Home PPTP VPN

[G-Stress]

Hey guys, I currently have a Linksys WRT320N running DD-WRT and it works wonderfully! What I am looking for is a PPTP VPN solution running at the router level that may work with a linksys wrt54g or Netgear wnr2000 or wnr1000.

I've been all over dd-wrt and tomato, but what I'm not clear on or can't seem to find is if the firmwares have a built in VPN server function. I also have a linksys RVS4000 VPN router, but it appears that routers VPN support is only to connect to a remote VPN.

My goal is I'm wanting to setup a VPN server at my mom's house running at the router level so I can remote in and troubleshoot so she won't have to have a PC running at all times. I know ASUS has a model out now that has this feature built in which is super awesome, but I don't want to spend the money when there have to be so many other alternatives.

I also know PPTP isn't the most secure, but it works with minimal administrative need and for what I'm wanting it for it will suit my needs. If you guys have any other alternative method to accomplish what I'm wanting I would LOVE to know! The biggest issue is I don't want her to have to keep the PC running at all times.

I also don't want to open any services like vnc, rdp, etc. I want to use a VPN solution and then I can use those services locally via the VPN.

Appreciate any input/advice. I have several old router's and am most familiar with dd-wrt and have flashed a few, but no VPN option.

[cooper]

I feel you're trying to swat a fly with a Howitzer.

If it's only your mom's machine behind the router, wouldn't it be far easier to install something like VNC on her machine but have it be turned off by default. Set the router to port-forward incoming traffic on port X to the the VNC port on her machine and only have her start VNC when she needs your assistance. If you're a little more paranoid than most, use the router's firewall to also drop incoming traffic that isn't emanating from your home and/or work IP address/-block.

[barry99705]

teamviewer is free for home use, works great. Have it installed on my Dad, Mom, and Grandma's computers. They have to give you a code to connect, so it's fairly secure.

[G-Stress]

@ Cooper, I do have VNC, RDP running on the machines already, I just don't want to open the ports on the router to the outside world. I'm not super paranoid I just prefer making one connection to the network and then accessing anything on the network through the vpn.

@ Barry99705, I have used teamviewer and it's not bad, however if I'm troubleshooting an issue where she is not able to access/use team viewer then that won't help. I'm tempted to just buy that recent ASUS model that has built in VPN Server, but I don't want to spend the money if I can modify one of these existing routers.

[cooper]

You don't want to open ports to the outside world, however the VPN will be just that: an open port to the outside world. The only difference is that in one case it's exposed by the router and in the other it's exposed by the target machine. Your mom can open that up on demand when it's her machine and you can configure it to be a non-typical port too.

With VPN you get the benefit of net locality, but when she's got something misconfigured to the point that, say, teamviewer won't work, chances are you won't be able to connect to her even from the VPN, and when there's nothing else on het network, why even bother? I'm just not seeing the benefit of a VPN link over just a direct connection to a port-forwarded service on her machine.

[digip]

Um, windows can do incoming VPN connections to the OS itself, why don't you just connect to the machine itself, no port forwarding needed, just IPSEC or VPN Passthrough enabled(which usually is by default, port 500 allowed on most routers).

https://www.google.com/search?num=50&newwindow=1&q=setup+incoming+windows+VPN++%28XP+%7C+7+%7C+8+%29&oq=setup+incoming+windows+VPN++%28XP+%7C+7+%7C+8+%29&gs_l=serp.3...27917.33624.0.34084.14.14.0.0.0.1.210.1425.2j8j1.11.0.msedr...0...1c.1.62.serp..7.7.909.hfl3UiZAM1Y

This would probably be the best solution, connect VPN, then RDP, no router settings should need to be changed.

[barry99705]

@ Cooper, I do have VNC, RDP running on the machines already, I just don't want to open the ports on the router to the outside world. I'm not super paranoid I just prefer making one connection to the network and then accessing anything on the network through the vpn.

@ Barry99705, I have used teamviewer and it's not bad, however if I'm troubleshooting an issue where she is not able to access/use team viewer then that won't help. I'm tempted to just buy that recent ASUS model that has built in VPN Server, but I don't want to spend the money if I can modify one of these existing routers.

If that's the case, then set it up for unattended access. Then you give it your own passcode and can connect anytime you need. Even from a web browser, so you could fix something from work.

[G-Stress]

I've setup the VPN on the machine before, but then I have to port forward and all. I've used team viewer and all as well and all work great, but there is also multiple devices on the network. I just prefer a setup like my current at home having a second router strictly for the VPN connection then I can access any of the devices via VNC or whatever. I've already got all machines IP's and hostnames set, I just came seem to find another router that will run dd-wrt and have the VPN option built-in. It just works so wonderfully and I only need to open up the one port and allow only my machines access remotely.

[cooper]

Then I suggest you get something like a Pi or a PcDuino3. Small, compact, low power draw, runs Linux and very capable.