XPHome-VPN-IPSec-Nightmare-filter.
June 14, 2006 5:02 AM   Subscribe

Can I VPN across a XPHome server?

I'm running Windows XP Home Edition on my server at home. The VPN laptop is running Nortel's Contivity VPN Client.

The laptop VPN works when the laptop is connected directly to my cable modem, but when I try to go through my home network (server running Windows XP home edition) it doesn't work. I turned off the firewall, no good. I googled, and found that I needed to forward ports 500 and/or 581, which I did, no good. Lastly, I was told to allow IPSec protocol 50, which I don't believe Windows XP Home Edition will allow. Am I doomed?

If I am doomed, I'm pretty sure it I can stick a wireless router between my cable modem and server and connect the laptop wirelessly. Is there a hidden danger there?
posted by ewkpates to Computers & Internet (6 answers total) 1 user marked this as a favorite
 
If you VPN over the wireless you should be fine, as all your data will go through that encrypted tunnel.

I can't speak as to why you're having the problem you're having. I use Contivity though my Linksys router all the time, though, so I don't think NAT or port forwarding is _really_ the issue.
posted by kableh at 5:50 AM on June 14, 2006


Kableh -

What port(s) do you forward? What did you do to your router as part of set-up? I take it you don't have a server between the router and the internet connection?
posted by ewkpates at 6:25 AM on June 14, 2006


I was always under the understanding that XP Home was very limited in what you could do with connection sharing and such. I would recommend going wireless. The whole point of the VPN is that the connection is encrypted so that should not be a big security issue.
posted by aurigus at 7:04 AM on June 14, 2006


Linksys routers and the like often will automatically handle VPN traffic transparently. Many of them advertise this fact. Whether you go wireless or not, you may find it's simpler in many respects to just use a standalone gateway/router. Non-wireless ones are fairly cheap these days, you probably can even find someone who upgraded to wireless who has one they'd give you (personally I have 2 or 3 of them).

Regarding the actual question, port 50 is going to be required, I think. If I remember right (it's been a while) that is the port the keys are exchanged on. Also, some of the ports are UDP and some are TCP, so make sure you are forwarding both, unless you know which you need.
posted by RustyBrooks at 7:23 AM on June 14, 2006


I don't have to forward any ports. I have a Linksys WRT54G running Alchemy firmware (I think), and Contivity "just works."

No server between teh router and the net connection. I connect wirelessly to the router which then plugs into the cable modem. The router NATs (so my lappy gets a 192.168.10.x address).
posted by kableh at 8:21 AM on June 14, 2006


Not to be trollish, but a good rule in general:

"If it's running XP Home, it's not a server."

And most of the time, the same is true if it's running XP Pro, but not always. Really, if you have need of a server, you have need of a server-class OS.

That said, VPN issues are generally network problems, not OS problems.
posted by SlyBevel at 5:43 PM on June 15, 2006


« Older The Coolest Path Between Two Points   |   Aftershave suggestions? Newer »
This thread is closed to new comments.