VPN into office using FVS318 router behind Cayman Router

Ok, I'm about to pull my hair out getting this thing to work. My client wants a few of his employees to login from home (a couple have cable, a couple dial-up) so they can do work. I've tried logging in from my home computer (which uses dial-up and is not on a network), but keep getting "message not received - retransmitting". Any and all help is much appreciated. Here is the businesses LAN/WAN setup:

ADSL Modem Router (SBC Yahoo) | Netgear FVS318 Router (using DHCP) LAN IP: WAN IP: 69.215.xxx.xxx | D-Link 24-Port Switch |

13 Computers PC's Obtain IP address automatically

I've spoken with our ISP and we set the Cayman 3500 Series to use a public IP (69.215.xxx.xxx), disabled DHCP and NAT. Basically just using it as a Pass-Through to the Netgear router.

The FVS318 "VPN Settings" are as follows: (all names are for example only)

----------------------------------------- Connection Name: MyCompany Local IPSec: Firewall Remote IPSec: RemotePC Tunnel can be accessed: a subnet of local addresses LAN Start IP: LAN Finish IP: Subnet: Tunnel can access: a single remote address (this is where I'm confused about what to put) Remote LAN Start IP: Remote LAN Finish IP: Subnet: Remote WAN IP:

SA: Aggressive Mode Perfect Forward Secrecy: enabled Encryption: 3DES Key Group: Diffie-Hellman Group 2 Preshared Key: ********* Key Life: 28800 IKE Life Time: 86400 NETBIOS: enabled

VPN Client (Netgear ProSafe v.10.1)

----------------------------------- Secure Remote Party ID: IP Subnet Subnet: Mask: Protocol: All Connect Using: Secure Gateway Tunnel ID Type: Any Gateway IP Address: 69.215.xxx.xxx

My Identity Pre-Shared Key: xxxxxxxxx (Same as FVS318 Router) ID Type: Domain Name = MyCompany (Connection Name from FVS318) Virtual Adapter: Disabled Internal Network IP Address: Internal Interface Name: Any IP Address: Any

Security Policy: Aggressive Mode Enable PFS: Yes PFS Key Group: Diffie-Hellman Group 2 Enable Replay Detection: Yes

Authentication Phase 1 - Proposal 1 Authentication Method: Pre-Shared Key Encryption Algorithm: 3DES Hash Alg: MD5 SA Life: Unspecified Key Group: Diffie-Hellman Group 2

Key Exchange Phase 2 - Proposal 1 SA Life: Unspecified Compression: None

ESP Encryption Method: 3DES Hash Alg: MD5 Encapsulation: Tunnel Authentication Protocol: No

Option > Global Policy Settings:

Retransmit Interval: 45 Number of retries: 3 Send status notification to peer hosts: yes allow to specify internal Network Address: yes Enable IPSec logging: yes smart card removal clears keys: no

Also, could my home ISP (bluelight.com) possibly not allow an VPN access through their system? Or is my setup not correct somewhere in the hardware. I don't have any port forwarding setup on the FVS318 - does this have to be done. Thank you for any and all help concerning this.


Patrick Whitson

Reply to
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.