Help! Cannot Work Out Windows VPN Server Problems.

[Helloman]

Hi,

I have a VPN I am running out of Windows 7 at home so I can access my iTunes Library which is on a network drive. I am using Windows built in ability to be a VPN server with PPTP. However when I connect remotely I only have several seconds where I have functional internet connectivity. After that the VPN is still "connected" but is 100% useless. I also don't even see network drives, although I should be because the host computer is connected to them. Any ideas? I really need help with this one.

[ShaithEatery]

Not sure what you mean by useless, but one thing to check on would be your network settings for your VPN configuration and make sure you're not using the remote gateway for all traffic.  This could bog you down and cause issues, goto your VPN connection and goto properties-networking-select TCP/IPv4 and click properties-Advanced.  Make sure "Use default gateway on remote network" is unchecked and see if that helps.

[Helloman]

Not sure what you mean by useless, but one thing to check on would be your network settings for your VPN configuration and make sure you're not using the remote gateway for all traffic.  This could bog you down and cause issues, goto your VPN connection and goto properties-networking-select TCP/IPv4 and click properties-Advanced.  Make sure "Use default gateway on remote network" is unchecked and see if that helps.

My bad. Unless meaning my computer is sending packets but receiving none, so it seems like my computer at home running the server just times out after a couple seconds. i would assume that computer is the source of the problem, but I could be wrong. 

[Eniqmatic]

You do realise PPTP has been compromised for a while now and is no longer secure?

[Helloman]

You do realise PPTP has been compromised for a while now and is no longer secure?

Can't say I did, but it seems to me someone would have to have an idea of what they were going for to sit down and break a 128 bit key. Brute force won't work for that. 

[Eniqmatic]

Can't say I did, but it seems to me someone would have to have an idea of what they were going for to sit down and break a 128 bit key. Brute force won't work for that. 

Do a quick search - loads of information out there and not hard to do. 128bit can be brute forced, look what happened to WEP.

[dalekphalm]

Can't say I did, but it seems to me someone would have to have an idea of what they were going for to sit down and break a 128 bit key. Brute force won't work for that. 

The point he's trying to make is that PPTP is a completely insecure encryption format now. Hackers have already dissected it and figured out how to crack/slice/splice their way into a PPTP connection in a matter of minutes - without brute forcing it at all.

 

As @Eniqmatic mentions, exactly like WEP wireless encryption. You can download utilities off Google that will crack a WEP network in seconds.

[Helloman]

The point he's trying to make is that PPTP is a completely insecure encryption format now. Hackers have already dissected it and figured out how to crack/slice/splice their way into a PPTP connection in a matter of minutes - without brute forcing it at all.

 

As @Eniqmatic mentions, exactly like WEP wireless encryption. You can download utilities off Google that will crack a WEP network in seconds.

Dang. Well, options anyone? 

[dalekphalm]

Dang. Well, options anyone? 

You've got several, depending on what hardware you have lying around. If you have a Router capable of running DDWRT or Tomato firmware (or even some of the higher end routers have this option built in), then you can host a VPN server straight from the router. This would likely be done using OpenVPN.

 

Alternatively, if you have a spare old computer lying around, you could throw Linux on it, and host an OpenVPN server directly on it.

 

On Windows, you could also host an IPSEC VPN server, or (if you have the Server version handy) an IKEv2 VPN Server (Also known as Web Connect or Web Reconnect by Microsoft).

 

The two best options for performance and security are either OpenVPN or IKEv2.

[Helloman]

You've got several, depending on what hardware you have lying around. If you have a Router capable of running DDWRT or Tomato firmware (or even some of the higher end routers have this option built in), then you can host a VPN server straight from the router. This would likely be done using OpenVPN.

 

Alternatively, if you have a spare old computer lying around, you could throw Linux on it, and host an OpenVPN server directly on it.

 

On Windows, you could also host an IPSEC VPN server, or (if you have the Server version handy) an IKEv2 VPN Server (Also known as Web Connect or Web Reconnect by Microsoft).

 

The two best options for performance and security are either OpenVPN or IKEv2.

I have a lot of spare computers lying around since you asked. None have a wonderful NIC or processor in them, I think one has a Sempron 145  . However a dual port Intel PCI based NIC is semi affordable for me. 

[Helloman]

You've got several, depending on what hardware you have lying around. If you have a Router capable of running DDWRT or Tomato firmware (or even some of the higher end routers have this option built in), then you can host a VPN server straight from the router. This would likely be done using OpenVPN.

 

Alternatively, if you have a spare old computer lying around, you could throw Linux on it, and host an OpenVPN server directly on it.

 

On Windows, you could also host an IPSEC VPN server, or (if you have the Server version handy) an IKEv2 VPN Server (Also known as Web Connect or Web Reconnect by Microsoft).

 

The two best options for performance and security are either OpenVPN or IKEv2.

Would I be able to see network drives while using the VPN?

[dalekphalm]

I have a lot of spare computers lying around since you asked. None have a wonderful NIC or processor in them, I think one has a Sempron 145  . However a dual port Intel PCI based NIC is semi affordable for me. 

For a VPN server, you don't exactly need a powerhouse. Any old machine is probably sufficient. You're gonna be limited to whatever the Download/Upload on your Internet is anyway.

 

I would pick up a dual NIC (used if you're using spare equipment, and want to save some money) for dirt cheap.

 

Would I be able to see network drives while using the VPN?

Yes, assuming the VPN connection is functioning properly, then the computer dialing in will "think" it's connected over the LAN.

 

If the network drive isn't mapped ahead of time, you'll need to map it, though.