Connect two home networks via VPN

networking windows vpn vmware

Hamachi has its advantages and disadvantages, so consider this alternate VPN design. This is basically a DIY VPN router as Scott's answer discusses, using 3rd-party firmware that may work with the routers/gateways you already have.

Use DD-WRT with OpenVPN on the router/gateway of both the home networks. You'll need an OpenVPN-enabled firmware, or room to install it as an add-on package. (The latest DD-WRTs claim to make this very easy. I haven't tried it yet. Read through Enabling OpenVPN for the full process.)

  • Pros:
    • cheap-to-free
    • on if the router's on
    • broadcast traffic (if using as a bridge)
    • very flexible & powerful (GUI and SSH interfaces)
  • Cons:
    • "very easy" probably doesn't mean what you think it means; Hamachi is likely simpler to manage
    • doesn't run VMware or Win2000 Advanced Server
    • ...and it won't make coffee

You'll end up with a site-to-site VPN between the networks, and can configure it in a routed (two separate networks) or bridged (one network in two places) configuration. Which one you should use depends on your requirements. It's worth taking the time to draw up a network design and spell out what you need out of this setup.

  • Routed: (source)

    Why should I use a routed configuration and not a bridged configuration?

    Interesting question. Well, a bridged configuration will 'join' both networks together as one, same subnet, same IP range... Looks easier, but the problem here would be that all kinds of packets, including the infamous broadcasts will be traveling from one side of the network to the other, resulting in less-than-optimized usage of your precious bandwidth. On the other hand, a routed network will only send directed packets from one side of the network to the other.

  • Bridged: (source)

    By bridging a physical ethernet NIC with an OpenVPN-driven TAP interface at two separate locations, it is possible to logically merge both ethernet networks, as if they were a single ethernet subnet.

Examples:

  • The mDNS/Bonjour/Zeroconf service to supply addresses like hostname.local across both home networks might require a Bridged mode to work. On the other hand, you may prefer to setup your own internal DNS and access the networks with addresses like hostname.foo and otherhost.bar.

  • Windows Filesharing name resolution used to work via broadcast messages, so a bridged connection allows Windows computer browsers to find each other. A routed solution required a WINS server to allow Windows network browsing to work. (You can probably do that with W2k Advanced Server, or you could look for a Samba WINS server package for DD-WRT.) (Also, I say "used to" based on experiences with Samba; recent Win-7 improvements may have fixed this.

  • Some games really want broadcast capability for network games, so again bridged mode may be preferable. If they have different network modes for LAN games vs Internet games, that could be the difference.


The easiest way is with two VPN routers (like Netgear Prosafe using gateway-to-gateway VPN example).

alt text

That way the default gateway for all the machines on the is the same for the VPN and the internet. Once setup, to go on the internet or VPN is transparent to all the clients and the VPN is usually solid. Just turn on both VPN firewalls and it just works.

If you use a second gateway (the VMs VPN), you may need to either enter a route entry in the computers routing table to use the VM's VPN or you would need to make the VM the default gateway for the rest of the machines on the network and then have the VM route traffic either to the router for internet access or to the VPN.

VPN with Microsoft can be a large topic but Microsoft has some good articles for example http://support.microsoft.com/kb/308208

After I got some VPN routers, I wouldn't want to do it any other way. But of course that mean purchasing hardware.

Hope you find the solution that works for you.


Unless you just want to play with VPN setup, I'd recommend using something like Hamachi for this. I'm looking at doing something similar and I'm considering Hamachi as the primary linkage. It should be much simpler to setup than a DIY VPN.

Related

AutoHotkey - Scrolling two PDF documents
Get Hostname from IP address/MAC address
How to get the window title text from batch file
How to stop redirect from http:// to https://
Using synonyms to improve text readability ("elegant variation")
Adjective that describes "boosting one's ego"?
What is a word to describe a teacher who has a habit of giving high marks to their students (even if they are not doing well)?
those who(m) he thought were guilty
Is it correct to say "We will provide you with the best consultation and assist you filling out..."
Use of Grade Levels Instead of Age [closed]
What term would describe the following poetry elements like rhyme, alliteration, assonance, etc. that relate to the way the word is sounded?
What is the accepted typography for latin phrases? [duplicate]