• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1189
  • Last Modified:

Netgear FVS318 & setting up VPN

I have an Netgear FVS318 firewall/VPN/router. I have a T1 line comming into my Cisco router, which then is going to my netgear and from there it reaches the network. When I create more than 1 VPN profile on my Netgear I lose internet connection. I can VPN in remotely but cannot access nor ping anything on the network in this state.

I need to be able to allow 5 incoming VPN connections & internet ability.

Thank you
0
rico
Asked:
rico
  • 2
  • 2
1 Solution
 
bbaoIT ConsultantCommented:
is your network topology like this:

internet <-> cisco router <-> netgear firewall <-> intranet
                 ^                 ^    ^                      ^
          public IP     private netowrk 1    private network 2

i seems your intranet is behind two networks, one is public, another is private, after two NAT translations. right?
0
 
ricoAuthor Commented:
The netgear firewall also has a public IP

internet <-> cisco router <-> netgear firewall <-> intranet
                       ^                      ^              ^           ^
                  public IP             Public IP     private IP  private IP


I can now connect via VPN, but on the remote side I can ping all internal addresses except our AS/400, what my remote side lacks now is a LAN IP from the VPN

Local Network (AS/400 location) IP: 192.168.1.0

Remote Network IP: 66.xxx.xxx.0

Once I connect to the VPN through SafeNet SoftRemote I can ping every internal Local address (192.168.1.0), EXCEPT the AS/400.

When I connect my remote end is not given a Local IP to allow me access to the AS/400.

This is where I'm stuck now.

The problem I had originally was due to my recent Firmware upgrade, I neglected to reset the settings & reinput them, once that was done I could create 5 VPN setups & still use the internet on the local side.
0
 
bbaoIT ConsultantCommented:
1) what OS is your remote side running? windows? if so please post its "ipconfig /all" result BEFORE and AFTER the VPN connected.

2) what is the AS/400's IP address, and please go and check its subnet mask again. is it same as the others? e.g. 255.255.255.0?

3) can other local workstations PING AS/400 well?
0
 
ricoAuthor Commented:
Ok, good news & bad news here.....first to answer your questions

1) Windows XP are the remote stations
2) The AS/400's IP matches that of the local network
3) Yes local stations can ping the AS/400

First my problem was I kept the Virtual Adapter turned off, so I was connecting to the network, but not becoming *part* of the network. Once I did that I was able to ping the AS/400. I kept getting an error every few minutes, after 3 attempts it's disconnect me. I just shut off the option to retry. Anyway everything was just about done, when the plug was pulled out of the project. They brought in another hard drive for the old downed system (the reasoning behind getting the Netgear router) & repaired the install of Windows. So unfortunately it was incomplete.


I appreciate your help, your last comment is what got me working on the virutal adapter.

Thanks,

BTW....for the type of setup I was working with...I recommend going with a SonicWall, rather than a Netgear. It allows more configurations then the Netgear did. Plus better support. I spent a half hour the first day working with the Exchange server w/ Netgear to only be told "I don't know what Exchange is, sorry."
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now