1. Home
  2. Virtual Private Networks
  3. VPN into office using FVS318 router behind Cayman Router

VPN into office using FVS318 router behind Cayman Router

Ok, I'm about to pull my hair out getting this thing to work. My client wants a few of his employees to login from home (a couple have cable, a couple dial-up) so they can do work. I've tried logging in from my home computer (which uses dial-up and is not on a network), but keep getting "message not received - retransmitting". Any and all help is much appreciated. Here is the businesses LAN/WAN setup:

ADSL Modem Router (SBC Yahoo) | Netgear FVS318 Router (using DHCP) LAN IP: 192.168.0.1 WAN IP: 69.215.xxx.xxx | D-Link 24-Port Switch |

13 Computers PC's Obtain IP address automatically

I've spoken with our ISP and we set the Cayman 3500 Series to use a public IP (69.215.xxx.xxx), disabled DHCP and NAT. Basically just using it as a Pass-Through to the Netgear router.

The FVS318 "VPN Settings" are as follows: (all names are for example only)

----------------------------------------- Connection Name: MyCompany Local IPSec: Firewall Remote IPSec: RemotePC Tunnel can be accessed: a subnet of local addresses LAN Start IP: 192.168.0.0 LAN Finish IP: 0.0.0.0 Subnet: 255.255.255.0 Tunnel can access: a single remote address (this is where I'm confused about what to put) Remote LAN Start IP: 192.168.100.1 Remote LAN Finish IP: 0.0.0.0 Subnet: 0.0.0.0 Remote WAN IP: 0.0.0.0

SA: Aggressive Mode Perfect Forward Secrecy: enabled Encryption: 3DES Key Group: Diffie-Hellman Group 2 Preshared Key: ********* Key Life: 28800 IKE Life Time: 86400 NETBIOS: enabled

VPN Client (Netgear ProSafe v.10.1)

----------------------------------- Secure Remote Party ID: IP Subnet Subnet: 192.168.0.2 Mask: 255.255.255.0 Protocol: All Connect Using: Secure Gateway Tunnel ID Type: Any Gateway IP Address: 69.215.xxx.xxx

My Identity Pre-Shared Key: xxxxxxxxx (Same as FVS318 Router) ID Type: Domain Name = MyCompany (Connection Name from FVS318) Virtual Adapter: Disabled Internal Network IP Address: 192.168.100.1 Internal Interface Name: Any IP Address: Any

Security Policy: Aggressive Mode Enable PFS: Yes PFS Key Group: Diffie-Hellman Group 2 Enable Replay Detection: Yes

Authentication Phase 1 - Proposal 1 Authentication Method: Pre-Shared Key Encryption Algorithm: 3DES Hash Alg: MD5 SA Life: Unspecified Key Group: Diffie-Hellman Group 2

Key Exchange Phase 2 - Proposal 1 SA Life: Unspecified Compression: None

ESP Encryption Method: 3DES Hash Alg: MD5 Encapsulation: Tunnel Authentication Protocol: No

Option > Global Policy Settings:

Retransmit Interval: 45 Number of retries: 3 Send status notification to peer hosts: yes allow to specify internal Network Address: yes Enable IPSec logging: yes smart card removal clears keys: no

Also, could my home ISP (bluelight.com) possibly not allow an VPN access through their system? Or is my setup not correct somewhere in the hardware. I don't have any port forwarding setup on the FVS318 - does this have to be done. Thank you for any and all help concerning this.

Sincerely,

Patrick Whitson

Reply to
whitsonp
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.