Solved

Connect to Linksys BEFVP41 from work...

Posted on 2004-09-27
3
756 Views
Last Modified: 2008-01-09
I have recently purchased a vpn router so I can access my files at home from abroad. I an having a problem connecting to my router from work. I followed the instructions on the linksys website (configuring IPSec policies on XP and 2000 machinces), but had to make revisions due to the fact that my ip address at work is DHCP assigned and our internet access comes from a NAT pool. Of course it did not work :-
(...  I think the lack of a static ip address is the problem.

I want to configure my router (which has a static ip) to accept connections from anywhere that has been configured with the PreShared Key (Which I'm pretty sure I have already configured correctly)

And I want to be able to configure a workstation (of which the ip address is unknown and my be behind a NAT firewall) to connect to my vpn router (with the correct PreShared Key).

So my question(s)

Is it possible to create a tunnel where one end has a dynamic ip address (without the use of dyndns due to nat pool usage)?
Is there a way to configure said tunnel without the use of VPN Client Software (which would be prefferable)?
Does the NAT-Traversal feature listed on various VPN clients refer to the programs ability connect to a VPN server from behind a NAT firewall?
Can the Cisco VPN Client software be configured to us a IKE PreShared Key instead of the username and password that can't be configured on BEFVP41 (unlike the Linksys Wireless-G VPN endpoint :-< )
0
Comment
Question by:MamboDee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 5

Accepted Solution

by:
netspec01 earned 500 total points
ID: 12200202
> Is it possible to create a tunnel where one end has a dynamic ip address (without the use of dyndns due to nat pool usage)?

Yes.  The "host" end has to be static.  The IPSEC must be in "aggressive mode".

> Is there a way to configure said tunnel without the use of VPN Client Software (which would be prefferable)?

Yes.  Many hardware devices are capable of doing aggressive mode.  Cisco introduced aggressive mode ISKMP with IOS version  12.2(8)T.  Many SOHO devices that are VPN-capable support aggressive mode for establishment of IPSEC tunnels.

> Does the NAT-Traversal feature listed on various VPN clients refer to the programs ability connect to a VPN server from behind a NAT firewall?

Yes, NAT traversal was developed to overcome NAT firewall issues.  If you have multiple VPN clients behind a NAT/PAT firewall connecting to a remote VPN device, NAT traversal must be implemented.

Hope this helps get you started.

> Can the Cisco VPN Client software be configured to us a IKE PreShared Key instead of the username and password that can't be configured on BEFVP41 (unlike the Linksys Wireless-G VPN endpoint :-< )

I have never heard of anyone successfully using the Cisco VPN client with any non-Cisco product.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Macbook Sierra OS OpenVPN issue 13 150
Static route question 6 59
DNS Server 7 73
SSL VPN to Fortigate 100D 2 18
Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question