1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

RV042 - “PPTP Server†VS “VPN Client Access(QuickVPN)â€

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by motech12, Oct 8, 2006.

  1. motech12

    motech12 LI Guru Member

    We are in the process of testing a solution for a client with multiple warehouses. We are going to place the RV042 at the main warehouse where our host computer resides. This host computer has the ledgers for Multi User QuickBooks Enterprise 2007 edition. We want to get away from the more expensive CISCO PIX 501 solutions we have implemented prior.

    We know how, at the main warehouse, to share the Quickbooks folder on our host. On local clients, at the main warehouse (also connected to the RV042 directly), we map a network drive “Q” using the IP address of the host computer \\192.168.101.98. Install Quickbooks and off we go. Basic – No Problem – It’s all good.

    We need to be able to map this same network drive from two other outside locations, hence the requirement for a VPN. We have connected a RV042 to our local network with a fixed IP address. We did this for pre-release testing. The RV042 has a static IP address of 192.168.1.50. Internally, the RV042 has a local IP numbering set to 192.168.101.x. We understand the need for DIFFERENT numbering.

    We tried using the XP VPN on a client computer and configured a user name and password on the RV042 in the “PPTP SERVER” component. Entered the user name, password and IP on our client computer and No problem, immediate connection (we were surprised at how easy). In our client computer we went to windows explorer and entered \\192.168.101.98 and all the shares on our host behind the RV042 showed up and we could map a network drive. Once again, no problem!

    Next we tried using the LINKSYS VPN Client and configured a user name and password in the “VPN CLIENT ACCESS” component. Entered the user name, password and IP on our client computer and No problem, immediate connection (we were even more surprised at how easy). In our client computer we went to windows explorer and entered \\192.168.101.98 and all the shares on or host behind the RV042 showed up and we could map a network drive. Once again, no problem!

    Question : which client do we use and why?
    Question : which client is going to give us better throughput?
    Question : how do we get this unit to handle more then 5 clients (either QuickVPN of PPTP)
    Question : at the outside locations can we use a LINKSYS BERSR41 V3 router, we know it supports both IPSEC and PPTP passthrough but HOW MANY CONCURRENT passthough tunnels can it handle?

    Thank you for your assistance and Regards,

    MOTECH12
     
  2. DocLarge

    DocLarge Super Moderator Staff Member Member

    Regarding using the same mapped network drives at all of your sites, you may need to develop a script that automatically maps the drives for you once your clients connect. However, if you were connecting to an MS vpn server "behind" your RV042, as soon as your clients connect, I believe you can actually type in a path in their user profile that automatically makes a particular drive available to them (I've not really done this over vpn, but I might try that now just to verify).

    <b>1) Question : which client do we use and why?</b> This would really depend on the sensitivity level of the information you want to transfer through the tunnel. This is not to say that you're going to be sending "trivial" information over the wire, but as a simple comparison, Quickvpn is an IPSEC client, therfore, offering more security as opposed to PPTP, which is secure (to an extent) just not "as secure" as Quickvpn. However, if you're in a pinch, PPTP never lets you down! :)

    <b>2)Question : which client is going to give us better throughput?</b> This may have something to do with your connection and your router. Speaking from my standpoint, the WRV200 estimates a throughput of 30mbps when using quickvpn; at this time, I personally can attest to the throughput you'd have with PPTP, but someone else may have that answer...

    <b>3)Question : how do we get this unit to handle more then 5 clients (either QuickVPN of PPTP)</b> To utilize more Quickvpn clients, you'd have to buy the 50 user license quickvpn upgrade:

    http://www.linksys.com/servlet/Sate...767676&pagename=Linksys/Common/VisitorWrapper (Quickvpn 50 User Upgrade)

    In order to have more PPTP clients, Linksys would have to offer a firmware upgrade for that also...

    <b>4)Question : at the outside locations can we use a LINKSYS BERSR41 V3 router, we know it supports both IPSEC and PPTP passthrough but HOW MANY CONCURRENT passthough tunnels can it handle?</b> The older versions of linksys routers were able to support more than just one "pass-through" when handling vpn clients. As of now, it's difficult to say which one's allow more than just one connection out :( Believe me, it's a rarity to find a linksys router these days that has this functionality...

    Jay
     
  3. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    As Doc mentioned...there's a security difference in the two. My rule of thumb...for the "road warrior" types of connections...which means part time connections from all over the place (constantly changing IPs)...PPTP VPN works fine.

    Many people VPN to the office so they can Remote Desktop Connection to a terminal server or their workstation, don't forget, RDC itself is secured. So there's a double layer of protection there.

    For more full time connections (router to router VPN tunnels that are alive 24/7), and to satisfy basic "best practice" rules when dealing with more sensitive stuff like healthcare (HIPAA), or securities/investment/accounting firms, you'll want to step up to IPSec or SSL.

    The RV0 series will only allow up to 5x PPTP connections. With the QuickVPN client, it goes much higher (I forget the 042 one, but with the 016 it's up to 100)

    "Usually"...IPSec VPN tunnels will give you slightly better throughput/performance also. I've not compared the QuickVPN to PPTP, and honestly when doing PPTP versus Cisco VPN dialer to a PIX...I've not seen any noticable difference in performance myself.

    This week I'm actually replacing a PIX501 at a client..they're outgrowing it....have an expanding fleet of visiting nurses that VPN in with their laptops to synch up their mobile application...so I'm replacing with an RV016. I've done several dozen RV082 and 016 installs at clients..and the PPTP has been bullet proof for me. I've found the QuickVPN touchy..but haven't revisited it in a while...sort of crossing my fingers on my first QuickVPN usage at a client.
     

Share This Page