Linksys VPN without RAS???

Do you mean they are setting up a VPN using the Linksys router as the VPN endpoint rather than a RAS server? If so, easy to do, but you have the wrong Linksys. Some of the Linksys routers are VPN pass-through capable such as the WRT54G, others are VPN routers, usually indicated with a V in the name. Though most require using IPSec, which is difficult to set up with the Windows client, the RV042, RV082 series allow you to use their own QuickVPN client, or the standard Windows PPTP VPN client. For the latter, the router needs the latest firmware.

Or, Linksys also makes the BEFVP41, which has this capability...  a little easier on the pocketbook also...  :)

I agree Fatal Exception, the BEFVP41, a great router, is almost 1/2 the price but it is not compatible with the default PPTP client (unless they have added that with recent firmware). Setting it up with a Windows client using IPSec is a pain in the neck, but it does work well if you have the patience. If interested:
http://www.homenethelp.com/vpn/router-linksys.asp

I don't understand what type of VPN you are trying to create.

Where is the client?
Are you trying to make your XP machine accept incoming VPN connections, or are you trying to initiate a VPN to another server?  
Is the Linksys your gateway or the remote gateway you want to terminate at?

mcsween -

Basically what we have is a linksys router that at one time worked at different location (another state). This small business owner met me and over time figured out that I know a little bit about this kind of stuff. He had a IT person in Miami set up this linksys VPN and it worked fine. The small business owner was able to "VPN" into a windows xp sp2 pro client from his house. He has now moved to atlanta where I am at and he said he can know longer VPN in. I asked him how he was doing this before and he kept pulling up IE and putting in one of his external ip address, he said that was how he was able to VPN in. I questioned that but kept my thoughts to myself. So basically I am not really sure how he has done this is the past. But this is what I got know. One linksys router (gateway) that has worked in this environment before, external static ips, and a windows xp pro client.  He told me the only thing that is different is the modem that Bellsouth gave him which is now a netopia (all in one type modem), where as he use to have a westel. From what I understand this can be done by forwarding ports on the linksys router to a internal xp client. So basically any requests that come in on that port will be forwarded (kind of like nat I guess).  So I am assuming I would just use windows xp vpn client, put in the external ip and when the vpn client hits the linksys on that port the linksys then forwards to the internal client. Correct? Ipsec is not a option because I dont want to go to this guys house and set up another router to create the tunnel.

Thanks

Has the client site, or the host site moved? or both?
I am assuming the Host site has remained in place and it is the client site that has moved.

You are going to have to find out what is at the Host site (the site to which he is connecting). If he is entering a public IP in his web browser it sounds more like Small Business Server's "Remote Web Workplace", or a 3rd party VPN. Most VPN's use a VPN client, either the Windows, or similar. If you are suggesting he is connecting to a VPN Linksys router at the host site with a web browser, that could only be their newest VPN router the RVL200 which uses SSL and you connect using https://<IP>

Again, if it is only the client that has moved, sounds like nothing has changed, and the connection should work unless
1) the IT guy set a restriction as to what IP the client can connect from
2) some part of the equipment at the new client site is blocking a required protocol/service. You mention the user now has a Nettopia modem, is this a combined modem/router. If so it may be in NAT mode. Many VPN's do not like dual NAT devices such as a combined modem/router as well as a second router like the Linksys. Try connecting the user directly to the modem, by-passing the local router. If this works the modem may need to be put in Bridge mode. Also some routers and ISP's do not support some VPN protocols. There is no need to configure port forwarding at the client site, that is only done at the host site and presumably that has not changed.

Everything has moved client and host to a new state -

Yes the netopia modem is one of those combined router modem, wirless units. But he is not using any of those ports on the modem expect going to the linksys. I am pretty sure the modem is in bridge mode. He has bellsouth and I set up a lot of users with bellsouth and routers. The modems always has to be in bridged mode to get the router working.

Errr.

 I am going to talk with this guy Monday after work and try and get more info from him. I will let you know what I find out

I agree, Rob..  sounds more like Remote Desktop than a VPN...  you can do this on any client XP system if you install IIS...

http://www.microsoft.com/windowsxp/using/networking/expert/northrup_03may16.mspx

FE I was thinking SBS Remote Web Workplace, forgot about Remote Desktop Web Connection, the latter is even more likely.

modest911, best to see what equipment and type of connection at host end and then I'm sure we can all help to resolve.
Regardless probably need the new modem in bridge mode and appropriate pot forwarding enabled on the Linksys at the host end. Client end, if in fact a VPN, would only require PPTP-Pass-through enabled.

Okay I got some more info and manuals. Basically he is using pcAnywhere and a camera software called geovision.

He is use to opening up internet explorer and putting in a external ip for the geovision software so he could monitor his store.

And use pcAnywhere to connect to the 3 internal computers.


Here is the setup. Linksys router as the gateway.  He has the camera server at ip 192.168.2.85 and his main pcAnywhere server at 192.168.2.80. Now my question is - How do I "NAT", "forward" or whatever from external ip to either on of those internal ips on a linksys router.

You will need to find out what ports that he has configured for the software...  

http://www.practicallynetworked.com/support/linksys_router_help_pg4.htm

In order to connect to pcAnywhere hosts that are behind routers using Network Address Translation (NAT), there are two things that you need:

    * A routable IP address for the Host. Refer to the document How to determine the IP address of a pcAnywhere host for additional information
    * Port forwarding to forward ports 5631 (TCP) and 5632 (UDP)

And here is what I found for geovision:

http://www.portforward.com/english/routers/port_triggering/Linksys/BEFW11S4v1.50.14/GeoVision_DMIP.htm

haha - you found the samething I found


http://www.portforward.com/english/routers/port_forwarding/Linksys/WRT54G/GeoVision_Webcam.htm


http://www.portforward.com/english/routers/port_forwarding/Linksys/WRT54G/pcAnywhere.htm


I do understand what I need for nat - But what I was asking what is the equal with the linksys and it seems this port forwarding is basically the samething

More to come

just thought of something - I am assuming with port forwarding it wont matter what external ip I use correct? So if the router sees a request on a certain port then it will forward it. That is where I am confused between the differences of nat and port forwarding. Nat I can just take that external IP and say hey if you have a request on that external ip convert it to this internal ip. Port forwarding is working with ports and I am assuming it doesnt matter what external Ip I use correct?

>>"I am assuming it doesn't matter what external Ip I use correct?"
Correct, so long as the remote user knows what IP to which they need to connect.
If a service uses a none standard port, for a given service, you can also specify the port with the connection information using a colon such as:
66.66.123.123:8080

RobWill - You say "as the remote user knows what IP to which they need to connect". What I am saying is it wont matter what External IP I give him because the router will see activity on that port and forward it correct?

Right !
He will connect to the Public/External IP, and the router will be reconfigured with the information to forward all traffic on the specified ports to the machine/IP you have configured. He won't know or care how he gets connected <G>.

And, if you do use a non-standard port, it would have to be configured on both sides of the connection.. otherwise, the app knows what port to use, and will follow that port through the router..

Hmm so I put the ports in the linksys and everything seems to be working at the site with the external ips for the camera server and pcanywhere. but as soon as you leave the office and use the external ip we cant get to anything. Pc anywhere wont work or I cant get to the camera server. What I did for the camera server though is gave it a external static ip, gateway, and dns in the tcp ip properties.

I will be going back Monday to take a look.

>>"I put the ports in the linksys and everything seems to be working at the site with the external ips for the camera server and pcanywhere"
That sounds odd. Most routers will not allow you to connect to the external IP's from the same site, they will not "loop-back" the packets to the same network. I question if it is configured correctly.
You should be able to test by logging onto a device to which port forwarding is pointing, for example a PC configured for PC Anywhere access, and going to  http://www.canyouseeme.org   and testing for the forwarded ports.

>>"What I did for the camera server though is gave it a external static ip, gateway, and dns in the tcp ip properties."
If so rather than using port forwarding you need to create a NAT 1-t-1 rule. Will your router support that?

"If so rather than using port forwarding you need to create a NAT 1-t-1 rule. Will your router support that?"


There is NO natting in the linksys that has been my problem and my question.

>>"There is NO natting in the linksys "
Right, so you have to use port forwarding.
Above when you mentioned "can I use any public IP', perhaps I misunderstood. You can use any public IP, but your router will only allow you to use one. You can only work with port forwarding.
Did you try the canyouseeme test a service to see if the port forwarding is properly configured?

Oh man this gets even better - Check this out.

Netopia in DHCP mode for external Ip address
Linksys in DHCP mode for internal - But linksys is getting one external ip from Netopia
Cisco router (haha dont know config) But I do know that this box has a external antenna for cell booting on it. This gets it ip from netopia.

Just to see if it would work I gave the camera server an external ip and hook it up to the netopia - With external dns, and gateway. I wanted to see if I could get this thing online. I used what I thought was Nat in the netopia (Netopia calls it IPmaps) I put the external IP of the netpoia (the netopia external gateway address) to the internal of the cam server (but that has an external address from the netopia). Was able to get to the cam server internal but not external.

Yes I also ran can you see me. The only ports that could be seen was 80. I went through a lot tonight and have to process some info. But long story short. I am thinking this config with wanting to use PC Anywhere and still have the Antenna for cell boost will not work. The only way I can see this working is if I put each PC Anywhere client with a external IP. Bad. I got a lot to think about. Basically two DHCP server (built into routers) with different network ranges, a cell antenna that has to have a external ip...........



This is how its hooked up

External antenna (external ip)

to the

Cisco (do not know config)

to the

Netopia (Serves external ips)

to the

Linksys (Serves internal ips)


I want to be able to connect to cam server and be able to connect to 3 remote PC Anywhere clients. I dont care at this point how I have to do this. But I am "freaking out man". haha.  

Thanks modest911, Good luck with it.
Cheers  !
--Rob