WinGate Forums

[DaNCeT]

I've good a question for you guys, might become a pretty long explanation, but here we go:

I need to connect two business offices LAN's with eachother with a VPN. I've been looking into several options on how to do it, but I don't know exactly which option suits my needs the best. I'm currently looking at the Wingate VPN option, but I'm unsure on how to configure it exactly.

But allow me first to explain the current situation:

SITE A:

Consists of 3 pc's (A1-3):
A1 is the main workstation, including OS and programs only.

A2 one is a reserve desktop, with OS and programs, but also functions as a fileserver (has a RAID setup). But runs also a Filemaker database.

A3 is an old PIII, running Wingate (older version), and serves as the main LAN gateway and DHCP server.

One and two run on Win XP Pro, Third one runs on Windows 2000.

Connections are made like this:
Internet is connected to A3, and from there a cable goes to a small switch. From there, one cable goes to A2, the server, and one cable to a Linksys Wireless G Acces Point (no router, just access point only).

There's also a Fourth PC L1, a laptop running XP, just OS and programs on it.

This network is all setup allready, could be tweaked if needed, but preferably nothing should change here.

Now, to site B:

First of all, nothing is setup yet here. Atm, it's just one pc directly connected to the internet.

But, as said, things need to be changed:
We need two dsktops here (B1 and B2), both will have just XP and programs on them. And, the laptop from site A has to be able to function here as well.

But, is has to be made all wireless. So either B1 will need to be configured as internet gateway, sharing his connection with an extra Linksys Access Point, so B2 and L1 can access the internet wireless. Or, we could buy a Wireless G ROUTER and make all internal connections wireless.

Site C:
one desktop with XP, that should be able to connect to the fileserver and database through a VPN Client.

What needs to be achieved:
ALL PC's need to be able to access the fileserver and the Filemaker database on A2.

Questions:
* If a choose to go with Wingate VPN, what should I do? Install a VPN server on A2 and B1, and a VPN client on all others?
* Will I be able to route or forward the VPN through the Wireless G access points?
* What performance can I expect for using the Filemaker database when using it from B or C?
* Is it even needed to set up a second gateway at B1, if I intend to use it mainly in one way, meaning I only need all other mentioned pc's to connect to the A2 server?
* How many licenses for Wingate VPN do I need? For each mentioned pc 1?

Also, if someone has a better idea on how to set up all this up, please help me out...

Grtz

Bart Dens

PS: sry for my grammar, I'm from Belgium...

[genie]

You will need to install Wingate VPN on all three sites - one of them will be a server (on Site A, A3 computer, for example). Performance-wise - expect to see a performance drop due to higher network traffic volume and additional processing of secure tunnel.

In short, the best way to assess the setup is to install the trial version of Wingate VPN on all three sites and check if performance is acceptable for your applications to run properly.

[DaNCeT]

On a sidenote, I seem to have a bigger problem. As I understand, Wingate VPN works over port 809. Now the problem is, my ISP blocks all ports below 1024. On their site, this all info I can get:

Supported protocols:
7 (GRE)
50 (ESP)
51 (AH)
57 (SKIP)
94 (IPIP)
115 (L2TP

Supported ports:
22 (SSH)
256,259,264 (SecuRemote),
500 (ISAKMP),
614 (SSLshell)

Allthough they claim to support VPN servers and clients for my particular package, there's no sign whatsoever for port 809.

Now my question is, can I change the port the VPN server should be running on, or is this impossible? Any other way around this?

[Roderick]

You can use any port you wish but make sure all sites use the same port. If you wish to still use port 809, you could ask your ISP to open it up for you.

[DaNCeT]

You can use any port you wish but make sure all sites use the same port. If you wish to still use port 809, you could ask your ISP to open it up for you.

Thx, couldn't find any info on this subject on the available documentation here.

Anyway, tomorrow I'm gonna install the demo on two of the three sites, and gonna play a bit with settings, etc. Knowing Wingate from the past, I hope this will be one more succesfull story...