VPN and remote work

Welcome!

Now I work remotely, and gain access to the company network via VPN. The problem is that I have more than one computer (basically new path), and each of them need access to the office net. I now manually configure the VPN on each computer. But this is inconvenient, so I'm working on optimizing its infrastructure.

How to solve my problem?

I see two possible solutions. The first option is to raise the VPN client on the router, and to put my subnet in the office the net via NAT. In this solution, I see one significant drawback — you can't establish a connection from the office meshes with my car (sometimes you need).

The second option requires the installation of additional devices in the office. It is possible for example to use EoIP. Cons — have to agree with the admins.

Still need some way to keep the "household" devices (ex: laptop wife) to work network. The connection in the direction of the I—other home appliances and sometimes back need. To breed on a separate subnet/VLANs?

Feel, to persuade the admins will be very difficult.

To make matters worse, I'm a complete novice to setting up networks.
October 8th 19 at 00:10
7 answers
October 8th 19 at 00:12
Solution
In the presence of about 10 of virtuallock, it is easier to manually configure each VPN. You can write a bash script that will simplify your life, unless of course the same operating system.

When will be about 50-100 virtuallock, then you should consider automation, and what is the 10 systems to configure, cases for 10-30 minutes.
Inclined to the same opinion. - denis9 commented on October 8th 19 at 00:15
In my opinion, the easiest way to raise dev-a router with VPN and using it to put the necessary components in the building.network. And wife isolated and less crap. On real computers just the router the other to indicate all. - Terrence commented on October 8th 19 at 00:18
October 8th 19 at 00:14
To raise the VPN client on the router and traverse the necessary(or all, configuring DMZ) ports on your computer isn't an option?
Yes, the option. Another new path will not be available from the office (on virtualcad network in bridged mode). Soft diploidy and tested in virtualcad. Sometimes (very rarely) you may need to invite a colleague with a remote debugger. - denis9 commented on October 8th 19 at 00:17
Ports a lot, are forwarding... or raise the necessary number of VPN clients on the router and do DNZ for each dev. - Terrence commented on October 8th 19 at 00:20
I wonder is it somehow possible to automate? Just if hands is no better than to set once VPN each V-world. - denis9 commented on October 8th 19 at 00:23
How many of you have virtuallock? - Sid_OKon commented on October 8th 19 at 00:26
10. - denis9 commented on October 8th 19 at 00:29
For colleagues who need access nitrite portforwarding on the nat, is used different ports for ssh forwardlist different virtuallock, if necessary counterpart to do so via ssh to the desired virtual reality and inside the ssh tunnel can be Gan almost all that is necessary - Sid_OKon commented on October 8th 19 at 00:32
October 8th 19 at 00:16
VPNом can not only distribute, but and subnet.
October 8th 19 at 00:18
if the router is smart enough, it is possible to lift VPN connection with it and configure the routing to all machines in the LAN was accessible via VPN
And you can read more? Let's say the router has established a ppp connection to the office using VPN client. In this connection 1 dedicated IPS office network. As of now the office network to get to the "all machines in a (home) LAN"? - denis9 commented on October 8th 19 at 00:21
it is necessary to configure the router to not natil connection through the Internet, and the router work network to set the route to your home network need to go through the gateway — IP of the router. - Terrence commented on October 8th 19 at 00:24
FIX: not natil connection using inet -> not natil connection via VPN - denis9 commented on October 8th 19 at 00:27
Well, I will change the routing in the office network. - Sid_OKon commented on October 8th 19 at 00:30
then list the route only on your computer, which you will need to connect home. I hope at least it you have admin rights there? - denis9 commented on October 8th 19 at 00:33
"specify route only on your computer, which you will need to connect home."
I do not need to connect home. I work remotely, that is home. Sometimes (rarely) it is necessary to connect the people in the office. - Sid_OKon commented on October 8th 19 at 00:36
October 8th 19 at 00:20
And the port forwarding on the router with the vpn client not satisfied?
And model of the router would indicate.
Port forwarding hands it will have to do?
Router yet. As an option — Mikrotik 750G. - denis9 commented on October 8th 19 at 00:23
October 8th 19 at 00:22
We use OpenVPN. With anything on a particular machine do not need to configure, including all network routing for a login/password arrives with the config.
October 8th 19 at 00:24
At (home or wherever) to use a subnet different from the office, know the connection on the router and set up routing in the office on a subnet through the VPN server. No icing is not necessary.

Find more questions by tags Remote workVPNComputer networks