cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
554
Views
0
Helpful
3
Replies

VPN client behind DSL Router

sajin.raj
Level 1
Level 1

Hi,

I would like to know whether i can initiate Vpn connection behind DSL router.

Scenario:

1) We are using PIX 515R. Vpn is configured and i can get connected through internet if am using dialup.

2) Behind DSL router we are having invalid IP. Natting is there in DSL router

3) DSL routers external port is having valid Ip.

4) When VPN is initiated behind the dsl router then am not able to connect.

In this case how can i initiate VPN dialer from inside network of DSL. I mean from PCs having invalid IP.

DO i need valid IP for all VPN clients ?

Regards

Sajin.

3 Replies 3

rsnider
Level 1
Level 1

VPN requires that the DSL router support pass through of MSCHAP and/or IPSEC. I use a SMC Baricade at home to connect to a PIX 515R. I can use either with this router. I use DHCP (private IP) inside the home and DHCP from the ISP. Make sure you have the latest firmware in your router. The connection is made the same way you as with the dialup. The PC's default gateway determins the path taken. ie. the router or the dial interface.

http://www.cisco.com/warp/public/110/pptpcrypto3.html

Hi,

here i dont have access to Valid ip. all i have is one valid ip on outside port.

For eg. 202.54.1.91 and my inside network is 192.168.1.0 /24.

Ispec cant be enabled on dsl router. I got one more doubt , Some one told me that u can initate a vpn dialer only when u have valid ip.

I got couple of doubts.

1) when u connect to inetrnet from home. u get a Valid ip right., .

U said DHCP from ISP, that means u got a valid IP from isp right plus u have an invalid ip for local network.

That valid ip will be logged in PIX. if u go for debug isakmp u can see the ip address. Are u sure that u dont have a valid ip at all.

i will chk whether my router will allow pass through for MSCHAPor IPSEC. Its not a cisco router.

Regards

Sajin

I repeat, I obtain a valid IP address for my SMC router from my ISP via DHCP. I also use DHCP on my private network to asign a 192.168.x.x to the PC's . I use the Cisco Secure VPN Client for IPSEC. The VPN client does not care about the ip address of the PC it runs on . Yes the PIX sees only the valid IP address of my router. Most home type routers will only allow one IPSEC and one PPTP vpn session at a time.