I realized as I started writing this article that I have been playing with VPN and routers for a LONG time. Amazing how 10 years can just disappear into the rear view mirror.
Anyway, to the topic at hand. Most of us have desktop machines, servers, or both on our home or small biz network. I’ll just say home network from here on for convenience. The principles are the same in either case.
If you’re like me, sometimes you’re at work, or at a client site, or sitting in a hotel room somewhere and you find that you want to work with a file that you didn’t remember to copy to your laptop. Very frustrating, and there’s not a lot you can do unless you’re a complete idiot running an open network without a firewall.
But I wouldn’t be writing this article if there wasn’t a solution. Enter the VPN. VPN stands for Virtual Private Network. Think of it as creating your own small private pipeline to your home network inside of the big pipelines of the internet. Software running on your laptop detects traffic that’s headed for your home network, encrypts it, and sends it to corresponding software on a server or router on your home network. The router decrypts the traffic and sends it along to your home network inside your firewall.
In the past, VPN solutions were complex and expensive. Over time, better hardware and open source software have brought the cost of setting up and running a VPN down to very reasonable levels. If you have an old PC laying around, it can be done for the cost of an extra network card.
Over the years, I’ve played with any number of VPN solutions. Off the top of my head, I can recall (in roughly chronological order)
- IPSEC running on LRP and LEAF Linux-on-a-floppy distributions
- Intel Net Structure (proprietary, based on Shiva Smart Tunneling)
- OpenVPN on IPCop
- OpenVPN on DD-WRT
- Cisco AnyConnect
- OpenVPN on Smoothwall
If you followed any of those links, you probably discovered that there’s a whole bunch of technical complexity involved with setting up and running a VPN. And if you didn’t, don’t worry. I’ve already suffered through that complexity, and I’m sharing what works for me.
What I am running on my home network today is the OpenVPN on Smoothwall solution. It works flawlessly, is completely based on free open source software, and has very modest hardware requirements. I’m running on a Celeron 600 with 1GB RAM and a 4GB Compact Flash card. Most of the time, utilization is in the single digits.
In Part 2, I’ll go into the specifics of how to build a Smoothwall router and how to hook it up to your home network. Part 3 will cover installing and configuring OpenVPN, and how to connect.
Mike,
Can’t wait to figure this out. I’ve tried several solutions that sucked. Most were slow and/or expensive.
-Joshua
Joshua, that was certainly true a few years back. You can add painfully difficult to configure and operate to slow and expensive. I won’t say that my current solution is blindingly fast, but it does as well as anything of its class that I have seen. It’s certainly usable.
Sounds like I better get on writing Part 2 🙂
I’m running smoothwall right now, but not running the openVPN. My smoothwall box is like a pentium 2 though, with not much ram. I wonder if it would choke on the VPN.
You won’t have a problem with CPU. And unless not much RAM is really small, like 64MB, you should be OK with that too. I set up a client with OpenVPN on IPCop on a Celeron 500 with 256MB RAM if I recall correctly. He had a remote sales guy connecting every day for three years with very few problems.
Where is your part 2 and part 3? No time to write? They will be very useful to us.
Hi James, thanks for the reminder, and my apologies for not coming back to this topic. I recently moved from the US to the Philippines, which really slowed down my writing. I’ll put an action item on my to-do list right now. Hopefully I can get to it within the next month.
I hope you haven’t left these people hanging. They seemed really interested in this.
Well I kind of have, but I put that on my to-do list to finish this series as it’s a good way to establish technical skills.