10.10 Using Remote Access as a Single User
An individual user can install VPN Server at home to enable access to
their home LAN from a remote location. This section will focus on using
VPN Server for use as a single user.
10.10.1 Dangers of the Internet and the Need for VPN
The Internet is full of individuals and groups that will attempt to
commit illegal acts such as data theft or data manipulation. Many
different groups manage the networks that data travels through on the
Internet. This means that data could be passed through un-encrypted and
leaked at any time.
By using PacketiX VPN even a single user can easily set up a VPN
network. They can then easily perform TCP/IP communications such as
transferring files or using a remote desktop application through the VPN
directly to their home network safely and securely.
10.10.2 Installing the VPN Server at Home
If you have a global IP address at home you can simply install VPN
Server on your home computer, then use VPN Client to connect to it
through the Internet at a remote location.
10.10.3 Assigning IP Addresses and the DDNS Service
When setting up VPN Server at your home some extra configuration will
be required depending on your home network environment (where you
receive an IP address assigned by an ISP).
- If your home network is assigned a global static IP address then
you can install VPN Server under that IP address and set it to
accept connections from the Internet.
- If your home network is assigned a dynamic global IP address
(one that changes every time you connect to your ISP) then you will
be unable to reliably connect to your VPN remotely. In this case you
can use the dynamic DNS service (DDNS service) which will allow you
to have a consistent domain name (hostname) that your dynamic IP
address will be registered to. You can then access your VPN remotely
through VPN Client by entering that hostname. This type of DDNS
service is available on the Internet for free, or for a nominal fee.
- If your home network is assigned a private IP address (which is
converted into a global IP address by the ISP's NAT) then
unfortunately you will not be able to access your VPN Server at home
from the Internet. The only solution in this situation is to either
change ISPs or consult with your ISP's system administrator.
10.10.4 Adjusting Settings For Broadband Routers or Other Networking
Hardware
If your home network has a broadband router with NAT enabled and the
computer you plan on installing VPN Server to is behind that NAT you
will not be able to access it directly from the Internet. In this case
you will have to configure your NAT settings and use static port
mapping, port forwarding, or DMZ to map traffic to a port on your VPN
Server computer when a request is made to access it from the Internet.
This will allow you to successfully connect to your VPN Server from the
Internet.
Please refer to your broadband router's instruction manual for
details on how to configure these settings.
10.10.5 Determining the Necessity of Local Bridging
Whether or not you will have to use local bridging on the computer
you install VPN Server to depends on the type of VPN you want to set up.
For example, what if you only want to access shared files on a single
computer from a remote location, or make a remote desktop connection? In
this case there is no need to enable local bridging to connect the
Virtual HUB to the physical LAN. You can simply install VPN Client to
the computer you installed VPN Server to and have it stay connected to
itself (localhost). If you then make a connection to that VPN Server
remotely you will be able to communicate with it through its Virtual
Network Adapter. If you want to use this method to communicate with a
single computer only, you just need to install VPN Server to that
computer. Local bridging is not necessary.
If you wish to access all computers on your home network remotely
(like the remote access VPN described in section 「10.4 Setting Up a Generic Remote Access VPN」) you will need
to utilize local bridging as described in detail in section 「10.4.2 Using Local Bridging」.
10.10.6 Accessing Your Home Network From a Remote Network Safely
Once you have VPN Server installed and properly configured try and
connect to through VPN Client from a remote network such as a free
wireless access point or a hotel's Internet connection when on a
business trip.
If the remote network you will be connecting from routes its traffic
through a firewall or proxy server we recommend you set the VPN Server's
listener port to Port 443 (the port used for HTTPS
communication). Most HTTP proxy servers or firewalls will allow TCP/IP
traffic directed to port 443 pass through.
If you want to use VPN Client on your company's network to access
your home network but VPN usage is restricted, you should consult with
your network's system administrator beforehand.
10.10.7 Using Electronic Devices that can only Communicate over the
same Network
Some types of digital home electronics can only communicate over a
local network (the same layer 2 Ethernet segment). For example, a video
capture board with a TV tuner may contain software that allows you to
watch TV over the network. However, both the client and server must be
connected to the same network for this to work. Other examples include
HD recorders or DVD recorders that allow the transfer of video only over
the same local network.
By using PacketiX VPN you can set up a remote access VPN or
LAN-to-LAN VPN and access these types of devices from a remote location
over the Internet as if you were directly connected to your network from
home.
|