Re: VPN problems and Linksys BEFSR411????
From: x y (jamescagney90210@excite.com)Date: 06/15/02
- Next message: : "Re: (NIS) security alert popup n/w"
- Previous message: Jason A. Kozak: "(no subject)"
- In reply to: J. Marsh: "Re: VPN problems and Linksys BEFSR411????"
- Next in thread: J. Marsh: "Re: VPN problems and Linksys BEFSR411????"
- Reply: J. Marsh: "Re: VPN problems and Linksys BEFSR411????"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "x y" <jamescagney90210@excite.com> Date: Fri, 14 Jun 2002 20:12:00 -0400
Port forwarding is not needed if the VPN clients are behind the linksys, but
he says he is trying to VPN from the internet to a VPN server behind the
linksys, in which case I believe he needs to set up NAT so the router knows
where to send the VPN traffic, e.g. by port forwarding.
"J. Marsh" <jmarsh@_nospam_webwireusa.com> wrote in message
news:l4aigu4dci16t3aa1uvadpqvfegqqrqk9i@4ax.com...
> 1. Upgrade the firmware. Linksys didn't support IPSec Passthrough in
> their initial releases.
>
> 2. Make sure only one VPN client is on the machine you are attempting
> to connect with.
>
> You don't have to use port forwarding; if you've got more than one
> possible VPN client, it won't work for both anyway.
>
> If it's an IPSec client, forward port 500 (UDP) if you have to. (To
> the PC in question.
>
> On Thu, 13 Jun 2002 11:27:35 -0400, "x y"
> <jamescagney90210@excite.com> wrote:
>
> >For this, I think you need to enable port forwarding in the Advanced
> >settings in the Linksys so that all packets on such and such port go to
the
> >internal VPN host. However, note that NAT can cause problems for certain
> >VPN solutions that use a hash for authentication of the IP header, most
> >notably IPsec using AH. I have heard that some routers have "PPTP
> >passthrough," which would make me wonder whether PPTP and L2TP might also
> >have similar problems in some circumstances. Search google or the
> >manufacturer of the VPN solution to find out what ports are used... or do
a
> >test and keep an eye on the router log during the test to see what ports.
> >
> >I might also recommend enabling logging in the Linksys to send all the
log
> >information to 192.168.1.2 which would be a PC with 192.168.1.2 as a
static
> >IP address and a free syslog client such as www.kiwi-enterprises.com to
> >capture all the logs. This would let you preserve the logs as evidence,
and
> >would also let you use the free www.mynetwatchman.com software to
> >automatically report hacking attempts to the hacker's ISP. by default,
the
> >logs on the linksys disappear after 20 log entries or about the past
> >minute's worth of data.
> >
> >"Brett" <b-glines@!!!!!!!!attbi.com> wrote in message
> >news:1SUN8.29415$6m5.8710@rwcrnsc51.ops.asp.att.net...
> >> But how about somone OUTSIDE the network, coming in from the public
> >> internet?
> >>
> >> Windows Client >>>> VPN{Internet}VPN >>>> Linksys BEFSR Router >>>>
> >> Windows 2000 Domain
> >>
> >> We're using Verizon Wireless Internet which gives us EXCELLENT internet
> >> connectivity from out laptops
> >> anywhere we can get a Verizon connection. True Wireless Internet.
But
> >> it's for a Realtor who need to have his laptop
> >> with him at the client (house being shown) site. He connects to the
> >> internet with reliable speeds, via his Verizon Wireless
> >> Connection, but needs to VPN into his office network which is an ADSL
> >> connection through a LinkSys Router BEFSR
> >> (Not the Linksys BEFSR VPN Router) to his Windows Domain.....
> >>
> >> Most of what I have heard seem to sounds like the VPN client being
inside
> >> the network, behind the BEFSR router and connecting
> >> to an outside target...
> >>
> >> Brett
> >>
> >>
> >> "Steve Harris" <stvhrrs@newsguy.com> wrote in message
> >> news:ae7obf0bpp@drn.newsguy.com...
> >> > In article <1xwN8.12100$nZ3.1637@rwcrnsc53>, "Brett" says...
> >> > >
> >> > >I remember reading, in this news group, that there were problems
using
> >> the
> >> > >LinkSys BEFSR series of Cable/DSL routers for VPN access to a
network.
> >> I
> >> > >think it was somethingto do with the level of firmware and IPSec
> >> > >passthrough??? Does anyone have anymore information on this? Has
> >> anyone
> >> > >gotten a VPN conection, to a Windows 200 domain from Windows
98/ME/XP,
> >to
> >> > >work using these routers? I know that they aren't a true firewall
and
> >am
> >> > >recommending that my client convert to a real firewall. I've heard
> >good
> >> > >things about the SnapGear line.
> >> > >
> >> > >Any input would be helpful.
> >> > >
> >> > >Brett
> >> > >
> >> > >
> >> >
> >> > I know that SecuRemote, the Checkpoint VPN product, works behind
these
> >> routers.
> >> > It doesn't support browsing the domain, but you can map network
drives.
> >> >
> >> > This probably doesn't help you, but thought I'd mention it.
> >> >
> >> > --Steve
> >> >
> >>
> >>
> >
>
- Next message: : "Re: (NIS) security alert popup n/w"
- Previous message: Jason A. Kozak: "(no subject)"
- In reply to: J. Marsh: "Re: VPN problems and Linksys BEFSR411????"
- Next in thread: J. Marsh: "Re: VPN problems and Linksys BEFSR411????"
- Reply: J. Marsh: "Re: VPN problems and Linksys BEFSR411????"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
