05-09-2002 03:02 AM - edited 02-21-2020 11:44 AM
Hi,
I would like to know whether i can initiate Vpn connection behind DSL router.
Scenario:
1) We are using PIX 515R. Vpn is configured and i can get connected through internet if am using dialup.
2) Behind DSL router we are having invalid IP. Natting is there in DSL router
3) DSL routers external port is having valid Ip.
4) When VPN is initiated behind the dsl router then am not able to connect.
In this case how can i initiate VPN dialer from inside network of DSL. I mean from PCs having invalid IP.
DO i need valid IP for all VPN clients ?
Regards
Sajin.
05-09-2002 05:40 AM
VPN requires that the DSL router support pass through of MSCHAP and/or IPSEC. I use a SMC Baricade at home to connect to a PIX 515R. I can use either with this router. I use DHCP (private IP) inside the home and DHCP from the ISP. Make sure you have the latest firmware in your router. The connection is made the same way you as with the dialup. The PC's default gateway determins the path taken. ie. the router or the dial interface.
05-09-2002 09:40 AM
Hi,
here i dont have access to Valid ip. all i have is one valid ip on outside port.
For eg. 202.54.1.91 and my inside network is 192.168.1.0 /24.
Ispec cant be enabled on dsl router. I got one more doubt , Some one told me that u can initate a vpn dialer only when u have valid ip.
I got couple of doubts.
1) when u connect to inetrnet from home. u get a Valid ip right., .
U said DHCP from ISP, that means u got a valid IP from isp right plus u have an invalid ip for local network.
That valid ip will be logged in PIX. if u go for debug isakmp u can see the ip address. Are u sure that u dont have a valid ip at all.
i will chk whether my router will allow pass through for MSCHAPor IPSEC. Its not a cisco router.
Regards
Sajin
05-09-2002 01:24 PM
I repeat, I obtain a valid IP address for my SMC router from my ISP via DHCP. I also use DHCP on my private network to asign a 192.168.x.x to the PC's . I use the Cisco Secure VPN Client for IPSEC. The VPN client does not care about the ip address of the PC it runs on . Yes the PIX sees only the valid IP address of my router. Most home type routers will only allow one IPSEC and one PPTP vpn session at a time.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide