Solved

2 VPN endpoints and a newbie

Posted on 2004-08-04
9
232 Views
Last Modified: 2010-04-12
I am trying to connect two linksys VPN endpoint routers to share a 2000 server on one end.
This is an urgent issue for me!
The routers are WRV54G on the remote end, and a BEFSX41 on the server side.

I finally got the routers to 'see' each other, (I can tell by looking in the log), but I get a 'INVALID ID' error, and it also states that I need to check my local/remote secure groups.

I also am changing settings in in the BEFSX41 by way of PCAnywhere, and sometimes if I change the remote secure group settings, I will lose my PCAnywhere connection, and not be able to get it back until I get back into the BEFSX41 from a local client. I then uncheck, and recheck my port forwarding, and then save that, and the PCAnywhere will work again. This has been common with two different BEFSX41 routers, each with different firmwares!

I will set up the remote management on the router in the AM.

Am I missing something simple?

Thanx for your help!
0
Comment
Question by:rcubed3r
  • 4
  • 3
9 Comments
 
LVL 36

Expert Comment

by:grblades
ID: 11724704
Try upgrading the BEFSX41 to the latest firmware. See http://www.broadbandreports.com/forum/remark,10339478~mode=flat
Have you made sure the local networks on each of the routers are on different IP schemes?
0
 

Author Comment

by:rcubed3r
ID: 11725396
I have one local IP as 192.168.4.1, and the other as 192.168.0.1.
0
 

Author Comment

by:rcubed3r
ID: 11725577
My remote location settings are:
WAN : 69.0.0.88
SUB: 255.255.255.0
DEfault GW: 69.0.0.1
Local IP: 192.168.4.1
Local Sub: 255.255.255.0

The server end is:
WAN IP: 24.0.0.66
Sub:255.255.255.252
Default GW:24.0.0.65
Local IP:192.168.0.1
Local SUb:255.255.255.0

I have the remote (WRV54G) set to allow all VPN passthrough.
Local secure group, subnet.
192.168.4.0
255.255.255.0

Remote secure group, any

Remote secure gateway, IP
24.0.0.66
******************************
The server side (BEFSX41) has these settings:
Local Secure group, subnet.
192.168.0.0
255.255.255.0

remote secure group and remote secure gateway set to 'ANY'.
********************************
All of the excryption matches on both routers.

Thank you again,
Ron
0
 

Author Comment

by:rcubed3r
ID: 11728643
Yeeha! I got it to work.
I just had to set my subnets manually instead of choosing 'any'.

But, I still do not see the other machine in my network neighborhood, and..

I cannot find the printers on the other side from my 'add printer' selection in windows.


Any ideas?
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 36

Expert Comment

by:grblades
ID: 11728779
Is the 2000 server in an AD domain?

Having machines show up in the network neighborhood is very problematic. If you can get away with mapping drives directly by machine name I would recomend it.

Can you find machines by name ok?
0
 

Author Comment

by:rcubed3r
ID: 11728805
I find the by IP OK.
0
 
LVL 36

Expert Comment

by:grblades
ID: 11728880
But not by name?

The easiest way to get around it is to configure a WINS server on one side and have every machine configured to use it (including the servers). That should fix the name lookup issues. It wont help browsing as that is a different system.
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 15584301
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now