Travel Technology - Home VPN

My sister lives 500 miles from me (e.g. I can't run over there and help her out). She is going to Russia for three weeks on business. (She just learned about this). We want to rig up a home VPN so that she can use her cable streaming service, give her personal VPN a US IP address for services, etc. Does a Best Buy or equivalent have anything that is plug and playish?

Google strongvpn it's all you need. I've been very happy with it for years.

That is only one thing she wants. If she is "on her home network," her iPad can let her access her full Cable TV line up. StrongVPN won't help with that.

DD-WRT and Tomato have versions that include VPN server. If her home router will run one of them, it's pretty easy to set up. Both firmwares support PPTP VPN (the kind built in to Windows and everything else). Tomato also supports OpenVPN (a more secure, SSL based VPN solution).

I use a PPTP VPN on my iPhone and laptop for when I'm traveling and want to access my home network.

Happy to help with configuration if needed.

DD-WRT and Tomato have versions that include VPN server. If her home router will run one of them, it's pretty easy to set up. Both firmwares support PPTP VPN (the kind built in to Windows and everything else). Tomato also supports OpenVPN (a more secure, SSL based VPN solution).

I use a PPTP VPN on my iPhone and laptop for when I'm traveling and want to access my home network.

Happy to help with configuration if needed.
DD-WRT is very negative about PPTP due to its lack of security. "It should be noted that PPTP has some security flaws and is considered deprecated." See http://www.dd-wrt.com/wiki/index.php/PPTP_Server_Configuration They recommend OpenVPN.

Find an inexpensive Synology Diskstation. They have a built-in VPN server. I had mine setup in about 1hour including driving to starbucks to use external WiFi to test it :)

DD-WRT is very negative about PPTP due to its lack of security. "It should be noted that PPTP has some security flaws and is considered deprecated." See http://www.dd-wrt.com/wiki/index.php/PPTP_Server_Configuration They recommend OpenVPN.

It's not just DD-WRT. PPTP is an insecure protocol. But, unless you think a government is after you, it's fine. If all you want VPN for is to show a US IP address for streaming media, it's fine. The biggest thing is to pick long, random usernames and passwords to make it hard for would-be hackers to get in to your network. My PPTP server, for example, has 25 character random username and password.

The advantage to PPTP is that every device supports it.


Find an inexpensive Synology Diskstation. They have a built-in VPN server. I had mine setup in about 1hour including driving to starbucks to use external WiFi to test it :)

FWIW, the Synology DiskStations also run either PPTP or OpenVPN for their VPN server.

DD-WRT on your home router is a decent solution. You can always buy a VPN router too. Either one is fairly easy, but is going to require a certain amount of config.

Though I have to ask... three weeks isn't a long time. Why not load up on pre-recorded shows? Uplink from home internet connections isn't great to begin with, and bandwidth across the pond isn't likely to be fantastic. Or better yet, get out and explore rather than holing up with TV.

you might be able to setup an inbound VPN by forwarding ports from your router, and a windows computer using the 'advanced connection' (like others, this would be a PPTP based VPN)

I do this using a windows box at home, since my router doesn't support DD-WRT or Tomato.

Just another approach that might be easier/possible for you than fiddling with firmware

DD-WRT on your home router is a decent solution. You can always buy a VPN router too. Either one is fairly easy, but is going to require a certain amount of config.

Though I have to ask... three weeks isn't a long time. Why not load up on pre-recorded shows? Uplink from home internet connections isn't great to begin with, and bandwidth across the pond isn't likely to be fantastic. Or better yet, get out and explore rather than holing up with TV.

You can ask and I can't answer. My brother-in-law called for help on this and I didn't probe her motives or reasons. I would just buy a couple of first run movies from a DVD Vendor in Russia for $5 and consider that experience. She is also stating in a five star business hotel in St Petersburg. I can't believe that the hotel wouldn't have four or five English language channels.

deleted

DD-WRT with OpenVPN is probably the lowest-cost solution, though it takes a little work to set up.

If she's technically inclined (IE, even more work to set up), Sonicwall TZ-100's can be had via Fleabay for $150 or so - I picked up a new one last winter in that price range. The Sonicwall units support L2TP/IPSec (mine works with Android & Apple built-in clients just fine), SSL-VPN, and straight IPSec (with Sonicwall clients). Sonicwall will try and get you to subscribe to their update/security services - you don't need to pay for that to make VPN work.

I've got both DD-WRT/OpenVPN and Sonicwall running to my home network. Both work OK - Sonicwall offers some additional security options that are easier to set up. For example, I can tunnel 100% of my traffic to Sonicwall with a couple of settings in the firewall (and I use it, especially when using an unknown or open network with my laptop) - it takes more work to set that up on OpenVPN.

Either one should allow full access to the local network and any device on the network, but one DOES need to make sure that the internal routing options are properly set on whichever firewall you use.

She'll also need a static IP or DDNS service to make it work. Static IPs generally cost more from the ISP; DDNS usually require some kind of subscription. Personally, I use static IP.

I'm not sure what you mean by "cable streaming service" - if she has a Slingbox I don't think she will need VPN access. In 2008, we stayed at the Radisson in St. Petersburg for about a week. Free internet and I was able to stream my Slingbox to my laptop fine without any VPN. Worked like a charm. If it's Netflix, etc - that may be different.

twit.tv had a show today on VPNs, firewalls and related issues that included a representative from Dell Sonicwall (Dell recently bought them). Interesting if you're into such things. http://twit.tv/show/this-week-in-enterprise-tech/6

Find an inexpensive Synology Diskstation. They have a built-in VPN server. I had mine setup in about 1hour including driving to starbucks to use external WiFi to test it :)

Love my Synology. I highly recommend it - easy to set up and ridiculously flexible, without exposing too much detail in the configuration process. All the power of a Unix server at home with none of the fuss. ^

I'm not sure what you mean by "cable streaming service" - if she has a Slingbox I don't think she will need VPN access. In 2008, we stayed at the Radisson in St. Petersburg for about a week. Free internet and I was able to stream my Slingbox to my laptop fine without any VPN. Worked like a charm. If it's Netflix, etc - that may be different.

Her cable company gives her a access to most shows when she is on her home network. It is like a DVR over IP. She wanted to tap into her home network to pull the stuff.

Before you read the below, I think slingbox may meet your needs without full-on VPN implementation...

Best home solution:
Use the Cisco any connect VPN embedded in a ASA5505. (My home config; Yes, I'm a high-tech redneck).

If I were doing it on a $50 budget, I'd buy a PIX501 on ebay and setup my own Cisco VPN client.

If I were doing it on a $0-20 dollar budget, I'd burn DD-WRT to my current router and let it be my VPN

I would not, however, allow my NAS to be my VPN aggregator (as others suggested).

Other disclaimer: Most free/consumer VPN's aren't optimized for streaming. First thing to consider is her uplink speed, which I didn't see mentioned...

More on PPTP weakness: http://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol#Security

There are now tools to capture the stream sent over PPTP, crack it in less than a day and read the captured stream or future VPN communications.

More at http://twit.tv/show/security-now/366 from about 10 min to 22 min.

PPTP is very widespread.

SSL or IPSec based VPNs are far better.

I have a Mac Mini with OSX Server. It's a great VPN solution in that it works with minimal fiddling - especially if you have OSX or iOS clients. It is standards based so it works with Windows but I haven't found Windows VPN clients to be very friendly.

If she may be looking for a new router anyway, consider the Asus RT-N66u which provides a VPN server; works very well and easy to set up.