Ping any VPN experts

GEC: Discuss gaming, computers and electronics and venture into the bizarre world of STGODs.

Moderator: Thanas

Post Reply
User avatar
Borgholio
Sith Acolyte
Posts: 6297
Joined: 2010-09-03 09:31pm
Location: Southern California

Ping any VPN experts

Post by Borgholio »

At work, I want to connect my laptop to my home network via VPN. I know jack shit about VPN but I was playing around with it and got the basics down. I have the ports forwarded through my router, I have the incoming connection set up on my home PC, and the outgoing VPN connection set up on my laptop. It works. I can successfully connect from my laptop to my desktop at home via VPN. Trouble it, it doesn't work when connected to my office WiFi due to blocked ports. The infuriating thing is exactly which ports are blocked. During my experiments, I tested SSTP, PPTP, and L2TP. L2TP doesn't work at all on my desktop for some reason so I am ignoring that. Of the remaining two, here are the results:

1. SSTP - Uses port 443 which is not blocked by my work firewall. However, it requires a server authentication certificate which I can't get on my desktop, since it's not a server O/S.

2. PPTP - Uses ports 1723 (not blocked) and port 47 (blocked).

So that's the pickle. The one protocol I can use unhindered won't work because I'm not connecting to a server. The other protocol that works has one of it's two necessary ports blocked. I could ask the IT guys at work to unblock port 47 but I'd probably have better luck sacrificing a goat and praying for divine intervention.

That leaves two options. First, try to find some way to bullshit the SSTP connection into thinking there's a valid certificate on my home machine. Second, find a way to change the GRE port from 47 to another port that's unblocked by my work firewall.

Any thoughts on how to accomplish either of those tasks? Thanks!
You will be assimilated...bunghole!
User avatar
phongn
Rebel Leader
Posts: 18487
Joined: 2002-07-03 11:11pm

Re: Ping any VPN experts

Post by phongn »

Uh, does your work permit you to open VPN tunnels to arbitrary networks? That's usually a huge red flag to security.
User avatar
Borgholio
Sith Acolyte
Posts: 6297
Joined: 2010-09-03 09:31pm
Location: Southern California

Re: Ping any VPN experts

Post by Borgholio »

It does when I am connected to the guest WiFi network, which is isolated from the main network.
You will be assimilated...bunghole!
User avatar
phongn
Rebel Leader
Posts: 18487
Joined: 2002-07-03 11:11pm

Re: Ping any VPN experts

Post by phongn »

Shouldn't your VPN server let you produce private-public key pairs for each client and then generate a client certificate for your laptop (and possibly a root certificate authority for your laptop)?

You might also try OpenVPN and see if that helps. Hamachi is also pretty straightforward, too.
Last edited by phongn on 2014-04-24 08:08pm, edited 1 time in total.
User avatar
Borgholio
Sith Acolyte
Posts: 6297
Joined: 2010-09-03 09:31pm
Location: Southern California

Re: Ping any VPN experts

Post by Borgholio »

I'm using the built-in VPN function of windows 7 and I'm not sure how to go about generating a new certificate.
You will be assimilated...bunghole!
User avatar
AMT
Jedi Knight
Posts: 865
Joined: 2008-11-21 12:26pm

Re: Ping any VPN experts

Post by AMT »

Look over this article and see if it answers any questions

http://www.pcworld.com/article/210562/h ... ows_7.html
User avatar
Borgholio
Sith Acolyte
Posts: 6297
Joined: 2010-09-03 09:31pm
Location: Southern California

Re: Ping any VPN experts

Post by Borgholio »

Thanks AMT. Yeah that's basic setup which I already know how to do. The issue is that I need to either change the outgoing port that my laptop uses for VPN or get a server certificate for my desktop so I can use SSTP.
You will be assimilated...bunghole!
User avatar
Borgholio
Sith Acolyte
Posts: 6297
Joined: 2010-09-03 09:31pm
Location: Southern California

Re: Ping any VPN experts

Post by Borgholio »

phongn wrote:Shouldn't your VPN server let you produce private-public key pairs for each client and then generate a client certificate for your laptop (and possibly a root certificate authority for your laptop)?

You might also try OpenVPN and see if that helps. Hamachi is also pretty straightforward, too.
Thanks for the links. OpenVPN has a bandwidth cap so I don't think I'll go with that one. Hamachi looks like it'd work fine. 30 bucks a year though...
You will be assimilated...bunghole!
User avatar
AMT
Jedi Knight
Posts: 865
Joined: 2008-11-21 12:26pm

Re: Ping any VPN experts

Post by AMT »

What firewall are you using?
User avatar
Borgholio
Sith Acolyte
Posts: 6297
Joined: 2010-09-03 09:31pm
Location: Southern California

Re: Ping any VPN experts

Post by Borgholio »

No idea. It's a firewall on the guest internet connection where I work. Probably an industrial grade one.
You will be assimilated...bunghole!
User avatar
TronPaul
Padawan Learner
Posts: 232
Joined: 2011-12-05 12:12pm

Re: Ping any VPN experts

Post by TronPaul »

Borgholio wrote:
phongn wrote:Shouldn't your VPN server let you produce private-public key pairs for each client and then generate a client certificate for your laptop (and possibly a root certificate authority for your laptop)?

You might also try OpenVPN and see if that helps. Hamachi is also pretty straightforward, too.
Thanks for the links. OpenVPN has a bandwidth cap so I don't think I'll go with that one. Hamachi looks like it'd work fine. 30 bucks a year though...
A bandwidth cap? You might be looking at the OpenVPN service and not the free software. Fairly certian you can run it locally even on Windows, though I've only looked at it on Linux.
If it waddles like a duck and it quacks like a duck, it's a KV-5.
Vote Electron Standard, vote Tron Paul 2012
User avatar
Borgholio
Sith Acolyte
Posts: 6297
Joined: 2010-09-03 09:31pm
Location: Southern California

Re: Ping any VPN experts

Post by Borgholio »

Huh...I must be blind, I don't see any reference to the free software. All the download links seem to be for the PrivateTunnel service.
You will be assimilated...bunghole!
User avatar
AMX
Jedi Knight
Posts: 853
Joined: 2004-09-30 06:43am

Re: Ping any VPN experts

Post by AMX »

User avatar
Borgholio
Sith Acolyte
Posts: 6297
Joined: 2010-09-03 09:31pm
Location: Southern California

Re: Ping any VPN experts

Post by Borgholio »

Yeah OpenVPN hurt my brain. Way too many options that need to be manually entered into the client and server config files. And I still have to screw around with authentication keys.
You will be assimilated...bunghole!
BerthaFrye
Redshirt
Posts: 1
Joined: 2020-07-11 10:59am
Contact:

Re: Ping any VPN experts

Post by BerthaFrye »

Thank you! stardestroyer is so helpful answering my many questions.
Post Reply