1. Home
  2. Wireless Networking
  3. VPN (PPtP) tunnel through D-Link DSA3200?

VPN (PPtP) tunnel through D-Link DSA3200?

Hi there..

Long time lurker on this newsgroup, first time posting.

I've run into a problem that's stumping me. I have a D-Link DSA-3200 wifi portal device installed at my workplace. We've opened a second location and I have a need to setup a VPN over the net. The problem that I'm having is that I cannot for the life of me get the DSA-3200 to pass TCP port 1723 to the VPN server. D-Link tech support has been pretty worthless in helping me out with this, so I'm hoping someone here has worked with one of these devices and can help me out.

Thanks, Michael

Reply to
Michael
Loading thread data ...

On 2 Aug 2006 14:35:19 -0700, "Michael" wrote in :

Welcome. This isn't Talk Radio. :)

There aren't usually port issues on outbound connections, only on inbound connections. Are you sure this product supports PPTP VPN? If so, check to make sure PPTP VPN support is enabled.

Reply to
John Navas

LMAO! That wasn't exactly what I was referring to, but ok. :)

That's my problem. According to the product documentation, the device supports PPtP pass through. However, there are no specific options in the configuration to allow VPN pass through other than to setup a "virtual server" and forward requests on port 1723 to a specific internal IP. D-Link tech support has been pretty useless with figuring this out.

I'm not sure how long this device has been on the market. It really is a useful little box for providing customers free (or pay) WiFi access while segmenting off the private internal network. I'm hoping to find someone with some experience with this device to help me out. :)

Thanks, Michael

Reply to
Michael

On 2 Aug 2006 16:09:02 -0700, "Michael" wrote in :

Again, there shouldn't be an issue with _outbound_ connections. Perhaps the problem is at the other end (e.g., source IP authentication). Try connections to some other server.

Reply to
John Navas

Unfortunately, I don't have any known working VPN servers to test with. I have tested the server I set up on our internal network by connecting to it via our intranet and it does seem to work. This server is behind the DSA-3200.

However, your statement made me realize that I may have overlooked something obvious. The client location is running through an ISP supplied DSL modem. IIRC, this modem has a built in hub/switch. If so, then the modem most likely has NAT and firewall capabilities. Of course, this also means that I will have to figure out how to open the ports I need in that device.

When I get a chance in the next few days I'll have to run over to the client location and double check all this. I'll report back what I find.

Thanks, Michael

Reply to
Michael

dOn 3 Aug 2006 09:29:31 -0700, "Michael" wrote in :

That might be a different security zone. Does your server have IP authentication on external security zones?

For NAT/PAT the DSL device would be a router, not just a hub or switch. Double NAT probably won't allow VPN pass-through (and is a bad idea in general), so you'll probably need to configure the DSA-3200 as a wireless access point instead of as a router (as described in the How To wiki below).

A private IP address on the WAN port of the DSA-3200 would be a dead giveaway of a NAT/PAT router on the DSL service.

Reply to
John Navas

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.