MannyL join:2002-10-22 Jackson, NJ |
to ScrawnyB
Re: [Northeast] VPN into my homeUnder the terms of the SamKnows agreement I am not allowed to replace the firmware. So that is not not an option.
Can I set the DMZ on the Actiontec to be 192.198.3.2? |
|
|
said by MannyL:Can I set the DMZ on the Actiontec to be 192.198.3.2? You need to set the DMZ address in the Actiontec to the Netgear's WAN address, which is the same as it's address on the Actiontec LAN (192.168.1.x). |
|
MannyL join:2002-10-22 Jackson, NJ |
MannyL
Member
2012-Oct-7 11:17 am
Ah ha! That's why the Netgear is repsojnding on 192.168.1.2 and 192.168.2.2 although I have the IP of the Netgear assigned to 192.168.2.2
So I should just be able to set the DMZ on the Actiontec to 192.168.1.2 and then setup fowarding from the Netgear to the 2008 system |
|
MannyL |
MannyL
Member
2012-Oct-8 1:03 am
I'm still having problems setting this up. If I try to "call" my VPN from my LAN using the internal IP it works. If I try to "call" my VPN from my LAN using the external IP it fails.
I don't know how to diagnose the problem and resolve it. |
|
|
McBane join:2008-08-22 Wylie, TX |
McBane
Member
2012-Oct-8 1:10 am
This is one of the shortcomings of double NAT'ing. You'll either need to stick the VPN server on the same subnet as the Netgear WAN behind the Actiontec or replace one of the devices with one that has VPN capability.
It might be possible to get this working by adding a static route on the actiontec if it supports it, but it would get messy and still may not work right for a VPN tunnel. |
|
MannyL join:2002-10-22 Jackson, NJ |
MannyL
Member
2012-Oct-8 1:13 am
The VPN Server has an IP of 192.168.3.4 and the Netgear Wan which is behind the actiontek has an IP of 192.168.1.2 and 192.168.3.2
This is the info from the Netgear unit
Internet Port MAC Address 30:46:9A:99:C9:9F IP Address 192.168.1.2 DHCP FixedIP IP Subnet Mask 255.255.255.0 Domain Name Server 192.168.1.1
LAN Port MAC Address 30:46:9A:99:C9:9E IP Address 192.168.3.2 DHCP Off IP Subnet Mask 255.255.255.0 |
|
McBane join:2008-08-22 Wylie, TX |
McBane
Member
2012-Oct-8 1:19 am
Here is a good read of what you are trying to do: » portforward.com/help/dou ··· ding.htm |
|
MannyL join:2002-10-22 Jackson, NJ |
MannyL
Member
2012-Oct-8 1:28 am
Thanks I'll look at that.
I wonder if as an option can I change the internal IP of the Actiontec to 192.168.3.1 then just reboot the STB's so they are in the right IP range. Then everything will be in the 192.168.3.X range |
|
McBane join:2008-08-22 Wylie, TX |
McBane
Member
2012-Oct-8 1:31 am
If you do that you would basically be eliminating the need for having the netgear because it sounds like you would be moving everything to the Actiontec LAN.
Is there a specific purpose for the Netgear on your network? If not ditch it along with the double NAT headache. If you would rather keep the netgear than the Actiontec get a MOCA bridge and hook it up to one of the Netgear ports for your STBs to get internet (Doing this breaks on screen caller ID and android/iPhone remote DVR which require the actiontec/westell routers to work right, though) |
|
MannyL join:2002-10-22 Jackson, NJ |
MannyL
Member
2012-Oct-8 1:34 am
I am using the netgear for better wireless support and my gigabit switch doesn't have enough ports. |
|
McBane join:2008-08-22 Wylie, TX |
McBane
Member
2012-Oct-8 1:37 am
I would do the MOCA bridge solution in that case then if the remote DVR and on screen caller ID are not that big a deal for you. If losing those would be a deal breaker for you then you've gotta get that double port forwarding to work as described in the article.
I use a Netgear wireless as well on the same setup because I dislike the actiontecs and their capability and the features I lose are not important to me. |
|
MannyL join:2002-10-22 Jackson, NJ |
MannyL
Member
2012-Oct-8 1:50 am
I'm at a point where I can't spend any more money. If I could I would just buy a larger switch.
The on screen caller ID is not something we use in the house but the remote DVR is very important to us.
I know there has to be a simpler solution that I'm overlooking.
The STB's are being given 192.168.1.100-1.105 If I could switch them to 192.168.3.10 to 192.168.3.15 and set the LAN port of the Actiontec to 192.168.3.1 then everything would be on the same subnet. |
|
|
to MannyL
said by MannyL:I wonder if as an option can I change the internal IP of the Actiontec to 192.168.3.1 then just reboot the STB's so they are in the right IP range. Then everything will be in the 192.168.3.X range Yes, you can change the Actiontec's LAN subnet to 192.168.3.x, but NOT if you're connected Actiontec LAN to Netgear WAN. The Actiontec and the Netgear MUST be on different subnets when using the LAN-to-WAN configuration. If you want both routers on the same subnet, you must use a LAN-to-LAN configuration and disable DHCP server on the Netgear. See this FAQ: » Verizon FiOS FAQ » Can I use my wireless or an extra router along with the Verizon provided router?That will disable the WAN side of the Netgear (including the SamKnows functionality). All of the various configurations are explained here: » Verizon FiOS FAQ » What are the tradeoffs between the various router configurationsIf you want to continuing using the SamKnows functionality, first choice is option #6 or #7, but those will break remote DVR. If you want to keep SamKnows functionality and remote DVR, your only option is #8. |
|