Configure Linksys WRT54G and VPN-1 SecureClient

I'm having a lot of trouble getting my Linksys WRT54G router to work with Checkpoint VPN-1 SecureClient.

It will work fine connected directly to the Cable Modem, but when I connect behind the router, the NAT and SPI is blocking the ports.  I've tried to open ports with port forwarding, port triggering, etc. with no success.

I'm uncertain what steps I need to take to get the SecureClient to operate behind the router.

I've configured the router to be a private 10.10.10.1 network as to not conflict with my office network.

Can anyone provide the steps to get this working?

Thank you!
pshoemaker21Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rob WilliamsCommented:
Might be as simple as checking the "enable IPSec pass-through" on the firewall page of the security section.

Rob WilliamsCommented:
By the way, no ports need to be opened or forwarded. Only other issue might be if your modem is a combined router/modem and is also performing NAT, but see how the IPSec pass-through works. If you did forward any ports relating to VPN's change those back to the defaults. They can sometimes interfere with VPN client traffic.
pshoemaker21Author Commented:
I've already checked all that.  I've been reading a bunch on the net and it's difficult to find anything specific.  The cable modem is just a straight broadband access node, which hands out a single IP address by MAC address.

It has something to do with the port blocking that is enabled by default on the linksys router.  I just don't know how to configure it to get past that.  Not sure if it can be configured or not?
SolarWinds® IP Control Bundle (IPCB)

Combines SolarWinds IP Address Manager and User Device Tracker to help detect IP conflicts, quickly identify affected systems, and help your team take near instantaneous action. Help improve visibility and enhance reliability with SolarWinds IP Control Bundle.

Rob WilliamsCommented:
I am afraid I am not much help. As a rule with Linksys routers all VPN clients, CheckPoint, WatchGuard, Cisco, etc. are able to work quite well with absolutely no configuration other than allowing IPSec pass-through. It is possible to block the traffic with manual firewall rules, but the defaults should not do so. Perhaps there is a problem with the firmware. Have you tried upgrading or re-installing? Also I have seen some problems with VPN's and wireless connections. Are you connecting to the WRT54G wirelessly or with a cable. Perhaps try a cable if you are using wireless.
Rob WilliamsCommented:
Also:
>>"The cable modem is just a straight broadband access node, which hands out a single IP address by MAC address."
So I assume as a result your WRT54G's WAN configuration has been assigned a true public IP and not a private IP such as 192.168.x.x, 10.x.x.x, or 172.16-32.x.x ?
Rob WilliamsCommented:
If pshoemaker21, is still receiving notices.......
- have come across dozens of article with different folks having problems using an IPSec client behind the WRT54G. If you have the option, try from behind another router. The router itself seems to be the problem, If "enable IPSec" is checked there is nothing more for you to configure.
-f by chance you have the same problem with another router, or perhaps check anyway, make sure the modem is not a combined router/modem providing NAT (Network Address Translation) services. This will be noted by it assigning the connected device a private IP such as 192.168.x.x, 10.x.x.x, or 172-16.x.x  If that is the case the modem needs to be put in Bridge mode.
-If the modemot running NAT, and you have tried another router, you may need to have the CheckPoint administrator look at their configuration of NAT-T at the server end, router.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.