mjamike
join:2009-08-25
Bridgewater, MA | VPN with SMC8014 and Linksys RV042 I have read the topic located at »[Business] how to bridge a smc 8014 business class modem and tried to reply but was unable to do so because I got a message saying it was "too old" to reply to.
Anyways, I am trying to setup my first VPN. At home I setup an RV042 with my "dumb" cable modem very easily, but at work we have the SMC8014 and I can't get it working. I have tried what was suggested in the link I mentioned above and I keep striking out. Now, it is most likely because I am misunderstanding something here as I am admitting to being a newbie to VPN. I took screen shots of my comcast SMC8014 settings as well as the RV042 to possibly make it easier for anyone willing to help.
»dl.getdropbox.com/u/178915/comcast1.bmp
»dl.getdropbox.com/u/178915/comcast2.bmp
»dl.getdropbox.com/u/178915/linksys1.bmp
I would greatly appreciate anyone helping with this. I have been reading my face off and feel like I should have this working by now. |
|
mjamike
join:2009-08-25
Bridgewater, MA | No ideas? Dang it. |
|
mjamike
join:2009-08-25
Bridgewater, MA | reply to mjamike
I will pay anyone who is willing to fix this using e-mail or phone support. Please e-mail me if you can help and let me know what it will cost. mjamike at gmail dot com
- Mike |
|
|
|
AVonGaussPremium
join:2007-11-01
Boynton Beach, FL | I am familiar with VPNs, but not with the SMC8014 and only marginally with the Comcast Business setup. However, you sound open to ideas from anywhere, so...
1) Can you ping the Linksys at all? Since it has a public IP address, you should be able to assuming the setting is enabled on the Linksys.
2) Are the subnet and gateway entries on the Linksys correct? I could be wrong, but I would have expected the same subnet mask as on the SMC8014 and the same gateway or the SMC8014 itself as the gateway for the Linksys device.
3) If none of the above are helpful, what are the exact symptoms? |
|
mjamike
join:2009-08-25
Bridgewater, MA | @AvonGauss thanks so much for the reply. I will hopefully have time tomorrow afternoon to troubleshoot. Like I said previously, I am willing to pay for the solution here. If you want to contact me via PM or e-mail please do. I will let you know as much detail as possible as soon as I have the time to work on it. |
|
AVonGaussPremium
join:2007-11-01
Boynton Beach, FL | I check this forum throughout the day, just post it here and hopefully I or another member can help you out. It may take a few more posts back and forth here, but I'm sure we'll get it figured out. |
|
| reply to mjamike
Is the rv022 at work behind the smc8014?
Do subscribe to a static ip? |
|
| reply to mjamike
Looking at your pic a little closer shows me you manually typed in a static ip and dns. Your Default Gateway is wrong. Your default gateway should be a public ip not a private ip. Comcast should of gave you the info when they gave you your static ip and dns information. |
|
mjamike
join:2009-08-25
Bridgewater, MA | reply to mjamike
@ComTech4 yes the comcast gateway and RV042 are at work. Yes it is a static IP from comcast and I just found the paperwork with the correct gateway thanks to you. I wish I had time to do something about it right now but I have to run out for most of the day. Thanks a TON for the reply and I will report back how it goes! |
|
mjamike
join:2009-08-25
Bridgewater, MA | reply to mjamike
Thanks for everyones help. Here is a summary of what I did to get SMC8014 and RV042 working together. I also have a few more questions if you are all still willing to help.
SMC8014
1. Under LAN: Changed LAN IP Address back to 10.1.10.1 (see screenshot)
2. Under Firewall: Put check marks in boxes for "Disable Firewall for True Static IP Subnet Only" and "Disable Gateway Smart Packet Detection"
RV042
1. Under Setup: Put my CORRECT Static IP, Subnet, Gateway & DNS Addresses in (duh? I feel dumb)
Simple enough for you smart guys but an obvious challenge for me. This got my internet and local network up and running.
Something I don't understand:
1. Before adding the RV042 to my network, the SMC8014 was my router/gateway. When I would go to IP Chicken my IP showed as 173.xx.yy.22. When I looked at my comcast paperwork it said my IP was 173.xx.yy.21 and my gateway was 22. So when I programmed the RV042 I put 21 as my WAN IP and 22 as my gateway. Everything works fine, but what does this mean? Why isn't my IP 21?
New Challenges:
1. When I just used the SMC8014 as my router I set up a DMZ and some Port Forwarding rules. I re-created these under Settup->Forwarding in the RV042 (see screenshot) but they do not work. The user manual says DHCP needs to be turned off for Port Forwarding to work but that isn't really an option and I don't see why that would make a difference. Any ideas?
2. I setup a tunnel from home to work and I am able to connect and ping IP's from both locations, but I can't access any file shares. See the screenshot that shows my VPN configuration. My home IP's are in the 192.168.2.x range while work is in 192.168.1.x range. I am a VPN newbie so this could sound like a silly question.
I think that is all. I appreciate all the great help so far! |
|
AVonGaussPremium
join:2007-11-01
Boynton Beach, FL | said by mjamike:1. Before adding the RV042 to my network, the SMC8014 was my router/gateway. When I would go to IP Chicken my IP showed as 173.xx.yy.22. When I looked at my comcast paperwork it said my IP was 173.xx.yy.21 and my gateway was 22. So when I programmed the RV042 I put 21 as my WAN IP and 22 as my gateway. Everything works fine, but what does this mean? Why isn't my IP 21? Hopefully another with more experience with the standard HSI business setup and the SMC8014 device will comment, but in general; When you are using the SMC8014 as your gateway/router, such as when a computer pulls a DHCP address from the SMC8014 the SMC8014 is the NAT device and it would be expected that to the outside world your IP address would appear to be the public IP address of the SMC8014 device. For a statically defined device such as the RV042, the outside world should see the statically configured public IP address of the RV042 as the SMC8014 is only acting as a router.
said by mjamike:1. When I just used the SMC8014 as my router I set up a DMZ and some Port Forwarding rules. I re-created these under Settup->Forwarding in the RV042 (see screenshot) but they do not work. The user manual says DHCP needs to be turned off for Port Forwarding to work but that isn't really an option and I don't see why that would make a difference. Any ideas? DHCP or DMZ? The target device of the port forward must have a constant IP address, so on the target device (192.168.1.9) it's IP configuration should be static but also you could use a DHCP reservation to assure the device always gets the same configuration. I'm not sure how many others are going to use the VPN, but I would definitely use an alternate subnet to avoid conflicts - the 192.168.1.x subnet is often used by home routers by default. Just pick a random one like 192.168.173.x.
said by mjamike:2. I setup a tunnel from home to work and I am able to connect and ping IP's from both locations, but I can't access any file shares. See the screenshot that shows my VPN configuration. My home IP's are in the 192.168.2.x range while work is in 192.168.1.x range. I am a VPN newbie so this could sound like a silly question. Are you trying to access the shares by IP address or by computer name? For computer name to work, you are probably going to have to rely on WINS. Is the configuration correct on the remote workstation when it is connected through the VPN? If you are able to ping the remote computer offering the share, you should be able to access it via IP address using \\192.168.1.9\MyShare |
|
mjamike
join:2009-08-25
Bridgewater, MA | said by AVonGauss:Hopefully another with more experience with the standard HSI business setup and the SMC8014 device will comment, but in general; When you are using the SMC8014 as your gateway/router, such as when a computer pulls a DHCP address from the SMC8014 the SMC8014 is the NAT device and it would be expected that to the outside world your IP address would appear to be the public IP address of the SMC8014 device. For a statically defined device such as the RV042, the outside world should see the statically configured public IP address of the RV042 as the SMC8014 is only acting as a router. I understand what you are saying, I don't think I need any more explanation 
said by AVonGauss:DHCP or DMZ? The target device of the port forward must have a constant IP address, so on the target device (192.168.1.9) it's IP configuration should be static but also you could use a DHCP reservation to assure the device always gets the same configuration. I'm not sure how many others are going to use the VPN, but I would definitely use an alternate subnet to avoid conflicts - the 192.168.1.x subnet is often used by home routers by default. Just pick a random one like 192.168.173.x. I totally understand that the target device should always have the same IP. I just don't get why they said DHCP should be off in order for it to work. Maybe they were just suggesting that I set the IP manually in the PC's that are going to be taking advantage of Port Forwards or DMZ. Anyways, I get it... I was just thrown off by the message in the user manual (see attachment). BUTTTT why the hell aren't my port forwards & DMZ working?
said by AVonGauss:Are you trying to access the shares by IP address or by computer name? For computer name to work, you are probably going to have to rely on WINS. Is the configuration correct on the remote workstation when it is connected through the VPN? If you are able to ping the remote computer offering the share, you should be able to access it via IP address using \\192.168.1.9\MyShare I was doing some more research and found that a setting in the Windows Firewall would allow file sharing over the VPN. They didn't mention which setting, but I just completely disabled the windows firewall temporarily on one PC (\\192.168.1.27 with name of "backroom") and I was able to access all of my shares on \\192.168.1.227. Does anyone know what I need to add to the exceptions list? I still can't access it via name "\\backroom". What do ya think? |
|
AVonGaussPremium
join:2007-11-01
Boynton Beach, FL | I can't explain why the online help would have that reference, it doesn't make any sense to me and I doubt its accuracy. You might be able to get more information in the router forum here or the Linksys forums.
There should already be a setting for the Windows file sharing under the Exceptions tab entitled "File and Printer Sharing". For the naming, you would need to check WINS as I mentioned in my previous post or you could use a broadcast relay agent, but WINS is probably the simplest solution. |
|
mjamike
join:2009-08-25
Bridgewater, MA | reply to mjamike
Thanks... I made the attached screenshot to show my solution for getting file sharing to work through the windows firewall. |
|
AVonGaussPremium
join:2007-11-01
Boynton Beach, FL | Good catch on the scope. |
|
mjamike
join:2009-08-25
Bridgewater, MA | reply to mjamike
So two lingering problems...
1. I don't see this WINS setting. Step by step anyone?
2. Port Forwarding & DMZ still not working. I'm clueless.
- Mike |
|
