• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1284
  • Last Modified:

VPN Configuration With wrt54g

I am attempting to set up a VPN connection for traveling Managers. I have a fractional t1 that comes through a netopia 5100 provided by my isp. I then have a wrt54g linksys router which is performing NAT that then goes out to switches. My vpn server is behind a firewall.
I have set port forwarding up on the router,but I can't seem to make a connection. I'm stumped at this point. Also is it necessary to have 2 nics configured on the VPN server?
0
cltool
Asked:
cltool
  • 2
  • 2
1 Solution
 
Technicon-SGCommented:
Your likely problem is that the firewall is blocking some of the VPN ports...VPNs use some non standard protocols that some firewalls will not forward (or require special configuration to do so).

If you could post a diagram of your network(with specific refferences to the models of your equipment) I will try to make some better suggestions.

I would prefer to see the VPN device on the outside of the firewall...the netopia is also capable of providing VPN services (unless it is configured as a bridge).

0
 
cltoolAuthor Commented:
Here is a brief summary of my network setup.

Pri > T1  netopia 5100  ip 72.17.157.97
                                  sn 255.255.255.248

5 port switch (unmanaged)

Linksys WRT54G Public ip 72.17.157.98
                         dg       72.17.157.97
                         sn     255.255.255..248
                 Internal Ip     192.168.40.47
                          sn     255.255.255.0
                        DNS      216.199.46.11
                 Performs NAT

HP ProCurve 2524    ip   192.168.40.46
                              sn  255.255.255.0

Windows 2003         ip  192.168.40.19
VPN Server              sn 255.255.255.0

The Netopia 5100 is provided by my ISP and therefore can not be managed locally.
That's pretty much the setup of my network. Thanks for your help, and let me know if you need any further information.
0
 
Technicon-SGCommented:
Thanks for the update on your configs.  I should have been a little more specific on the info I needed...for future reference - when posting to a public forum like this one...mask your public IP addresses (like this... x.x.157.98).

Ok to start with...Do you need Wireless?  if not the WRT54G is just a security risk...you should remove it...and replace it with a BEFVP41 VPN router.

If you need wireless you have a couple of options (and I am staying with Linksys here...but dlink and netopia have other good options too).

Replace the WRT54G with a   WRV54G....This unit will provide Wireless and VPN server functions (with Branch office tunnels or Client based vpn).

or you can get a BEFVP41 and connect it beside your WRT54G like this (I assume you have additional IP addresses, as your mask has room for 4 more)

PRI > T1 Netopia 5100 x.x.157.97
                               |
                               |
                          5 port switch
                        _ _ _ _ _ _ _ _ _
                         |                    |
                         |                    |
                  WRT54G           BEFVP41
                 x.x.157.98         x.x.157.99
                         |                    |
                         |_ _ _ _ _ _ _ |
                       HP Pro Curve 2524
                                  |
                                  |
                         Network Resources

Your Clients will make their VPN connections to the BEFVP41.  Which, when configured, will act only as a VPN concentrator.

If you want a little more professional configuration...replace the BEFVP41 with a Nortel Contivity 1100(or similar enterprise concentrator).

My preference would be to go with the WRV54G... Much cleaner.

Either way your clients or Branch offices will me making a connection the the VPN device and not your server.
0
 
cltoolAuthor Commented:
Unfortunately I don't have the money allocated to purchase any new equipment at the time so I have to make do with what I have. Thanks for the help.
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now