[SOLVED] Connection between two PCs in different location

luk17 · Mar 6, 2019

HI,
i would like to ask you some question,

1 Can i link two different pc's on a different internet position with the vpn creation from windows ?
for example: a laptop is what would log in instead the desktop is going to be the worktower, I have already tried and it works.I got some problems that i searched on internet the Windows VPN and it seems that it work randomly sometimes yes sometimes no.
2 If not, can i use a vpn connection for example like WinScribe, to connect the pcs? or it's just a private connection that secure your navigation?
For Example i'm connecting to a VPN with the laptop and the desktop shouldn't be the same like i already did?
We are talking about a close local VPN so it should be work like at house or university, no?

I'm a little confused about this Connections, because i even proved at university and it works for a while, than it stops and dosean't work again.
It's seem to me that Windows VPN can't connect always.

Exactly what i need is to create a share folder on a PC tha can be access by other 2-3 pcs from internet, so that they can edit it too, from other location, is possible?

Lutfij · Mar 6, 2019

You can use TeamViewer or even AnyDesk while you have a VPN running on the background. Seems like you want a shared folder on the Cloud, what's wrong with Dropbox?

luk17 · Mar 6, 2019

Lutfij said:
You can use TeamViewer or even AnyDesk while you have a VPN running on the background. Seems like you want a shared folder on the Cloud, what's wrong with Dropbox?

The program i use is Revit; a engineering program, you can set the project on sharing so that different people can work on it, but you have to create a main "worker" or a boss. I have tried like this like for example: inside of a usb pendrive, create the main "worker" or Boss project(the folder with the project), that is connected to the internet (across 1 pc), where all PCs are login so anytime someone synchronize with the Boss every people receive the upload, and download it, but what i would like to create is a connection when even everyone is at home, of course the program himself has this option but it cost and we are student.
And on internet you can't have it because the program didn't recognize the folder.

hope i explain myself ahahah

failboat · Mar 6, 2019

SFTP, VPN, or SSHFS can do this. Any inbound solution can be brute forced so you need a very strong key.

If both locations are fixed sites site-to-site shared key openvpn on pfsense is easy to configure. you would need this router on both sides. then any client on the LAN can connect to any other client on the VPN.

openvpn clients aren't too bad to configure. pfsense has a client export tool if you want to connect from each client.

If you server host doesn't have a static public ip available then it will be more complicated. you can pay for a hostname and keep it's ip up-to-date. then you can resolve it's ip over the internet.

luk17 · Mar 6, 2019

failboat said:
SFTP, VPN, or SSHFS can do this. Any inbound solution can be brute forced so you need a very strong key.

If both locations are fixed sites site-to-site shared key openvpn on pfsense is easy to configure. you would need this router on both sides. then any client on the LAN can connect to any other client on the VPN.

openvpn clients aren't too bad to configure. pfsense has a client export tool if you want to connect from each client.

If you server host doesn't have a static public ip available then it will be more complicated. you can pay for a hostname and keep it's ip up-to-date. then you can resolve it's ip over the internet.

ok First i will start from apologie because it will be hard for me to understand, because about the network/server i never investigated so much, so let's go.

1 - Very strong key, because someone could be enter in?
2 - "Router on both sides" you mean PcA-to-PcB or PcA-to-UsbPenDrive or something else?
3 - Static public ip isn't my own ip from home?

This is what i have understand, everyone of my collabor should have another router (beside that one that he has connected to internet) where we can link all them togheter, so when we login with the Pcs we are all on to the same Lan, but if all router are linked togheter and it doesn't have a Static Ip "it will be more complicated"( i suppose more lag or connection problem ?), so the one who is the Boss could share and all can upload or download from that,right?

Now that i have write this, maybe understand better: I can configure a portal on each of everyone pc, with the same specs, that utilize the same Ip(taken from where?) and so we are all connected ? but i can't use my own ip like a host? because is not static? i know my ip has 5 variable at the end from 1 to 5 and beside that doesn't change.

Thank you so much.

failboat · Mar 6, 2019

https://docs.netgate.com/pfsense/en...site-to-site-static-key-openvpn-instance.html

pfsense has good docs to read through. if you have a lot of users and locations going with the shared key + user certs will allow you to disable access to single users. pfsense has an openvpn client export tool. I highly recommend using it as your server. pfsense default keygen and encryption algo are strong.

if you have a lot of users logging in from a single location then you can run the client from another pfsense router. this way each person doesn't need a client. it's the easiest to setup by far.

you have to decide which address will be the server. a static public ip is ideal. decent down/up speeds as well. if you don't have a static public then you have to mess with DNS.

the networks you want to access should use private ip ranges that are unused by any networks you don't want to connect. it's helpful if they are in the same CIDR range. a block of /19 would give you 32 different class C subnets /24. this makes the routing rules easier client side.

luk17 · Mar 7, 2019

I will take my time to read and understand, i will let you know what i did, thanks for now!

luk17 · Mar 12, 2019

Some upgrade, finally i was enable to install pfsense and to access my pfsenseip, after fighting with the infinit loop of virtual box and the vpn create already in the router, now i will try to create the vpn connection firewall.

failboat said:
https://docs.netgate.com/pfsense/en...site-to-site-static-key-openvpn-instance.html

pfsense has good docs to read through. if you have a lot of users and locations going with the shared key + user certs will allow you to disable access to single users. pfsense has an openvpn client export tool. I highly recommend using it as your server. pfsense default keygen and encryption algo are strong.

if you have a lot of users logging in from a single location then you can run the client from another pfsense router. this way each person doesn't need a client. it's the easiest to setup by far.

you have to decide which address will be the server. a static public ip is ideal. decent down/up speeds as well. if you don't have a static public then you have to mess with DNS.

the networks you want to access should use private ip ranges that are unused by any networks you don't want to connect. it's helpful if they are in the same CIDR range. a block of /19 would give you 32 different class C subnets /24. this makes the routing rules easier client side.

I have a question; should i use this guide
https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/openvpn-remote-access-server.html
for remote access and not the site to site that you give me?

luk17 · Mar 13, 2019

I have just found out that my public ip isn't static, so i have to mess with dns....
could help the fact that i have an old router that i don't use belkin f5z0103nt to create some server ahahah i'm getting out of mind how to do it.

Edit: i have find this site, that i read is about dns vpn

SoftEther VPN Project - SoftEther VPN Project

www.softether.org

failboat · Mar 13, 2019

I'd recommend starting with just user auth for testing. then add in certs. use a really strong pw. SSL/TLS + user auth is probably what you want. each person will have a unique user/cert. so they can't share only the user/pw to give someone else access. you can also turn off access in the user manager. someone could probably share their cert, user/pw. you can't prevent this unless they use clients that only you have admin on.

you dont need a static to test it. even if you dont have a static it might not change very often. once you're ready to do the dns start a new thread for that. i have a static so ive never had to mess with it.

find instructions for how to enable AES. check your dashboard to see if it's loaded active. this allows you to add the hardware encryption algos.

luk17 · Mar 14, 2019

So i must follow the instruction on The pfsense about vpn site to site that are Very clear? and try it ?

failboat · Mar 15, 2019

luk17 said:
So i must follow the instruction on The pfsense about vpn site to site that are Very clear? and try it ?

site-to-site is if you have two locations with pfsense. it's the easiest to configure. no clients need vpns because it runs on pfsense and it routes traffic through the vpn depending on the ip range.

find the openvpn user auth docs. get that working and then you can start creating certs and exporting clients for each cert.

With the openvpn client export tool it will create a .exe file for windows and all you do is open it and type user/pass and you connect to the vpn. you have to go into the package manager and add this package. you can export it for each person later and zip it and send to them.

Search

[SOLVED] Connection between two PCs in different location

luk17

failboat

Lutfij

Titan

luk17

failboat

Splendid

luk17

failboat

Splendid

luk17

luk17

luk17

SoftEther VPN Project - SoftEther VPN Project

failboat

Splendid

luk17

failboat

Splendid

TRENDING THREADS

Latest posts

Moderators online

Share this page