Re: VPN problems and Linksys BEFSR411????
From: J. Marsh (jmarsh@_nospam_webwireusa.com)Date: 06/16/02
- Next message: Alan Guy: "Re: Agnitum Outpost Firewall: Help File Missing"
- Previous message: slow mongoose: "BIPCP"
- In reply to: x y: "Re: VPN problems and Linksys BEFSR411????"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: J. Marsh <jmarsh@_nospam_webwireusa.com> Date: Sat, 15 Jun 2002 20:10:41 -0400
Ah, I didn't pick up on the fact the endpoint was behind the linksys.
On Fri, 14 Jun 2002 20:12:00 -0400, "x y"
<jamescagney90210@excite.com> wrote:
>Port forwarding is not needed if the VPN clients are behind the linksys, but
>he says he is trying to VPN from the internet to a VPN server behind the
>linksys, in which case I believe he needs to set up NAT so the router knows
>where to send the VPN traffic, e.g. by port forwarding.
>
>"J. Marsh" <jmarsh@_nospam_webwireusa.com> wrote in message
>news:l4aigu4dci16t3aa1uvadpqvfegqqrqk9i@4ax.com...
>> 1. Upgrade the firmware. Linksys didn't support IPSec Passthrough in
>> their initial releases.
>>
>> 2. Make sure only one VPN client is on the machine you are attempting
>> to connect with.
>>
>> You don't have to use port forwarding; if you've got more than one
>> possible VPN client, it won't work for both anyway.
>>
>> If it's an IPSec client, forward port 500 (UDP) if you have to. (To
>> the PC in question.
>>
>> On Thu, 13 Jun 2002 11:27:35 -0400, "x y"
>> <jamescagney90210@excite.com> wrote:
>>
>> >For this, I think you need to enable port forwarding in the Advanced
>> >settings in the Linksys so that all packets on such and such port go to
>the
>> >internal VPN host. However, note that NAT can cause problems for certain
>> >VPN solutions that use a hash for authentication of the IP header, most
>> >notably IPsec using AH. I have heard that some routers have "PPTP
>> >passthrough," which would make me wonder whether PPTP and L2TP might also
>> >have similar problems in some circumstances. Search google or the
>> >manufacturer of the VPN solution to find out what ports are used... or do
>a
>> >test and keep an eye on the router log during the test to see what ports.
>> >
>> >I might also recommend enabling logging in the Linksys to send all the
>log
>> >information to 192.168.1.2 which would be a PC with 192.168.1.2 as a
>static
>> >IP address and a free syslog client such as www.kiwi-enterprises.com to
>> >capture all the logs. This would let you preserve the logs as evidence,
>and
>> >would also let you use the free www.mynetwatchman.com software to
>> >automatically report hacking attempts to the hacker's ISP. by default,
>the
>> >logs on the linksys disappear after 20 log entries or about the past
>> >minute's worth of data.
>> >
>> >"Brett" <b-glines@!!!!!!!!attbi.com> wrote in message
>> >news:1SUN8.29415$6m5.8710@rwcrnsc51.ops.asp.att.net...
>> >> But how about somone OUTSIDE the network, coming in from the public
>> >> internet?
>> >>
>> >> Windows Client >>>> VPN{Internet}VPN >>>> Linksys BEFSR Router >>>>
>> >> Windows 2000 Domain
>> >>
>> >> We're using Verizon Wireless Internet which gives us EXCELLENT internet
>> >> connectivity from out laptops
>> >> anywhere we can get a Verizon connection. True Wireless Internet.
>But
>> >> it's for a Realtor who need to have his laptop
>> >> with him at the client (house being shown) site. He connects to the
>> >> internet with reliable speeds, via his Verizon Wireless
>> >> Connection, but needs to VPN into his office network which is an ADSL
>> >> connection through a LinkSys Router BEFSR
>> >> (Not the Linksys BEFSR VPN Router) to his Windows Domain.....
>> >>
>> >> Most of what I have heard seem to sounds like the VPN client being
>inside
>> >> the network, behind the BEFSR router and connecting
>> >> to an outside target...
>> >>
>> >> Brett
>> >>
>> >>
>> >> "Steve Harris" <stvhrrs@newsguy.com> wrote in message
>> >> news:ae7obf0bpp@drn.newsguy.com...
>> >> > In article <1xwN8.12100$nZ3.1637@rwcrnsc53>, "Brett" says...
>> >> > >
>> >> > >I remember reading, in this news group, that there were problems
>using
>> >> the
>> >> > >LinkSys BEFSR series of Cable/DSL routers for VPN access to a
>network.
>> >> I
>> >> > >think it was somethingto do with the level of firmware and IPSec
>> >> > >passthrough??? Does anyone have anymore information on this? Has
>> >> anyone
>> >> > >gotten a VPN conection, to a Windows 200 domain from Windows
>98/ME/XP,
>> >to
>> >> > >work using these routers? I know that they aren't a true firewall
>and
>> >am
>> >> > >recommending that my client convert to a real firewall. I've heard
>> >good
>> >> > >things about the SnapGear line.
>> >> > >
>> >> > >Any input would be helpful.
>> >> > >
>> >> > >Brett
>> >> > >
>> >> > >
>> >> >
>> >> > I know that SecuRemote, the Checkpoint VPN product, works behind
>these
>> >> routers.
>> >> > It doesn't support browsing the domain, but you can map network
>drives.
>> >> >
>> >> > This probably doesn't help you, but thought I'd mention it.
>> >> >
>> >> > --Steve
>> >> >
>> >>
>> >>
>> >
>>
>
- Next message: Alan Guy: "Re: Agnitum Outpost Firewall: Help File Missing"
- Previous message: slow mongoose: "BIPCP"
- In reply to: x y: "Re: VPN problems and Linksys BEFSR411????"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
