[SOLVED] is there a FREE VPN for Local Networks ?

[rage690]

Hi guys,

I have a visual Foxpro program and it connects to a MySQL Server in our Local Area Network of 3 computers.

someday i would like to allow 5-10 more users from different locations OUTSIDE of our LAN to connect to this MySQL server.

I have done some digging about this and it seems i might need a STATIC IP address for my LAN and for anyone outside of our LAN they must have a STATIC IP as well ? and i heard i needed to BUY a DOMAIN or something or a website etc.

but i was wondering, given that we dont have STATIC IP address anywhere in our network but are doing fine connecting to our MySQL server in the LAN, what if we can use VPN to make it seems like we are all in the same LOCAL AREA NETWORK even though some of us are far away.

this of course leads me to some questions.

1. Can MySQL be accessed through a VPN network like Hamachi or something. ?

2. is there a FREE VPN for LAN ? or do i really have to buy a VPN application for that ? Hamachi is free but is limited to only 5 computers. does Windows 10 have a build-in VPN ?

3. is all these possible ? simply setting up a Virtual Private Network to mimic a Local Area Network and get all our users from multiple locations connected to our Server in the Local Area Network(VPN) ?

or maybe its just not that easy ?

i apologize for asking here, but im having a lot of difficulties researching for a Virtual Private Network ( as in a Virtual Local Area Network ) because most results refer to VPN that is used for browsing anonymously or something. i meant VPN that is setup to create a private network for office use.

thanks guys.

 

[bill001g]

1. you can use hamachi but that is the older way. It is more common to use openvpn but maybe hamachi now supports it. There other solutions.
2. Both openvpn and wireguard are free. Technically hamachi is using a free protocol called IPSEC so you could do that without paying hamachi.
3. Proper vpn does exactly that. Your remote device appear to be on the local lan.

If you were a big company you just buy a fancy vpn box. This is how all the remote work from home is being done.

When you are small you are likely better off just buying a router that supports vpn server. There are many consumer routers that support remote access via a vpn server. What I don't know is how many is too many users. There is no hard limit it is more of a performance thing in most routers. This is something you need to research if you choose to go that route. Otherwise you use a small dual nic pc running linux to build your own vpn server

Most these system use openvpn or wireguard protocol. There are free vpn clients for most platforms that will allow you to connect to the router. Now if you really want to do it many also support IPSEC. IPSEC though is harder to get to run through NAT and other systems. Openvpn and wireguard can use standard HTTP ports if you want so it can function even in say a internet cafe that only allows web surfing.

The big issue is you MUST have a public IP on you main location where you have your servers and your vpn router installed. The end users are not really limited they should work pretty much on any network.

Now there is a difference between a PUBLIC ip and a PUBLIC STATIC ip. When you do not have a PUBLIC STATIC ip the IP can change which means you end clients do not know where your router is. This can be solved by a very common router feature called DYNDNS. It creates a dummy DNS entry that is updated everytime you public IP would change. The clients would use this domain name to find the new ip rather than hard code it. DYNDNS used to free but they are very inexpensive even if they charge. A STATIC ip is nice but not really needed, the ip does not change often anyway....likely only when you reboot the modem at most.

Now this does not solve the problem if you have a private IP rather than public. There is no good solution for that you have to get a public IP somehow. Your best option is to pay the ISP. The other way to get a public ip is to rent a server from a hosting company, like amazon or cloudflare. You would run a vpn server on that cloud server and all your end devices as well as your home office would connect via that server. This server is nothing special it is just a linux box running openvpn or wireguard in most cases. You can set it up yourself or you can pay the hosting company to do it for you. I would do it myself for security concerns.

 

[rage690]

1. you can use hamachi but that is the older way. It is more common to use openvpn but maybe hamachi now supports it. There other solutions.
2. Both openvpn and wireguard are free. Technically hamachi is using a free protocol called IPSEC so you could do that without paying hamachi.
3. Proper vpn does exactly that. Your remote device appear to be on the local lan.

If you were a big company you just buy a fancy vpn box. This is how all the remote work from home is being done.

When you are small you are likely better off just buying a router that supports vpn server. There are many consumer routers that support remote access via a vpn server. What I don't know is how many is too many users. There is no hard limit it is more of a performance thing in most routers. This is something you need to research if you choose to go that route. Otherwise you use a small dual nic pc running linux to build your own vpn server

Most these system use openvpn or wireguard protocol. There are free vpn clients for most platforms that will allow you to connect to the router. Now if you really want to do it many also support IPSEC. IPSEC though is harder to get to run through NAT and other systems. Openvpn and wireguard can use standard HTTP ports if you want so it can function even in say a internet cafe that only allows web surfing.

The big issue is you MUST have a public IP on you main location where you have your servers and your vpn router installed. The end users are not really limited they should work pretty much on any network.

Now there is a difference between a PUBLIC ip and a PUBLIC STATIC ip. When you do not have a PUBLIC STATIC ip the IP can change which means you end clients do not know where your router is. This can be solved by a very common router feature called DYNDNS. It creates a dummy DNS entry that is updated everytime you public IP would change. The clients would use this domain name to find the new ip rather than hard code it. DYNDNS used to free but they are very inexpensive even if they charge. A STATIC ip is nice but not really needed, the ip does not change often anyway....likely only when you reboot the modem at most.

Now this does not solve the problem if you have a private IP rather than public. There is no good solution for that you have to get a public IP somehow. Your best option is to pay the ISP. The other way to get a public ip is to rent a server from a hosting company, like amazon or cloudflare. You would run a vpn server on that cloud server and all your end devices as well as your home office would connect via that server. This server is nothing special it is just a linux box running openvpn or wireguard in most cases. You can set it up yourself or you can pay the hosting company to do it for you. I would do it myself for security concerns.

Thanks very much this is very detailed.

i have tried it with Hamachi last night and it seems to work but the same query that took me 8 seconds in the local area network took 15 seconds querying to a server in hamachi VPN network. is hamachi slower than other VPNs ?

 

[bill001g]

A vpn has some overhead for the encryption but you should not be adding seconds it is some tiny fraction of a second. Not it also depends on what rate you transfer the data at. There tends to be a cap at the maximum total bandwidth you get before the cpu hit 100%. This of course depends on what platform you run on and you have to take into account both ends. If you run vpn on a phone it will be much less than a pc even if you are running the vpn server function a large server. This is also why consumer routers have limitations on how many users they can run since the cpu in the router will hit 100%.

In general vpn does not impact the performance much but if you are sending lots of data back and forth then it might.

 

[rage690]

A vpn has some overhead for the encryption but you should not be adding seconds it is some tiny fraction of a second. Not it also depends on what rate you transfer the data at. There tends to be a cap at the maximum total bandwidth you get before the cpu hit 100%. This of course depends on what platform you run on and you have to take into account both ends. If you run vpn on a phone it will be much less than a pc even if you are running the vpn server function a large server. This is also why consumer routers have limitations on how many users they can run since the cpu in the router will hit 100%.

In general vpn does not impact the performance much but if you are sending lots of data back and forth then it might.

thanks very much