Solved

Connect to Linksys BEFVP41 from work...

Posted on 2004-09-27
3
758 Views
Last Modified: 2008-01-09
I have recently purchased a vpn router so I can access my files at home from abroad. I an having a problem connecting to my router from work. I followed the instructions on the linksys website (configuring IPSec policies on XP and 2000 machinces), but had to make revisions due to the fact that my ip address at work is DHCP assigned and our internet access comes from a NAT pool. Of course it did not work :-
(...  I think the lack of a static ip address is the problem.

I want to configure my router (which has a static ip) to accept connections from anywhere that has been configured with the PreShared Key (Which I'm pretty sure I have already configured correctly)

And I want to be able to configure a workstation (of which the ip address is unknown and my be behind a NAT firewall) to connect to my vpn router (with the correct PreShared Key).

So my question(s)

Is it possible to create a tunnel where one end has a dynamic ip address (without the use of dyndns due to nat pool usage)?
Is there a way to configure said tunnel without the use of VPN Client Software (which would be prefferable)?
Does the NAT-Traversal feature listed on various VPN clients refer to the programs ability connect to a VPN server from behind a NAT firewall?
Can the Cisco VPN Client software be configured to us a IKE PreShared Key instead of the username and password that can't be configured on BEFVP41 (unlike the Linksys Wireless-G VPN endpoint :-< )
0
Comment
Question by:MamboDee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 5

Accepted Solution

by:
netspec01 earned 500 total points
ID: 12200202
> Is it possible to create a tunnel where one end has a dynamic ip address (without the use of dyndns due to nat pool usage)?

Yes.  The "host" end has to be static.  The IPSEC must be in "aggressive mode".

> Is there a way to configure said tunnel without the use of VPN Client Software (which would be prefferable)?

Yes.  Many hardware devices are capable of doing aggressive mode.  Cisco introduced aggressive mode ISKMP with IOS version  12.2(8)T.  Many SOHO devices that are VPN-capable support aggressive mode for establishment of IPSEC tunnels.

> Does the NAT-Traversal feature listed on various VPN clients refer to the programs ability connect to a VPN server from behind a NAT firewall?

Yes, NAT traversal was developed to overcome NAT firewall issues.  If you have multiple VPN clients behind a NAT/PAT firewall connecting to a remote VPN device, NAT traversal must be implemented.

Hope this helps get you started.

> Can the Cisco VPN Client software be configured to us a IKE PreShared Key instead of the username and password that can't be configured on BEFVP41 (unlike the Linksys Wireless-G VPN endpoint :-< )

I have never heard of anyone successfully using the Cisco VPN client with any non-Cisco product.
0

Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've had to do a bit of research to setup my VPN connection so that Clients can access Windows Server 2008 network shares.  I have a Cisco ASA 5510 firewall.  I found an article which was extremely useful: It had a solution if you use ASDM to config…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question