Wireless, VPN, router

I have two main routers, probably not idea, but let me explain.

I have a technocolor something or nother from comcast, which is a cable modem/router and has VOip.. unfortuntelly I can not configure too much on this device. So while wireless is enabled, I do not use it.. I cant even disable it.  I cant switch to bridge mode or anything.

So I connected a linksys e4200 wireless router... this is on a different subnet, and is configured for wireless, and etc. This is our main device we connect to and all forwards from this device accordingly.

My question, is somehow I want to enable and have the ability to VPN into home...
I dont think natively I can do this, and would have to add to dmz port forward... not sure... To test, I have a Linksys wrt54gs v 5.0.  I flashed with DDRT but not sure what to do now, and how to add to infrastructure.... I think adding it as a repeat bridge with same SID and passwords and authentication, but i need thoughts are corerect setup and how to enable and use vpn so i can connect from external
LVL 5
IndyrbAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Fred MarshallConnect With a Mentor PrincipalCommented:
There needs to be a device in the office that is the "end" of the VPN.  It has all the VPN settings, etc.  Usually this is an edge device like a router or firewall.  

With your lack of control over the Technicolor (which seems odd if you can get into it) then all this may be for naught.  I'm going to assume that it won't support the VPN functionality.  In that case, it has to support VPN passthrough which is usually a setting.  What model is it?

The Linksys e4200 doesn't support VPN functionality unless you install DD-WRT.  But I wouldn't do that to this one.  At present, you don't have this set up LAN-toLAN but, rather LAN-to-WAN which is obvious from the IP addresses .. there are two subnets and not just one.

The Linksys WRT54G with DD-WRT does support VPN functionality.  So that's your best bet.  I would set things up like this:

- Technicolor with VPN passthrough enabled    connected to:
- WRT54G with DD-WRT with VPN configured. <<<< so this terminates the VPN.
- WRT54G LAN connected to e4200 LAN port.
- e4200 DHCP server turned OFF.
- e4200 LAN address set to be in the same subnet as the WRT54G LAN and outside the WRT54G DHCP range.  You will have to enter the IP, subnet mask, gateway (WRT54G address), DNS (the same) manually here.

If you plan to use a split VPN in the remote sites then it's a good idea to make your WRT54G subnet some odd number like 172.16.99.0   255.255.255.0.  This way, no matter the garden variety subnet you happen to be on in the field, they won't conflict.
The split VPN is handy because then you can get to the internet all the time whether the VPN tunnel is established or not.
0
 
Fred MarshallPrincipalCommented:
It seems most odd that you can't disable wireless on any router in your facility.  That would not really be acceptable.  How do you maintain wireless security and, thus, network security?

Presumably if the Comcast router has wireless then it's providing NAT and a private subnet.  And, if it's on a LAN subnet then you should be able to access it - if you can log in.  The access address is likely the same as the gateway address one would use to connect to it.

If all you are doing is using the e4200 for wireless then I would connect it LAN port to LAN port.  There is a diagram attached for that.

What do you intend to use for terminating the VPN in the office?  That's rather key in this discussion.
Wireless-Router-as-a-Simple-Swit.pdf
0
 
IndyrbAuthor Commented:
I know what the comcast router is.. its the 10.x.x.1 I can even login, however I can not disable Wireless or advance rules or features... and it is connected LAN to LAN.. e4200 is 192.168.x.x
0
 
IndyrbAuthor Commented:
What do you intend to use for terminating the VPN in the office?  That's rather key in this discussion.

What do you mean by terminating VPN?
Like when the session is closed?  I am new to this, I know what I need, just dont know how to get there, while utilizing the most secure, least amount of effort, and maintaining best practices and guidliness.
Hardware:
-Techno (Comcast)
-LinkSys e4200
-Linksys Switch

-LinkSys Wrt54GS - DDRT-WRT
0
 
IndyrbAuthor Commented:
I also have an ASA 5505, but it seems to loose its config all the time, and then I cant get anything to work... But it also could be a rookie user error. Which is perfered. DDRT or ASA 5505. I have 80MB download speed. subscribed to 105+
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.