?
Solved

Two IP Addresses for One Router Creates Problem

Posted on 2005-03-10
15
Medium Priority
?
501 Views
Last Modified: 2013-12-14
We have two offices. Office A1 has a Qwest DSL with ActionTec modem using one of 5 static public IPs. Behind the modem is a Linksys RV082 router. The RV082 is assigned one of the static IPs and the ActionTec another. I enabled the VPN on the RV082 and can connect using the Linksys VPN client program. Good so far.

Office B2 has a different setup. It has a wireless broadband ISP with no modem provided. It's the only way to get Internet access at this location. A RJ45 plug comes out from the connection box on the wall (satellite disk on the roof points to a tower about a mile away). The ISP provided a static public IP but the router has to use a different IP address to connect. For example, let’s say the IP address provided by the ISP for connecting to the Internet through them is 10.10.10.10 but my public IP is 221.221.221.221. My ISP tells me they handle routing the 221.221.221.221 to the 10.10.10.10.

Okay, now for the problem. I go out and get another RV082 router because I want office A1 and B2 to talk to each other using the Linksys’ gateway to gateway VPN. However, the Linksys RV082 router at office B2 doesn’t seem to like the fact that it’s on 10.10.10.10 when it sees the 221.221.221.221 address. An error in the log says something about "I'm being call 221.221.221.221 but I’m really 10.10.10.10". Therefore, the two routers won’t talk to each other neither will the VPN client connect to the RV082 at office B2.

I’m thinking that I can set up a configuration just like the one at office A1. In other words, install a basic DSL modem (just like the ActionTec at office A1) for the Internet connection then place the RV082 behind it. But with this IP situation (221.221.221.221 going to 10.10.10.10) will this have any better chance of working? If not, what would be a possible solution?
0
Comment
Question by:caninia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
  • +2
15 Comments
 
LVL 37

Expert Comment

by:meverest
ID: 13514014
i am finding it difficult to visualise exactly the setup, but just wondering have you considered (or tried) doing the vpn connection in reverse?  (ie office B connect to A)?

seems like there is some kind of NAT going on with the wireless ISP - have you talked to them about this problem, maybe they may have some solution ideas?

cheers.
0
 

Author Comment

by:caninia
ID: 13520551
Yes, I have tried the vpn connection in reverse with no luck.

Yes, I have talked to our ISP and they don't see any reason why the vpn won't work. They say there are other clients who are successfully using vpn on their service. I have asked for a name or two and they are going to get back to me on that. This ISP doesn't offer much techinical services beyond basic install.

Thanks for the input, Cheers.
0
 
LVL 9

Expert Comment

by:conradie
ID: 13520612
Are you asking whether changing to DSL at office B2 will help the 221.221.221.221 to 10.10.10.10 NAT'ing issue? Well unless I am misunderstanding something here, that would mean a new service provider, new modem, new connection to the internet etc. So your whole method of connecting to the internet, and thus the IP scheme will change. So you will not have the same address or anything. Am I misunderstanding?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 9

Expert Comment

by:conradie
ID: 13520619
And also:

"An error in the log says something about "I'm being call 221.221.221.221 but I’m really 10.10.10.10"."

Can you post this error here, please?
0
 

Author Comment

by:caninia
ID: 13520915
Conradie;

No, I'm not thinking of changing my ISP, in fact I don't have any other options at this time. What I was saying is, using my current ISP and wireless DSL, I would install a simple DSL modem just like the ActionTec at the other location then put the RV082 behind it. The modem would pass everything through and would contain the 10.10.10.10 address. That would allow me to assign a different public IP to the RV082.
Currently...
Site A: ISP (WAN)---->ActionTec---->RV082
Site B: ISP (WAN)---->RV082

Change B to...
ISP (WAN)---->DSL Modem----->RV082

I'll post the exact error as soon as I can.

Thanks for the input, Conradie.
0
 
LVL 9

Expert Comment

by:conradie
ID: 13521937
Well the handoff that you are putting into the RV082 right now is ethernet. This, along with the fact that there is already something performing NAT upstream on this connection leads me to believe that the DSL modem will not work or even be able to plug in there.

You likely need to find out from your ISP what is performing NAT upstream from your router, and why. They then need to allow VPN traffic to pass through this device. Can you access any other services using this public IP they have provided you, if you open ports in the RV082? That may be a good test.
0
 

Author Comment

by:caninia
ID: 13525101
Conradie;

I can get the built-in PPTP support provided by the RV082 to work from my home using the Windows XP VPN client (using default setting). I put in the user name and password in the PPTP section of the RV082 setup then, from home, I start the Windows VPN connection, enter the same user name and password and I'm connected. Problem is the RV082 only supports 5 PPTP users. Each user has to be defined on the RV082.
I try the same thing using the RV082's built-in VPN support for the Linksys' VPN client and it doesn't work, neither will the Windows VPN client to the Linksys "Client to VPN" setup.
Does this mean that my ISP is not the problem?
0
 
LVL 37

Accepted Solution

by:
meverest earned 2000 total points
ID: 13526531
Hi,

you can prove it to the wireless isp that their network is the problem by trying to connect from an XP client the same as you can do from your home PC.  if it works at home but not at the remote office, then you have demonstrated the network to be the issue.  if it does waor via XP at the remote office, then you have demonstrated that it is rv082 config.

Cheers.
0
 
LVL 8

Expert Comment

by:susanzeigler
ID: 13575877
Offhand, I don't see any reason why your scenario doesn't work. One thing I do have a question on is how the Linksys in office B is configured. The numbering of the external interface should be 10.10.10.10. That router shouldn't really ever be called at the 221.221.221.221 number. What in office B is attempting to connect via that number? The translation from 221.221.221.221 to 10.10.10.10 happens at the ISP level, and translation should occur for both incoming traffic (inbound to 221.221.221.221 get's translated to 10.10.10.10) and outbound traffic (outbound as 10.10.10.10 is translated to 221.221.221.221) and your linksys shouldn't even care about this.

You do not post whether the local subnet for office A is different than office B, but if they are both using the same non-routed subnet at both locations then you might have an issue.

Here is linksys' instruction page for the set-up when one end is static and one is dynamic:
http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=1705&p_created=1094687137&p_sid=4imrYIAh&p_lva=&p_sp=cF9zcmNoPTEmcF9zb3J0X2J5PSZwX2dyaWRzb3J0PSZwX3Jvd19jbnQ9MTE5JnBfcHJvZHM9MCZwX2NhdHM9JnBfcHY9JnBfY3Y9JnBfc2VhcmNoX3R5cGU9YW5zd2Vycy5zZWFyY2hfbmwmcF9zY2ZfbGFuZz0xJnBfcGFnZT0xJnBfc2VhcmNoX3RleHQ9UlYwODI*&p_li=&p_topview=1
0
 

Author Comment

by:caninia
ID: 13674898
I moved the RV082 to a wired DSL line with static IP and it worked without a problem. Therefore, the problem has to be with my wireless ISP's use of NAT to my router. The Linksys VPN won't work under these conditions. I tried to explain this to Linksys' tech support but they just shot me back a link to a worthless support document on their site explaining how to set up the router to use VPN.
No point in continuing this discussion. Thanks all for trying.
0
 
LVL 37

Expert Comment

by:meverest
ID: 13676362
Yes, like i suggested, give their tech support an experiment result that proves that their network is the problem.  at least that may get them thinking.

Cheers.
0
 

Expert Comment

by:LyndonJE
ID: 13849939
I have no experience with Linksys, however NAT does break IPSEC VPNs unless you are using NAT-T devices (NAT Traversal).

Does the linksys support NAT-T (if infact you are using an IPSEC VPN). Don't think NAT will cause a problem with PPTP but I could be wrong.

I'd go down the NAT-T route and elliminate this as as it sounds like the route of the problem to me.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

    Over the past few years, small business and home owners have become so dependent on internet that a need for redundancy has arisen.    What happens when your small business or home / home office loses its internet connection?  The results c…
Sometimes you have to pull out old tricks to get a new firewall to work… While we were installing a new Sonicwall at a customers site we found that sites they were able to visit before were not working.  It seemed random and we could not understa…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question