Re: VPN Firewall for new webserver
From: Leythos (void_at_nowhere.org)
Date: 11/11/04
- Next message: Hopscotch Whiskey: "Re: copyright.org"
- Previous message: jasee: "Re: VPN Firewall for new webserver"
- In reply to: jasee: "Re: VPN Firewall for new webserver"
- Next in thread: Leythos: "Re: VPN Firewall for new webserver"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 11 Nov 2004 13:17:30 GMT
In article <2vh4ddF1c1v0uU1@uni-berlin.de>, jasee@btinternet.com says...
> Leythos wrote:
> > In article <2vfo9mF2kb69cU1@uni-berlin.de>, jasee@btinternet.com
> > says...
> >> There are some differences between the Linksys models in the UK (for
> >> the same model numbers!) I've used the BEFSX41 as a VPN endpoint for
> >> a Watch guard Server: it proved highly unreliable where the MVPN
> >> client running on a W2K machine through a simpler router worked
> >> fine. In the UK, from what I've read the Linksys routers either work
> >> well or not at all!
> >
> > Interesting, with the Linksys units, I didn't know there was a
> > difference in firmware based on country.
>
> Yes, there is if you look at the firmare for the US and UK, there are two
> different versions
>
> >Was your connection via a T1
> > or some other type?
>
> No, ordinary ADSL
>
> >
> > I own a WatchGuard Firebox II personally and have a bunch of II and
> > III and even a couple SOHO6tc units installed around the country, the
> > Linksys units have been painless (the BEFSX41 and the BEFVP41) when
> > making the connections and then the rules for their subnets.
> >
> > Could your problems have been MTU related?
>
> I didn't get that far (it was set at the default)
>
> >
> > Did you experience a connection problem with the WAN or just the IPSec
> > problem?
>
> The Linksys spontaneously rebooted several times after I'd configured it for
> the Wan only.
> Others (in the UK) seem to have similar problems with this and other lInksys
> routers. I get the feeling that if you're prepared to accept the defaults
> then it simply works. However if (for instance) you don't want to use DHCP
> then there can be problems.
Do you mean DHCP on the WAN side or LAN side?
If DHCP on the LAN side, you can leave it enabled, set the scope to 100~
150, and that still leaves you with almost 200 addresses you can use in
a fixed IP mode on the LAN side.
If you set the LAN IP Subnet to 192.168.10.0/24, with the router at
192.168.10.1
you could set the first server/device with a fixed IP at:
IP 192.168.10.10
MSK 255.255.255.0
GW 192.168.10.1
DNS1 192.168.10.1
DSN2 Your ISP DNS1
DNS3 Your ISP DNS2
If you have a DSN server in your LAN, you would set DNS 1 to it, and
assuming that it has DSN Forwarding enabled, you would not need DNS 2/3.
As for the defaults on the WAN, almost every DSL connection I've setup
has required a FIXED MTU of around 1400~1430 in order to be stable. The
only unstable DSL connection we've ever seen was from a company called
Adelphia, and it's unstable anywhere in the country.
One more thing, it seems like the last firmware update, at least in the
US, was a little unstable, the current one seems to be stable. I found
this latest updates seems to be rock stable.
-- -- spamfree999@rrohio.com (Remove 999 to reply to me)
- Next message: Hopscotch Whiskey: "Re: copyright.org"
- Previous message: jasee: "Re: VPN Firewall for new webserver"
- In reply to: jasee: "Re: VPN Firewall for new webserver"
- Next in thread: Leythos: "Re: VPN Firewall for new webserver"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
