Problems: VPN behind Linksys router - Network

This is a discussion on Problems: VPN behind Linksys router - Network ; Hey guys, I've had a lot of difficulties setting up a VPN through my NAT router. I've searched usenet for a few days, collected a good deal of information on Linksys and other websites. But I've read conflicting reports about ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Problems: VPN behind Linksys router

  1. Problems: VPN behind Linksys router

    Hey guys,

    I've had a lot of difficulties setting up a VPN through my NAT router.
    I've searched usenet for a few days, collected a good deal of information
    on Linksys and other websites. But I've read conflicting reports about
    Linksys routers. Some say they can't let VPN traffic through, while others
    say they work great with VPN. Anyway, I can't make it work, I'm quite
    confused, and I would greatly appreciate if someone could shed some light
    on this issue.


    My LAN (LAN1):

    - 3 Windows 2000 Pro SP4 workstations including one acting as an FTP and
    VPN Server. Norton Internet Security 2003 is deactivated. Each computer
    has a fixed local IP address.

    - These are connected to the Internet through a Linksys Router BEFW11S4
    (firmware version 1.45, 28/02/2003). The router has a dynamic WAN IP
    address assigned by my cable ISP.

    - Each LAN workstation runs the DNS2go service, effectively giving each of
    them an independant DNS name (xxx.dns2go.com) but giving away the same WAN
    IP address. This allows me to remotely access the router configuration
    utility, or the computers (with VNC), whenever one or more LAN computers
    is on.

    - On the VPN server, two VPN are created. One with the Windows 2000
    connection wizard ("allow incoming VPN connections"), for tests purpose
    only since it can only accept a single client connection. One with the
    more powerful standalone software WinGate VPN.

    - Router's configuration:

    I forwarded ports 47, 50, 137-139 (for NETBIOS browsing), 1701 (for L2PT),
    1723 (for PPTP), 808-809 (seem to be required by WinGate VPN) to the VPN
    server's IP. For these I selected UDP and TCP protocols. Multicast, IPSec,
    PPTP passthroughs are enabled. Block WAN Request is disabled following
    Linksys instructions. There is no SPI option to enable or disable.


    The VPN client

    - Windows 2000 Pro SP4 laptop on a LAN (LAN2) behind a proxy computer
    connected via ADSL to the Internet. I have no authorization to access and
    modify settings on this router computer. NIS 2003 is deactivated on the
    laptop.

    - A VPN connection is created with the Windows 2000 Connection Wizard,
    pointing to the DNS2Go name of the remote VPN server (let's call it
    vpnserver.dns2go.com)

    - Running the "pptpclnt" utility indicates that server's host information
    (that is, vpnserver.dns2go.com) are successfully resolved, that
    connectivity test to TCP port 1723 is successful and that GRE packets were
    received sucessfully.


    Everything seems to be fine, but when I try to connect the client to the
    VPN server, I get the dreaded error 651: Your modem (or other connecting
    device) has reported an error. Putting the VPN server in the DMZ changed
    nothing. Forcing PPTP connection in the client's properties changed
    nothing. Trying to access the VPN from a LAN client gives me the error
    721: Remote server not responding, after apparently verifying username and
    password.

    Because I don't have a physical access to my LAN (staying in another
    country for a few months), I can't try to put the VPN server out of the
    LAN and I don't want to risk remotely upgrading the firmware and leave my
    LAN users stranded.


    I'm at loss guys. Has anyone really successfully set up a VPN behind a
    Linksys firewall? If yes, what am I missing?

    Thanks for your help!

    -----
    posté via http://www.usenetgratuit.com/ plus de 40 000 newsgroups sur le
    web. Pour signaler un abus: abuse@usenetgratuit.com



  2. Re: Problems: VPN behind Linksys router

    I haven't tried your kind of config. But it is new to me creating VPN
    connection thru a dynamic IP address based router. I guess you need to
    have the fixed IP on the router.

    /my 2cents/

    Peter Rodrigo wrote:
    > Hey guys,
    >
    > I've had a lot of difficulties setting up a VPN through my NAT router.
    > I've searched usenet for a few days, collected a good deal of information
    > on Linksys and other websites. But I've read conflicting reports about
    > Linksys routers. Some say they can't let VPN traffic through, while others
    > say they work great with VPN. Anyway, I can't make it work, I'm quite
    > confused, and I would greatly appreciate if someone could shed some light
    > on this issue.
    >
    >
    > My LAN (LAN1):
    >
    > - 3 Windows 2000 Pro SP4 workstations including one acting as an FTP and
    > VPN Server. Norton Internet Security 2003 is deactivated. Each computer
    > has a fixed local IP address.
    >
    > - These are connected to the Internet through a Linksys Router BEFW11S4
    > (firmware version 1.45, 28/02/2003). The router has a dynamic WAN IP
    > address assigned by my cable ISP.
    >
    > - Each LAN workstation runs the DNS2go service, effectively giving each of
    > them an independant DNS name (xxx.dns2go.com) but giving away the same WAN
    > IP address. This allows me to remotely access the router configuration
    > utility, or the computers (with VNC), whenever one or more LAN computers
    > is on.
    >
    > - On the VPN server, two VPN are created. One with the Windows 2000
    > connection wizard ("allow incoming VPN connections"), for tests purpose
    > only since it can only accept a single client connection. One with the
    > more powerful standalone software WinGate VPN.
    >
    > - Router's configuration:
    >
    > I forwarded ports 47, 50, 137-139 (for NETBIOS browsing), 1701 (for L2PT),
    > 1723 (for PPTP), 808-809 (seem to be required by WinGate VPN) to the VPN
    > server's IP. For these I selected UDP and TCP protocols. Multicast, IPSec,
    > PPTP passthroughs are enabled. Block WAN Request is disabled following
    > Linksys instructions. There is no SPI option to enable or disable.
    >
    >
    > The VPN client
    >
    > - Windows 2000 Pro SP4 laptop on a LAN (LAN2) behind a proxy computer
    > connected via ADSL to the Internet. I have no authorization to access and
    > modify settings on this router computer. NIS 2003 is deactivated on the
    > laptop.
    >
    > - A VPN connection is created with the Windows 2000 Connection Wizard,
    > pointing to the DNS2Go name of the remote VPN server (let's call it
    > vpnserver.dns2go.com)
    >
    > - Running the "pptpclnt" utility indicates that server's host information
    > (that is, vpnserver.dns2go.com) are successfully resolved, that
    > connectivity test to TCP port 1723 is successful and that GRE packets were
    > received sucessfully.
    >
    >
    > Everything seems to be fine, but when I try to connect the client to the
    > VPN server, I get the dreaded error 651: Your modem (or other connecting
    > device) has reported an error. Putting the VPN server in the DMZ changed
    > nothing. Forcing PPTP connection in the client's properties changed
    > nothing. Trying to access the VPN from a LAN client gives me the error
    > 721: Remote server not responding, after apparently verifying username and
    > password.
    >
    > Because I don't have a physical access to my LAN (staying in another
    > country for a few months), I can't try to put the VPN server out of the
    > LAN and I don't want to risk remotely upgrading the firmware and leave my
    > LAN users stranded.
    >
    >
    > I'm at loss guys. Has anyone really successfully set up a VPN behind a
    > Linksys firewall? If yes, what am I missing?
    >
    > Thanks for your help!
    >
    > -----
    > posté via http://www.usenetgratuit.com/ plus de 40 000 newsgroups sur le
    > web. Pour signaler un abus: abuse@usenetgratuit.com
    >
    >


+ Reply to Thread