Jump to content

Peer to Peer VPN


Iain

Recommended Posts

I've been experimenting with VPN between 2 XP Pro PCs connected via a cross-over cable.

I created and shared a folder on one PC which I was able to access from the other via Start>Run>IP AddressShareName.

I created a VPN connection (with the PC having the shared folder being able to receive incoming connections) and managed to connect the two PCs satisfactorily.

The question that I have is regarding accessing the shared folder from the remote PC.  If I connect the PCs via the VPN and then access the shared folder (via Start>Run, as before), how can I be sure that any communication between the PCs (i.e. retrieving files from or placing files into the shared folder) occurs throught the VPN connection rather than simply via the same route that was used prior to using the VPN connection?

I just want to get this straight in my head before I start to look at what happens if I try to VPN within a domain and look into IPSec etc.

Thanks for your time (and patience!).

Link to comment
Share on other sites

The IP address range in the VPN will be different to the actual networks.

Thanks for the quick response, but I'm not sure what you mean.

The XP Pro PCs are linked by a cross-over cable.  One is 192.168.0.1/24 and the other is 192.168.0.2/24.  The latter has the shared folder (and also set up as the VPN to allow incoming connections) so I can access the shared folder from the first PC using Start>Run>192.168.0.2SharedFolder.  If I open the VPN connection between the two PCs and then issue the same Start>Run command, how can I be sure that any information passes along the secure VPN connection (yes, I know it's a REAL PN, rather than a VIRTUAL PN).  My ultimate goal is to know how to be sure that data is encrypted when I start to configure PPTP/L2TP & IPSec.

@SomeoneE1se - quite correct.  It's just for testing and learning purposes at present.

Link to comment
Share on other sites

wireshark will tell you the originating ip and the destination IP fire it up and start a movie located on the other computer that will generate traffic and you can then find out what IP you're using.  The problem you're having is that the VPN traffic will appear as local because it is local once you go remote you can tell if the VPN is working just by connecting.  Also if you can figure out what IP is witch transfer some files BEFORE you start the VPN that will tell you what IP to ignore.

Link to comment
Share on other sites

Thank you for the suggestion.  I wondered if there was some way to do it other than collecting and reviewing network traffic.  I didn't know if there was a configuration about which I was unaware.

Link to comment
Share on other sites

You arn't using the VPN by entering the actual IP address of the other computer. To use the VPN you need to use the IP addresses specified in the VPN.

But when I've been through the VPN connection dialogue (entering the Admin name and Password), I get the message in the System Tray which says that the VPN is connected. There are only two addresses available to me - 192.168.0.1/24 and 192.168.0.2/24 and the latter has both the shared folder as well as the incoming VPN connection.

I'm confused! :(

Link to comment
Share on other sites

What does ipconfig/all say

OK - I *think* I'm getting somewhere:

From the PC that's initiating the VPN (and accessing the remote share):

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection
        Physical Address. . . . . . . . . : 08-08-64-EF-D3-18
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.0.1
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :

PPP adapter Testing:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 169.254.197.169
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 169.254.197.169

and from the PC which accepts the incoming VPN and has the shared folder:

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : D-Link DFE-530TX PCI Fast Ethernet Adapter (rev.A)
        Physical Address. . . . . . . . . : 70-35-41-A2-4A-18
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.0.2
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :

PPP adapter RAS Server (Dial In) Interface:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Internal RAS Server interface for dial in clients
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 169.254.207.149
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . :

I realise now that when I connect the VPN, two additional interfaces are created and they have APIPA. I started Wireshark (with the VPN connected), collected data from 192.168.0.1 and there was a lot of traffic - including plain text name of the file that I retrieved. I restarted Wireshark and collected data from 169.254.197.169 and there were 4 frames. None of them related to the file that I retrieved.

Needless to say, the Wireshark is running on the PC which has 192.168.0.1 as it's IP address.

I've learned something - that additional "virtual" interfaces are created when the VPN is connected - but why does the majority of my traffic go through the real interfaces rather then the "virtual" ones?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...