will work just as well, from using AIM, a traditional file-transfer application, or any number of web services (available free or cheap at your option). Sure, "drag and drop directly in the Windows interface" is an awfully nice feature when you're talking about Mom's digital camera stuff, but there are a few services that even replicate this feature (I once used one which did it via ActiveX control, but don't remember the name -- there are probably a gazillion though).

    --
    Help poke pirates in the eyepatch, arr.
  10. Froget VPN - Go Web by pjay_dml · · Score: 4, Insightful

    If you're the only one with technical expertise, then forget VPN completely, and think about a web based solution. Just set up a site, that only family members have access to, and provide them with web apps that fulfill your "sharing needs" (e.g. Galleria for displaying and sharing photos).

    Though, no matter what you will do, I can garentee you "support-headaches", I know from experience ...

  11. OpenVPN by shish · · Score: 2, Informative
    I seem many people recommending hamachi; while OK, I prefer openvpn -- it works much nicer cross platform (the linux version seems half assed compared to the windows, whereas ovpn is exactly the same everywhere), it doesn't have an external company as a single point of failure, it's more configurable, and generally feels more solid.

    Its main downside is that it's designed server-client with you being the server, so you become the single point of failure, as well as having to act as proxy for all network traffic -- AFAIK hamachi only uses the central server to start connections, and runs p2p from then on.

    --
    I mod down anyone who says "I will be modded down for this", regardless of the rest of their comment