Advice needed for VPN setup

Zivikins · October 17, 2019, 8:46pm

I’ve been looking into setting up a secure way for my small office to be able to remote in to our workstations from wherever.

I started looking around at VPN routers and I’m just as lost as when I started… So here I am.

Any advice on where I should be looking or what hardware I should look at to pull off a secure connection for 10 or so people to be able to remote in to their workstations/access network stuff from home or wherever they may be.

I thank you all in advance for any help you can provide.

_hill · October 17, 2019, 8:58pm

What router or firewall are you currently using? 9/10 times they have built in Client VPN solutions and are super simple to manage.

I am currently looking into the same thing since Meraki does not offer what I need. (VPNs for seperate subnets to keep multiple companies I admin separated)

I’ve started researching today, the easiest solution I know of is OpenVPN on a raspberry Pi or some other low power machine. Business licensing is $15 per device (or user don’t remember) last I checked.

Consumer grade is free and works fine but you can’t have more than 2 simultaneous sessions going at one time sadly.

Then there’s Cisco AnyConnect which is pretty well established and I know for a fact can separate networks but it being Cisco I imagine it’s not cheap but I haven’t looked at pricing yet.

brymakus · October 17, 2019, 9:15pm

If you go down the raspberry pi route, there is something called PiVPN which makes setting up an openvpn server relatively simple, you would probably need a Pi4 for 10+ concurrent connections as it has a gigabit ethernet connection compared to previous models (100mbit). PiVPN uses the community version of openvpn and therefore is free and as far as i know isn’t limited in the number of connections you can make simultaneously.

You could also check out Draytek routers which offer a much cheaper (but reliable) SSL VPN connections and have routers suppoting both ADSL and VDSL connections

There is of course also the option of setting up a vpn server with windows server if you have one already…

What do you currently have to work with?

Zivikins · October 18, 2019, 1:19am

Thanks for the reply, I using the router/modem that Comcast Business provided for the 1gig service we have in the office.

I was looking to just put the thing in bridge mode and get my own router.

I look into the stuff you suggested.

Zivikins · October 18, 2019, 1:35am

I have a Windows 2012 Standard Server that is used as a file server primarily.

Other than that, the gateway provided by Comcast is the only other thing I have. The Draytek look like they will do what I am trying to pull off. Thanks for the suggestion!

TimHolus · October 18, 2019, 12:23pm

If I understand correctly, you want outside employees to have access to workstations at work.

Create one network with the help of zerotier and then use some remote desktop inside. Theoretically, you can do it without buying equipment.

Or a box from for vpn https://www.pfsense.org/products/

PS
10 VPN sessions on PI … don’t expect performance!