Readers of this newsletter will recall that more than two years we started setting up a virtual private network between our Florida vacation condo ( www.broadbandhomecentral.com/bbhl/condo.html ) and the production network at home. We planned to use VPN when we're at our condo to access files in our home network, and when we're at home to diagnose problems with the PC in the condo. We found that VPN is not for the faint-hearted, and failed several times to get it working.
When we last wrote about VPN, we were coping with two problems: getting dynamic DNS (DDNS) running reliably, so we could establish links between two VPN firewalls with dynamic IP addresses; and setting up the parameters of the VPN link for persistent connections. We've finally resolved both problems and now have a fully-operational VPN link.
More than a year ago, Netgear issued firmware releases for both VPN firewalls (one at home and the other at our condo). After upgrading both firewalls, we found that DDNS now worked reliably, updating the remote DDNS server whenever a dynamic IP address changed. The two firewalls could connect with each other by name, even if one or both IP addresses changed.
So the remaining problem was setting up the VPN parameters. We thought we were close the last time we paid attention to VPN. Since we had planned a vacation visit to our condo in early July, we decided to focus on getting VPN working during the visit.
Several weeks before we left, we re-established the test network in our house, so we could simulate the condo over one broadband connection while the production network continued to operate over the other. (We had installed the second broadband connection when we first started working with VPN more than two years ago, but had disconnected it while VPN was on the back burner.) Netgear had issued several new firmware releases for our VPN firewalls, so we again updated both firewalls in our house to the current release. We then configured the VPN parameters on the two firewalls at home, and VPN seemed to work fine.
When we got to our condo a few days later, we updated the firmware on the VPN firewall there and set up its VPN parameters. The firewall reported a successful VPN connection to our home network.
We then started testing the VPN link, and it finally worked the way we planned it two years ago. We had been testing a Buffalo TeraStation Live as a home media server, and we were able to access the TeraStation from the condo—we looked at pictures in our image archive, and played a stored video on the condo PC.
When we used our laptop PCs to access the home network through the VPN gateway, we were delighted to find that we could access our Windows NT domain. We could read and write files on our home desktop PCs and Windows servers, and could access the web server at home to browse our home intranet.
We finally had the condo-to-home mechanisms working properly, and we turned our attention to the home-to-condo mechanisms. Our condo is occupied by rental guests most of the time, and they sometimes report problems with the PC at the condo. Many of our guests are tech-savvy, so Dave can talk them through diagnosing and repairing the problem over the phone, but it takes time away from their vacation.
What we really wanted was a mechanism for Dave to take control of the condo PC from home, and he had long planned to use the "Remote Desktop" feature of Windows XP to do this. We had first encountered Remote Desktop when we played with the late-lamented Smart Displays ( www.broadbandhomecentral.com/report/backissues/Report0307_5.html ) four years ago; Remote Desktop is a little clumsy, but does seem to do the job.
While we were at the condo, we enabled Remote Desktop and tested it from Dave's notebook PC. It worked just fine--although Dave found it a little spooky to see the Windows desktop of the condo PC on his notebook screen, with the condo PC's web browser pointed to our corporate intranet at home!
For more information, on the VPN network in our condo, please see