-
March 24th, 2006, 02:47 AM
#1
VPN help?
Hey guys,
I set up my VPN tunnels though my router, Linksys RV082 8 Port VPN, but have had trouble connecting through a client. I have attempted to use the bundled VPN Client, "Linksys VPN Quick Connect" as well as Windows VPN client. So far, I've only been successful while using the Windows Client after I set up my PPTP server.
The thing is, for security purposes, I really want to use L2TP and IPSec. I also want to use the routers built in management consule because I like the idea of tunnels being authenticated at the router before they go into my network.
Here are a few details: I use the 192.168.1.x subnet. I remember from a class a few years back that the subnets have to be different. Is this true? If so, I would probably be better off changing my network subnet to something like 192.168.20.x.
This doesn't make sense to me at all. If I'm able to connect through a VPN from within a small city, should I be able to connect from across the ocean? The reason I'm asking because all these issues seem to be popping up.
BTW, any good VPN tutorials out there?
-
March 24th, 2006, 05:55 AM
#2
Uhm, ok, WHAT?!?
This doesn't make sense to me at all. If I'm able to connect through a VPN from within a small city, should I be able to connect from across the ocean? The reason I'm asking because all these issues seem to be popping up.
What does that have to do with anything you've described previously in your post?
Generally speaking, your VPN clients should be allocated IP's from a different subnet/pool than your internal nodes. That being said, you can do it either way...if you have the infrastructure to keep track of which devices are where and route packets properly. Good luck on ginning that up on your own, though.
I'd say go hit the Linksys doco pages for the router. http://www.Linksys.com > support > technical support > Easy Answers and put your model number in the text box and search. Lot's of good info there.
"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
-
March 24th, 2006, 10:26 AM
#3
Please remember that some VPN protocols cannot be NAT'ed...
This may help: http://www.tomsnetworking.com/2003/05/20/how_to/
Oliver's Law:
Experience is something you don't get until just after you need it.
-
March 24th, 2006, 08:12 PM
#4
IPSec using AH cannot be NATed because it will fail the auth check on the packet headers.
If you can't hit your hosts, you more than likely have a routing problem or a protocol issue with your VPN setup within the router. These are the more common issues with SOHO router VPN tunnels.
Happy Trails.
--TH13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
March 24th, 2006, 09:41 PM
#5
Yeah, I was aware of IPSec through a NAT. I had VPN passthrough and IPSec Passthrough enabled. I changed my network at home to another subnet and everything worked fine, minus having the passthrough capabilities on my local router. I don't have any trouble connecting through PPTP though, which should be ok because it doesn't add anything to the router.
From what I remember from class, the NAT will strip the header. If IPSec adds to that header, then NAT will end up ripping all of IPSec and part of the header which will corrupt the data.
My problem was getting in with IPSec while using my WAN IP. I connected straight through my modem and wasn't able to make it work. I'll go through all the links you all listed and see if I can get it to work.
Thanks
-
March 24th, 2006, 09:44 PM
#6
Originally posted here by zencoder
Uhm, ok, WHAT?!?
What does that have to do with anything you've described previously in your post?
Generally speaking, your VPN clients should be allocated IP's from a different subnet/pool than your internal nodes. That being said, you can do it either way...if you have the infrastructure to keep track of which devices are where and route packets properly. Good luck on ginning that up on your own, though.
I'd say go hit the Linksys doco pages for the router. http://www.Linksys.com > support > technical support > Easy Answers and put your model number in the text box and search. Lot's of good info there.
Sorry, I just added in some frustration. I can connect from home and I tested the accounts. The guys in Washington say they have IPSec passthrough/ VPN passthrough enabled on their routers, but are unable. I just drives me crazy. They can't even get in through PPTP which shouldn't be a problem.
-
March 25th, 2006, 05:00 AM
#7
VPNs issues can occure for a plethora of reasons; you need to give us way more details about your setup such as:
-endpoints makers/models/versions
-network layout
-ipsec filter / policies / SA
-virtual / vpn interface ip assignment methode (if any).
-vpn protocol used (eg: pptp, l2tp, ipsec (ah / esp / esp nat-t) )
Etc...
Ammo
Credit travels up, blame travels down -- The Boss
-
March 27th, 2006, 05:43 PM
#8
Senior Member
Make sure that NAT TRAVERSAL is enabled.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|