• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 448
  • Last Modified:

CheckPoint VPN over Wireless Router

I have been connecting with the home office over VPN for many months.   Connection is high-speed cable modem.  Recently installed a NetGear Wireless Router model WGR614 at the house.   Now I cannot even ping servers in the home network.   I can authenticate into the VPN just fine, but for some reason I don't appear to be passing any traffic.   If I simply remove the router and connect directly to the cable modem, things work just fine again.

What am I missing?
0
jhunter9999
Asked:
jhunter9999
  • 5
  • 4
  • 2
2 Solutions
 
pseudocyberCommented:
Make sure your NetGear has VPN passthrough enabled.  Sometimes, network devices can allow VPN authentication to occur but break VPN encryption.  It appears everything is working, even though it's not.
0
 
2hypeCommented:
Ensure you open up your ports on the Router
0
 
jhunter9999Author Commented:
2hype - Is that related to Port Forwarding or Port Triggering?   Is there normally a "open all ports" option on the routers?
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
pseudocyberCommented:
The "vpn passthrough" option takes care of the port forwarding.  The "open all ports" option in a SOHO router is known as a "DMZ".  There is usally the ability to define a DMZ machine or physical port on your switch.
0
 
2hypeCommented:
Are you using PPTP for your VPN Connection.  Go to the port forwarding on the router and open port  47 and Port 1723 and point them to your computer accepting the VPN connection
0
 
jhunter9999Author Commented:
Last night I went to the port forwarding config on the router.  the config allows you to setup a custom service, and define a series of port numbers to allow.  First I tried just setting up 47 and 1723 with no success.  I then allowed 1-65000 something.   Whatever the highest port number was.  So, my assumption was that I opened all the ports.   Still cannot even ping my internal network once VPN authenticates.   I checked the firewall log this morning, and there were no drop records indicting that the Firewall had any problem letting me come through.   I'm pretty convinced that the router itself is preventing the traffic.  Any other suggestions?
0
 
pseudocyberCommented:
Did you look for a "vpn passthrough" option?  What kind of VPN tunnel is it - IPSEC, SSL, PPTP, L2TP, etc.
0
 
jhunter9999Author Commented:
psuedocyber

There was no vpn passthrough" option.   The tunnel is IPSEC.
0
 
pseudocyberCommented:
Huh, don't know what to tell you.  I pulled the manual and don't see any reference to IPSEC or VPN passthrough.  

I use a Linksys Wireless B router at home, and I have a WRV54G at work in a lab - they both work great with Nortel's Contivity Client using IPSEC.  No problems.
0
 
jhunter9999Author Commented:
pseudocyber/2hype,

Problem solved.  This issue turned out to be a WAN router that is used as the default gateway by internal servers and workstations.   That router had a entry to drop all traffic with 198.162.xxx.xxx.   The Firewall traffic came into the network, but never went back out.   My router support vendor made a config change on the router and it works!

Thanks for the responses.    
0
 
pseudocyberCommented:
Glad you got it solved! :)
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now