Your forum username:
Do you already have an account?
Forgot your password?
  • Log in or Sign up


    Welcome to Sky User - The Unofficial Support Forum for everything Sky! - Proudly helping over 65k members.


    Advertisement

    Results 1 to 9 of 9

    sky router with vpn tunnel

    This is a discussion on sky router with vpn tunnel within the Asking for help forums, part of the Broadband Technical Help category; I have just joined so excuse the ignorance. I am on sky max, but been capped to 4 mb supposedly ...

    1. #1
      big john's Avatar
      big john is offline Sky User Member
      Exchange:
      Broadband ISP: Max
      Router:
      Sky TV:
      Join Date
      Mar 2007
      Posts
      17
      Thanks
      0
      Thanked 0 Times in 0 Posts

      sky router with vpn tunnel

      I have just joined so excuse the ignorance.
      I am on sky max, but been capped to 4 mb supposedly because of exchange limitations. Anyway, I have a belkin usb wireless 2g stick on the pc to link to the sky router.
      I also have a laptop with belkin pcmcia wireless card.

      Can I run a secure tunnel between the pc/laptop and the sky router?

      Thanks


    2. Advertisement
    3. #2
      armitasp's Avatar
      armitasp is offline Sky User Member
      Exchange: Loughborough
      Broadband ISP: Max
      Router:
      Sky TV:
      Join Date
      Feb 2007
      Posts
      163
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: sky router with vpn tunnel

      i'm unsure what you are looking for here. If you want to secure your wireless traffic between your pc and the sky gateway then the WPA should be sufficient. If you are really paranoid get a WPA2 AP and disable the wireless on your sky router.

      WPA uses an RC4 stream cipher (like SSL) so it is fairly secure given a strong password. WPA2 uses AES block ciphering which is pretty much unbreakable (no known attacks) given a strong password.

      If you are really paranoid you could layer some session security ontop. I suppose in theory you could stick OpenWRT on you sky router and tunnel the session through ssh, but that seems unnecessary.


      If you are talking about VPN'ing to your office VPN passthrough seems to work fine (at least I've had no problems VPN'ing to work). However, from what I've seen (and correct me if i'm wrong), the router can't be used as a VPN end point. Not many cheap SOHO stuff does a good job of VPN endpoint. Often they will support username and pass based VPN but not certificate based.


      I hope what i've said hasn't missed the point completely and has been of some use.
      Last edited by armitasp; 01-03-07 at 11:54 PM.

    4. #3
      big john's Avatar
      big john is offline Sky User Member
      Exchange:
      Broadband ISP: Max
      Router:
      Sky TV:
      Join Date
      Mar 2007
      Posts
      17
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: sky router with vpn tunnel

      Hi, Thanks for the reply. I only want to protect the link between my wireless laptop and sky router, which is also wireless ( no hard link to my pc or laptop ). I saw a demo of the wpa password be hacked fairly easily and I was wondering if there are more secure ways to do it. A hard wire link is out of the question unfortunately.

      Thanks

    5. #4
      Parva's Avatar
      Parva is offline Sky User Member
      Exchange: Armley
      Broadband ISP: Max
      Router: Netgear V1 DG834GT
      Sky TV: Sky+ HD
      Join Date
      Nov 2006
      Location
      Leeds
      Posts
      39
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: sky router with vpn tunnel

      Well WPA isn't exactly a piece of cake to crack but if you want to make it more secure you can limit the available IP range so that new devices can't connect. I have 192.168.0.2 through 192.168.0.9 set as the maximum number of IP addresses and each one of these has a specific MAC code that's allowed to connect to it. Yes, I have 8 different devices that connect via my router but each one has to have an authorised MAC code. If someone tried connecting outside my house (assuming they could beat the WPA) then they still couldn't connect as there's no spare IP's.

      I also have my router set to ONLY allow this PC to access the router configs which is hardwired via RJ45. You could of course hard-wire a laptop to set this up and put it into effect and then continue using Wi-Fi safe in the knowledge that nobody can access the router settings other than yourself when you use the RJ45 cable.

      As a final precaution you could turn SSID broadcast off which will stop your router broadcasting its existence.

      There are always ways and means around everything and as detailed above there are ways to make things more secure but your average broadband thief won't even bother wasting what could be a lot of time trying to get through the standard Sky supplied Netgear security, let alone the extra measures I've mentioned.

    6. #5
      big john's Avatar
      big john is offline Sky User Member
      Exchange:
      Broadband ISP: Max
      Router:
      Sky TV:
      Join Date
      Mar 2007
      Posts
      17
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: sky router with vpn tunnel

      Hi, I tried to limit the mac address to that of my own, but it locked me out and I had to hardwire my laptop into the router to set it back again.
      I went into wireless settings
      then setup access list

      Under the trusted wireless list I added my own mac address, then enabled the access control and it locked me out.

      Thanks

    7. #6
      armitasp's Avatar
      armitasp is offline Sky User Member
      Exchange: Loughborough
      Broadband ISP: Max
      Router:
      Sky TV:
      Join Date
      Feb 2007
      Posts
      163
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: sky router with vpn tunnel

      turning off the SSID broadcast is pointless, it offers no absolutely no security whatsoever. Most supplicants (including the vista one) will show networks which aren't broadcasting their SSID. limiting by mac-address is a fairly weak step but is another hurdle when used with WPA and a restricted ip range. Main thing is make sure you have a stong WPA/WPA2 password.

      (if you were really sadistic, like me, you could use 802.1X and setup a RADIUS server to authenticate your clients :-) )
      Last edited by armitasp; 03-03-07 at 12:17 PM.

    8. #7
      mossywell's Avatar
      mossywell is offline Sky User Member
      Exchange: LSMEPK
      Broadband ISP: Max
      Router:
      Sky TV:
      Join Date
      Sep 2006
      Location
      London, UK
      Posts
      789
      Thanks
      0
      Thanked 11 Times in 4 Posts

      Re: sky router with vpn tunnel

      IMHO,WPA should suffice here.

      Quote Originally Posted by armitasp View Post
      (if you were really sadistic, like me, you could use 802.1X and setup a RADIUS server to authenticate your clients :-) )
      Presumably using IPSec to the RADIUS server?
      IQ album "Dark Matter" artwork reproduced with permission. See www.gep.co.uk/iq for more information.

    9. #8
      armitasp's Avatar
      armitasp is offline Sky User Member
      Exchange: Loughborough
      Broadband ISP: Max
      Router:
      Sky TV:
      Join Date
      Feb 2007
      Posts
      163
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: sky router with vpn tunnel

      mossywell is right WPA is sufficient. I'm not sure if the attack you saw was on a WEP key which can be cracked in minutes. Cracking WPA is not trival (reiterating Parvas point), and cracking WPA2 is (sticking my neck out) impossible (for now).

      (EAP-TTLS for the authentication with RADIUS (and EAP-PEAP for Vista)).
      Last edited by armitasp; 05-03-07 at 10:39 PM.

    10. #9
      mossywell's Avatar
      mossywell is offline Sky User Member
      Exchange: LSMEPK
      Broadband ISP: Max
      Router:
      Sky TV:
      Join Date
      Sep 2006
      Location
      London, UK
      Posts
      789
      Thanks
      0
      Thanked 11 Times in 4 Posts

      Re: sky router with vpn tunnel

      Quote Originally Posted by armitasp View Post
      and cracking WPA2 is (sticking my neck out) impossible (for now).
      Sadly not. I did read that the same methods that are applied to the WPA stream (which is after all a very long block with one key) can also be applied to the block cipher. It's just that each block has to be treated individually in WPA2 making the task possible in theory but only almost impossible in practice.

      The thing is that for for people trying to gain data illegally, if it's corporate infromation, it's still far more cost effective to bung an insider to get the information you need and if it's private information, say someone's credit card details you want, simply get a job in a local pizza delivery shop.Much easier (but less fun) than messing around with super compurers.
      IQ album "Dark Matter" artwork reproduced with permission. See www.gep.co.uk/iq for more information.

     

     

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •  
    SkyUser - Copyright © 2006-2020. SatDish and NewsreadeR | SkyUser is in no way affiliated with Sky Broadband / BSkyB
    RIPA NOTICE: NO CONSENT IS GIVEN FOR INTERCEPTION OF PAGE TRANSMISSION