I need to steup a vpn and have never done it before. Can anyone recommend a place to get good clear instructions for this? I know there are many variables, but I am after a good basic explantion that I can work from. Keep in mind, I am a phone man , not a computer guy. (read: Keep it simple and don't skip steps)
Shawn Connect Telecom www.connecttelecom.us In matters of style, swim with the current. In matters of principle, stand like a rock. Thomas Jefferson
Visit Atcom to get started with your new business VoIP phone system ASAP
Turn up is quick, painless, and can often be done same day.
Let us show you how to do VoIP right, resulting in crystal clear call quality and easy-to-use features that make everyone happy!
Proudly serving Canada from coast to coast.
Every VPN device is different to set up - you'll need to find information for your specific device(s) that will be creating the VPN. I'd recommend that you stick with one make and model for building the VPN if at all possible (getting multiple vendor's VPNs to talk to each other is a very complex project).
I'd probably recommend hiring a contractor to help you out with the first few (or if you will be working with a network that is more complex than just a DSL/Cable modem and a handful of computers), or at least have on-call if you run into issues. VPNs can be either really easy or really complex - they are almost always one extreme or the other, and my experience says they tend towards really complex more often.
To setup a site to site VPN you need two end point devices. These are the "VPN Peer Gateways". Their purpose is to terminate the IPSec VPN tunnel. There are many options for this. They range from community/opensource such as Vyatta Router to much more expensive devices like CheckPoint VPN-1, Juniper, or Cisco.
Each side needs to agree on a set of parameters when they do the tunnel negotiation. This is usually called phase one and phase one.
Phase One (sometimes called IKE / ISAKMP) contains:
pre-shared-key type of encryption (3des or AES-128) type of hash algorithm (md5 or sha1) lifetime (default of 86400 secs)
Phase Two ( sometimes called IPSec SA negotiation) contains
type of encryption (3des or AES-128) type of hash algorithm (md5 or sha1) lifetime (in seconds) a local subnet that should be encrypted/allowed a remote subnet that should be decrypted/allowed
When the negotiations are complete there is now an IKE cookie and an IPsec SA.
The packets come into the gateway from your internal network. If they match the local and remote subnets they are encrypted and sent across to the other side.
Thats the real basics of it. If you want some help send me a PM and I can try to assist you.
You are getting in hopelessley over your head. Follow the manufacturer's instructions? Okay yes but it will take you several years to get enough background to do that. Perhaps you should try performing surgery on yourself. The odds of succeeding are better.
You know how the telephone guys get all riled up when the computer guy starts to mess with phones and they are way in over their heads and more likely to cause trouble than good? Well it goes both ways! :nono:
you may be able to pull this off with our help but you need to be a lot more specific. i mean on tv ordinary citizens manage to land jet airliners all the time. if you believe that is realistic, then give setting up a VPN a try.
First of all tell what you want to connect by VPN: one whole site to another whole site, a whole site to specific remote computers, or specific computers to specific remote computers? Or are phones and phone systems involved?
Thanks Tony3866 that is good to hear. Thanks tito I will check out those resources. Unfortunately, if us phone guys don't become computer guys, we will be like the silent movie actors who refused to make the jump to talkies.
Shawn Connect Telecom www.connecttelecom.us In matters of style, swim with the current. In matters of principle, stand like a rock. Thomas Jefferson
![[Linked Image from sundance-communications.com]](https://www.sundance-communications.com/installers/logos/65graphic.jpg)
[/url] 