From: mike-newsgroup@-DELETETHISPART-.upcraft.com   
      
   Petr wrote:   
   > After searching and reading and getting all mixed up, I decided it   
   > would be best to just ask the experts myself :) There´s so much   
   > information lying around I don´t know anymore what´s right for me and   
   > what isn´t...   
   >    
   > Here´s the deal: I need to do some testing with vpn for future needs.   
   > Right now, I just want to get some experience with remotely accessing   
   > ressources at my office. Later on, a small number of users should be   
   > able to simultaniously use vpn for remote access.   
   >    
   > I´ve tried to get something done (within one LAN, just for testing   
   > purposes) by using the Windows2000 vpn-features but I don´t even know   
   > how to access files even though the vpn-connection is established.   
   >    
   > We have ADSL with a public IP-Address and a router with no vpn   
   > capabilities. My problem is: I don´t know where to start. Do I need   
   > hardware, software or both? If a new router would be sufficient, what   
   > would be a cheap way to get started?   
   >    
   > I´m sure I´ll have more questions as things become clearer (hard to   
   > believe that ever happens..), but I´ll let you guide me into the right   
   > direction. If you need more information about our network etc. just   
   > ask. I´d really appreciate some help!   
   >    
   > Petr   
      
   In most cases I go with an inexpensive VPN capable router for a small    
   network.  It's likely that any server you might have in a small network    
   is also doing many other things like serving files, running as your    
   active directory domain controller, database server, name resolution or    
   all of the above.  It's easy to setup the security incorrectly on a    
   server and if that server is also your domain controller and file server   
   then you will just be allowing unrestricted access to the most important   
   resource in your network from the Internet.   
      
   I like the Netopia 3386-ENT devices myself.  It supports almost all the    
   major VPN protocols for a cheap price (less than $200usd).  This device    
   is sufficient for most small networks.  If your Internet connection is    
   any faster than 10Mbit then you might consider something a bit better,    
   the Netopia seems to handle your typical 5mbit download/1mbit upload    
   ADSL and Cable modem type connections without slowing down.   
      
   As far as gaining access to the resources on your network, this is    
   mostly a separate issue.  To gain access to the internal servers once    
   the VPN is established is exactly the same as if you had a WAN link    
   connecting the remote site and the network.   
   You need to make sure that some form of name resolution is working, that   
   means that the VPN server should give out the correct internal DNS/WINS    
   settings to the client so it will be asking the correct server for    
   network addresses.  Also when it comes to network browsing you will    
   likely need to type in the server address manually if you are connecting   
   over a dynamic connection like a VPN.  Even when you have all the    
   required WINS servers running and the client is resolving the server    
   correctly it can take some serious time before the client will build a    
   local version of the browse list.  Just make sure you know the proper    
   names to connect to your servers before you worry about venturing into    
   getting "network neighbourhood" type functionality to work.   
      
   --    
   WARNING!  Email address has been altered for spam resistance.   
   Please remove the -deletethispart-. section before replying directly.   
   Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)