linksys gateway - vpn

On Mon, 15 Dec 2008 22:26:45 +0000, James Hendry wrote in :

What kind of VPN? Will it work if you remove the Linksys WAG354G v2? (Bonus points for posting model and firmware version.)

Hi John, The gateway is the only method I have of connecting to the net so unable to remove it, i.e. modem built in.

The utility provided to me is a Cisco Systems VPN client software Ver

4.8.01.0300

The company Host IP address is entered and the transport is IPSec/UDP

transparent tunneling, IPSec over UDP(NAT/PAT)

I just launch the client select the connection and connect... if from anywhere else other than my home it connects ok....

Jim

On Mon, 15 Dec 2008 22:53:40 +0000, James Hendry wrote in :

Rats. One of the reasons for preferring separate units over integrated units.

That should work through the Linksys.

What does that you can "reach the VPN server" mean? Ping it? Connect but not see the remote network? Can the company see your connection from home?

Hi, yes, it means that the Cisco Client tells me that a connection has been made. I can ping the host, avg 70ms, nothing reachable on the remote network after connecting.

On Mon, 15 Dec 2008 23:05:39 +0000, James Hendry wrote in :

1. Can the company see your connection? Have them check the log.
2. What's the routing from your end?

Hi John, I'll get them to check in the morning, its midnight here... thanks, Jim

so it works from other places that have no gateway, but doesn't from home where you have a gateway pointing to who knows what?.... hmmmm VPN and a gateway........ sounds similar, i am at my sisters for the holidays, brought my wap/router, she's on comcast cable, with the gateway on the wap/router set to my other isp, worked fine with other stuff until I tried a vpn, didn't work, had to reconfigure so I didn't need a gateway at all (tech support was useless, found a manual for the comcast cable modem online, reconfiggered it, don't need a gateway anymore, and now vpn works)... not saying for sure that may be the problem, but you may want to get things working without a gateway and see if that helps....

1) Turn off the firewall on the router. 2) Set DMZ on the rounter to the IP of the machine you're running Cisco VPN client.

If VPN connection now works, you know it's either firewall or lack of portforwarding that is stopping your packets.

3) Ask IT Guru at work what port(s) is needed to be forwarded from outside into the Client, and set this port forwarding on your router to point to client IP on the same port. I put an apple on port 500

3) Ask IT Guru and what ports needed to be traversable in both direction, and add these ports in the firewall on the router, or drop the firewall all tothether. It's a joke. If you like a FW, I would put another apple on port, 50, 500, 1701 and 10000.

On Tue, 16 Dec 2008 00:41:51 -0800 (PST), Chrisjoy wrote in :

I doubt that will work, but still might be worth trying, but only for very limited testing, not left that way, because it's dangerous.

Would be a good idea to install a good software firewall before doing that -- the one in XP is not terribly good. I now use and recommend free COMODO Internet Security, a combination of very good anti-virus, firewall, and system defense.

It's the only thing that is worth trying, clueless moron.

No it's not, dumb f*ck. Only unpractical if another client behind the box needs to use DMZ to identify if portforwarding/FW is the problem for a sumilar problem.

We know you're a retard. We don't need any more evidence.

On Tue, 16 Dec 2008 09:34:36 -0800 (PST), Chrisjoy wrote in :

With that insult you concede the debate. Thanks for saving me the time.

I didn't think you would be able to produce a reasonable comment to my valid objection either, dumb f*ck.

I was running a Nortel Contivity client on a Windows XP laptop. I had to configure the IP address of the VPN server as "trusted" in my laptop firewall, or I would get symptoms similar to yours. That doesn't seem to hold with yours working from other locations, though. You are WiFi at home and in the other locations, or wired at one of them? If you are WiFi at home, have you tried wired?

Another problem that I've had, with an AT&T VPN client, is that it just refuses to work if I standby or hibernate in one place, and connect to a different WAP in another place. With the VPN "Disconnected", ipconfig still shows the company network-based ip address. If I watch a new connection attempt, I get a VPN address on a different subnet, but ipconfig still shows the one that seems stuck.

I have disabled/enabled/repaired... the only thing that corrects it is a reboot. I avoid that by disconnecting from the WiFi before I hibernate.

Have you rebooted? Does ipconfig show an address on the VPN-network? Does route /print show routes to the hosts that you want?

Hi Guys, unfortunately the IT guy didn't get back to me today... I'll try him again tomorrow.

From your suggestions... I have tried various combinations of wired and wi-fi with and without the firewall enabled, dynamic routing enabled and the DMZ enabled with port forwarding to my IP address. rebooting both the laptop and the Cold booting the gateway at each combination. All with no change to the vpn status . Running ipconfig, this confirms that I get a company IP address when I use the Cisco VPN Client.

Jim

Just out of curiosity, do you have another way of trying it? From what you have tried, and that it works from other places, i'm getting very suspicious that it may be somthing unique that the isp you use from home uses, that may be the culprit... reason I ask about other ways, it's slow as heck, but my isp allows dialup along with net connections.... when i was narrowing it down (turned out it was the isp's security thru network connections) but worked when i did dialup (as aditional confirmation, worked with my cell phone/tethered to my laptop)... at any rate - no solution since it was slower than ummmmm molasses in january.... but gave me some clues/ammo when I talked to the isp's tech support...

ps, what type of connection are you using? My uncles house has cable internet, but also voip over cable, and they block any vpn coonnections so it doesn't mess up their precious voice, when I visit him I can use my laptop, but not vpn to work (at least that's what I tell my boss, they fixed it over a year ago)

On Dec 17, 2:14=A0am, "Peter Pan"

If it's not ISP, it's the box. A seach on the web will lead you to other ppl having trouble connecting a software VPN client though the very same box, after a firmware upgrade. The only sulution they found was to get another box from Linksys. another model.

Hi Guys, I'm just off the phone with the ISP tech...

Having tried Peters dialup idea, which worked... I managed to access the network at 46.6K... . Anyway, good discussion with Rob, the ISP Nightshift Tech. No Port blocking or security settings on this line. we went through the scenarios that I tried over the last couple of nights. He suggested changing MTU from Auto to 1458, this got me the login panel for the fileservers, but still no RDP sessions... an improvement no less. We left the problem with me to try another make and model of router.. . as per Chris' last comment. I'll see what I can rustle up, and let you know...

Thanks for your support, much appreciated,