Solved

Wireless, VPN, router

Posted on 2014-03-03
5
863 Views
Last Modified: 2014-03-26
I have two main routers, probably not idea, but let me explain.

I have a technocolor something or nother from comcast, which is a cable modem/router and has VOip.. unfortuntelly I can not configure too much on this device. So while wireless is enabled, I do not use it.. I cant even disable it.  I cant switch to bridge mode or anything.

So I connected a linksys e4200 wireless router... this is on a different subnet, and is configured for wireless, and etc. This is our main device we connect to and all forwards from this device accordingly.

My question, is somehow I want to enable and have the ability to VPN into home...
I dont think natively I can do this, and would have to add to dmz port forward... not sure... To test, I have a Linksys wrt54gs v 5.0.  I flashed with DDRT but not sure what to do now, and how to add to infrastructure.... I think adding it as a repeat bridge with same SID and passwords and authentication, but i need thoughts are corerect setup and how to enable and use vpn so i can connect from external
0
Comment
Question by:Indyrb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 39901546
It seems most odd that you can't disable wireless on any router in your facility.  That would not really be acceptable.  How do you maintain wireless security and, thus, network security?

Presumably if the Comcast router has wireless then it's providing NAT and a private subnet.  And, if it's on a LAN subnet then you should be able to access it - if you can log in.  The access address is likely the same as the gateway address one would use to connect to it.

If all you are doing is using the e4200 for wireless then I would connect it LAN port to LAN port.  There is a diagram attached for that.

What do you intend to use for terminating the VPN in the office?  That's rather key in this discussion.
Wireless-Router-as-a-Simple-Swit.pdf
0
 

Author Comment

by:Indyrb
ID: 39901654
I know what the comcast router is.. its the 10.x.x.1 I can even login, however I can not disable Wireless or advance rules or features... and it is connected LAN to LAN.. e4200 is 192.168.x.x
0
 

Author Comment

by:Indyrb
ID: 39901665
What do you intend to use for terminating the VPN in the office?  That's rather key in this discussion.

What do you mean by terminating VPN?
Like when the session is closed?  I am new to this, I know what I need, just dont know how to get there, while utilizing the most secure, least amount of effort, and maintaining best practices and guidliness.
Hardware:
-Techno (Comcast)
-LinkSys e4200
-Linksys Switch

-LinkSys Wrt54GS - DDRT-WRT
0
 
LVL 26

Accepted Solution

by:
Fred Marshall earned 500 total points
ID: 39902130
There needs to be a device in the office that is the "end" of the VPN.  It has all the VPN settings, etc.  Usually this is an edge device like a router or firewall.  

With your lack of control over the Technicolor (which seems odd if you can get into it) then all this may be for naught.  I'm going to assume that it won't support the VPN functionality.  In that case, it has to support VPN passthrough which is usually a setting.  What model is it?

The Linksys e4200 doesn't support VPN functionality unless you install DD-WRT.  But I wouldn't do that to this one.  At present, you don't have this set up LAN-toLAN but, rather LAN-to-WAN which is obvious from the IP addresses .. there are two subnets and not just one.

The Linksys WRT54G with DD-WRT does support VPN functionality.  So that's your best bet.  I would set things up like this:

- Technicolor with VPN passthrough enabled    connected to:
- WRT54G with DD-WRT with VPN configured. <<<< so this terminates the VPN.
- WRT54G LAN connected to e4200 LAN port.
- e4200 DHCP server turned OFF.
- e4200 LAN address set to be in the same subnet as the WRT54G LAN and outside the WRT54G DHCP range.  You will have to enter the IP, subnet mask, gateway (WRT54G address), DNS (the same) manually here.

If you plan to use a split VPN in the remote sites then it's a good idea to make your WRT54G subnet some odd number like 172.16.99.0   255.255.255.0.  This way, no matter the garden variety subnet you happen to be on in the field, they won't conflict.
The split VPN is handy because then you can get to the internet all the time whether the VPN tunnel is established or not.
0
 

Author Comment

by:Indyrb
ID: 39937923
I also have an ASA 5505, but it seems to loose its config all the time, and then I cant get anything to work... But it also could be a rookie user error. Which is perfered. DDRT or ASA 5505. I have 80MB download speed. subscribed to 105+
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question