On Sun, 24 Feb 2002, Rob Keeling wrote:

I am trying to find some way of configuring VPN on our school system, we have a number of laptops running NT4 workstation, each with internet access via freeserve or similar. The school has a 2mb Broadband connection provided by EMBC, which I know is NAT translated, I have some external (internet) IP addresses which are mapped by EMBC to our internal IP addresses, so our gateway machine has an external address of 10.4.172.250 but is accessible by a real ip address on the internet and has an external DNS entry. I have (tried) reading the VPN howto etc but have got lost in what will do what! what I need to find out is :- What do I need to install on a gateway machine, currently running freesco, but looking at Ipcop at the moment. What do I have to do at the client end (the simpler the better....) Which ports do I need to ask EMBC to open on their firewall for all this to work!

VPN is a broad and often misused term, so before I launch into things you could try I'd like to know exactly what you'd like to achieve. Are you wanting to do one or more of the following: a) allow external access to one or more specific servers, e.g. mail server so that people can retrieve mail from home b) allow file transfer to/from home c) use VNC, RDP, X11 or some other protocol to run a thin-client session on a home computer d) implement a 'real' VPN in which the remote computer becomes part of the same logical network as the LAN. You can do (a), (b) and (c) without necessarily doing (d), although (d) will by definition give you the others. Will EMBC open ports up for you? If not, then you might be interested in using our recently-developed "asbestos" firewall-piercing program. Michael