Okay, this might be a little long winded, so kick back with a cold one. If you make it all the way through, PM me your address and I will mail you a cookie. This question has probably been asked, but it is a difficult one to find through searching, so if it has been beaten to death already, feel free to break out the trout.
I have my network at home behind my router, subnet 192.168.0.x. I have two friends with home networks behind routers, subnets 192.168.1.x and 192.168.2.x (all 3 routers are Linksys). The idea is to connect the subnets over the internet for nothing more than pure gaming fun. In the past this involved one person DMZ'ing, then everyone could connect to the exposed game server. The advent of Age of Mythology and this no longer works (part of the push to get people to use the gaming services?). Here are my two thoughts:
1) VPN. I get a VPN router, the other two tunnel into my network. 1 extraordinarily painful week with a Netgear FVS318 and we had this working. I could see each of them, they each could see me. Problem, they could not see each other, thus gaming would be out. The reason for this is readily apparent because their subnets on my end were the same as their home subnets. If I ping'd 192.168.1.x my router knew to send it through the VPN tunnel. Likewise if they ping' 192.168.0.x their VPN client knew to send it through the tunnel. However, the person in the 192.168.1.x subnet had no way to talk to the person in the 192.168.2.x subnet. I thought about giving them the same subnet on my end, but I don't think VPN would take to that very well. I seriously doubt the Netgear would be able to handle sending the same request down multiple tunnels, however I don't know everything there is to know about VPN. If someone out there knows more about VPN and getting multiple clients tunneling into the same VPN to talk to each other, your insight would be greatly appreciated. A solution (though expensive) is for all of us to have VPN routers, then each person builds a tunnel to the other 2, but this isn't very practical.
2) Static Routes. The Linksys routers provide the capabilities for static routing, so it seemed logical that we should be able to set this up between our subnets. As an example, I could put a static route into my router that says send anything for the 192.168.1.x subnet to the other person's router, using his WAN IP address as the gateway IP address. As logical as this would seem, it did not work in practice. Doing a traceroute to the other subnet showed the packets making it about 2 hops into my ISP before they would vanish. There is no way to tell, however, if the router was properly performing the static routing, and that this static routing model simply won't work over the internet, or if the router was not forwarding the packets properly, and my ISP was properly eating private IP addressed packets.
So, there you have it. It seems like a solvable problem, and it seems like VPN is a logical route to take, I just do not know enough about setting up VPNs to figure out how to get multiple clients talking to each other (instead of just to the VPN router), and since this is not something that VPNs are typically used for, none of the VPN specs you can find on the internet talk about it.
Thoughts? Comments? Someone have a working solution already in place?
I have my network at home behind my router, subnet 192.168.0.x. I have two friends with home networks behind routers, subnets 192.168.1.x and 192.168.2.x (all 3 routers are Linksys). The idea is to connect the subnets over the internet for nothing more than pure gaming fun. In the past this involved one person DMZ'ing, then everyone could connect to the exposed game server. The advent of Age of Mythology and this no longer works (part of the push to get people to use the gaming services?). Here are my two thoughts:
1) VPN. I get a VPN router, the other two tunnel into my network. 1 extraordinarily painful week with a Netgear FVS318 and we had this working. I could see each of them, they each could see me. Problem, they could not see each other, thus gaming would be out. The reason for this is readily apparent because their subnets on my end were the same as their home subnets. If I ping'd 192.168.1.x my router knew to send it through the VPN tunnel. Likewise if they ping' 192.168.0.x their VPN client knew to send it through the tunnel. However, the person in the 192.168.1.x subnet had no way to talk to the person in the 192.168.2.x subnet. I thought about giving them the same subnet on my end, but I don't think VPN would take to that very well. I seriously doubt the Netgear would be able to handle sending the same request down multiple tunnels, however I don't know everything there is to know about VPN. If someone out there knows more about VPN and getting multiple clients tunneling into the same VPN to talk to each other, your insight would be greatly appreciated. A solution (though expensive) is for all of us to have VPN routers, then each person builds a tunnel to the other 2, but this isn't very practical.
2) Static Routes. The Linksys routers provide the capabilities for static routing, so it seemed logical that we should be able to set this up between our subnets. As an example, I could put a static route into my router that says send anything for the 192.168.1.x subnet to the other person's router, using his WAN IP address as the gateway IP address. As logical as this would seem, it did not work in practice. Doing a traceroute to the other subnet showed the packets making it about 2 hops into my ISP before they would vanish. There is no way to tell, however, if the router was properly performing the static routing, and that this static routing model simply won't work over the internet, or if the router was not forwarding the packets properly, and my ISP was properly eating private IP addressed packets.
So, there you have it. It seems like a solvable problem, and it seems like VPN is a logical route to take, I just do not know enough about setting up VPNs to figure out how to get multiple clients talking to each other (instead of just to the VPN router), and since this is not something that VPNs are typically used for, none of the VPN specs you can find on the internet talk about it.
Thoughts? Comments? Someone have a working solution already in place?