VPN Tunnels anybody?
-
Hi Gang, Just wondering if anybody here has experience with VPN Tunnels. I've got 2 end points talking but can't ping. Just looking advice. Let me know and I'll provide details. Nick This are my own opinions. You know the rest.....
-
Hi Gang, Just wondering if anybody here has experience with VPN Tunnels. I've got 2 end points talking but can't ping. Just looking advice. Let me know and I'll provide details. Nick This are my own opinions. You know the rest.....
Does any other network traffic go through? Matt Newman
I am the anti-linux "If you're Master Chief and you're facing the Flood, grab a shotgun and save the last checkpoint" - Me, cause I was bored -
Hi Gang, Just wondering if anybody here has experience with VPN Tunnels. I've got 2 end points talking but can't ping. Just looking advice. Let me know and I'll provide details. Nick This are my own opinions. You know the rest.....
Are you behind routers or firewalls? Are you trying to do PPTP or L2TP? Are you sure your firewalls/routers on each side are allowing the packets thru? I just recently installed a VPN using PPTP and it requires TCP port 1723 and the "GRE protocol", which is "protocol 47" (this is lower level than sockets, so it's not a port number). L2TP I think requires UDP on port 500. I've also found that some ISP's block VPN ports (guy at work can't get in because of this), so make sure you can even get the traffic thru in the first place. If you're using PPTP, an easy way to check is do a telnet on the 1723 port to the VPN server. If it connects (clears the screen but doesn't respond with anything), you know 1723 is at least getting thru. If 1723 can't get thru (you get a Conenction failed type message after a while), make sure the server listening on 1723 on the server machine (netstat -a -n, and look for a TCP port 1723 that's in the LISTENING state).
-
Are you behind routers or firewalls? Are you trying to do PPTP or L2TP? Are you sure your firewalls/routers on each side are allowing the packets thru? I just recently installed a VPN using PPTP and it requires TCP port 1723 and the "GRE protocol", which is "protocol 47" (this is lower level than sockets, so it's not a port number). L2TP I think requires UDP on port 500. I've also found that some ISP's block VPN ports (guy at work can't get in because of this), so make sure you can even get the traffic thru in the first place. If you're using PPTP, an easy way to check is do a telnet on the 1723 port to the VPN server. If it connects (clears the screen but doesn't respond with anything), you know 1723 is at least getting thru. If 1723 can't get thru (you get a Conenction failed type message after a while), make sure the server listening on 1723 on the server machine (netstat -a -n, and look for a TCP port 1723 that's in the LISTENING state).
Time for some more details of what I'm trying to do here. :) I wanted to see if somebody has been doing vpns for a while. Ok, First of all, I'm using a play network for right now. I'm trying to set up the vpn tunnel between my house and my office and it looks like this: My House Computer <-> Linksys VPN Router <-> Road Runner Modem <---> Net Net <--> Dial UP Modem <--> D-Link VPN Router <--> Office Computer. Ok, the linksys has an (almost) static IP address. That's all set up to be one end point of the tunnel. The D-Link doesn't, but that appears to be ok. I've got the configurations all set so that the VPN gets established. At least that's what the linksys is telling me. Unforunately, I don't get any response when I try to ping either router from either side of the connection. I'm using ddns so I can always look up to verify if my ip addresses have changed. So far so good. I don't think this is a port issue. I did play around with pass-thru, using my house as a vpn client to my computer at the office as a vpn server and that worked fine. I'm trying to go this route so that I don't need dedicated vpn servers everywhere. The idea is that it's just a tunnel. Once the tunnel is established, I can take it from there for other things like authentication, etc. LinkSys and D-Link's web site make this sound oh so easy..... Thanks for the help, Nick This are my own opinions. You know the rest.....
-
Time for some more details of what I'm trying to do here. :) I wanted to see if somebody has been doing vpns for a while. Ok, First of all, I'm using a play network for right now. I'm trying to set up the vpn tunnel between my house and my office and it looks like this: My House Computer <-> Linksys VPN Router <-> Road Runner Modem <---> Net Net <--> Dial UP Modem <--> D-Link VPN Router <--> Office Computer. Ok, the linksys has an (almost) static IP address. That's all set up to be one end point of the tunnel. The D-Link doesn't, but that appears to be ok. I've got the configurations all set so that the VPN gets established. At least that's what the linksys is telling me. Unforunately, I don't get any response when I try to ping either router from either side of the connection. I'm using ddns so I can always look up to verify if my ip addresses have changed. So far so good. I don't think this is a port issue. I did play around with pass-thru, using my house as a vpn client to my computer at the office as a vpn server and that worked fine. I'm trying to go this route so that I don't need dedicated vpn servers everywhere. The idea is that it's just a tunnel. Once the tunnel is established, I can take it from there for other things like authentication, etc. LinkSys and D-Link's web site make this sound oh so easy..... Thanks for the help, Nick This are my own opinions. You know the rest.....
When you say you're trying to ping, are you sure you're allowing ping traffic thru? I'm a bit confused how you're using a Dial UP Modem thru a router. I've never done that before and I'm not sure how it's possible...
-
When you say you're trying to ping, are you sure you're allowing ping traffic thru? I'm a bit confused how you're using a Dial UP Modem thru a router. I've never done that before and I'm not sure how it's possible...
Kentamanos wrote: When you say you're trying to ping, are you sure you're allowing ping traffic thru? I can ping the public IP address of both end points. Actually, I can log into both router configuration screens at either end as well. Only problem I have is when I'm working with the internal IP addresses. I can ping from subnet a-internal to subnet-b internal. Kentamanos wrote: I'm a bit confused how you're using a Dial UP Modem thru a router. I've never done that before and I'm not sure how it's possible... Take a look at the D-Link DI-804HV. It's a routing VPN end point. It happens to have a regular RJ-45 connector for broadband, and it has an comm port for a modem. It doesn't care if it's a POTS line or an ISDN line. The idea is you can have it use any of it's interfaces to get to the outside world. This are my own opinions. You know the rest.....