noobvpn
@sbcglobal.net | Trying to set up vpn between netopia 3346n and linksys
I am looking at setting up vpn between netopia 3346n and linksys. Anyone have a guide on how to set up netopia 3346n vpn settings?
Thank you for any help. |
|
noobvpn
@sbcglobal.net
| Please tell me if this looks correct
default gateway on netopia network is 192.168.1.1 and sub is 255.255.255.0. In the first picture i entered my wan ip(static ip). My linksys has vpn capability...do i just need to copy this information to linksys and it should work??? |
|
jimbopalmer
Tsar of all the Rushers
join:2008-06-02
Greenwood, MS
 ·Windjammer Cable
1 edit | reply to noobvpn
I am using several Linksys RV042 and Netopia 3347NWG routers in a IPSec hub and spoke VPN. First is one of the spokes configured to the hub. (by using 255.255.0.0 I can see the other spokes, otherwise 255.255.255.0 is 'right') Second is the Hub details, subnet 192.168.1.0, but I am using a 'bigger' subnet so the spokes can all see each other.
I am using a DH group of 1 other than that it is similar.
--
I tried to remain child-like, all I achieved was childish. |
|
vpnnoob
@sbcglobal.net | Thank you for posting that...my vpn screen looks to be the same. If my configuration do not work..will give yours a try |
|
vpnnoob
@dslextreme.com
| reply to jimbopalmer
Jim again thank you for posting the graphs but it would been nice if i know what i was doing 
my linksys vpn page totally confused the hell out of me
maybe you or someone else here can tell me which fields i need to change
my current linksys has gateway same as netopia 192.168.1.1 is that a problem? If so to what should i change it?
Thank you for all your help and to anyone else that helps me. |
|
jimbopalmer
Tsar of all the Rushers
join:2008-06-02
Greenwood, MS
·Windjammer Cable
| reply to noobvpn
Local Secure Group is the subnet (check to see that you can change it to Subnet) at the Linksys site.
Remote Secure Group is the subnet (check to see that you can change it to Subnet) at the remote site. The two subnets MUST be different so far as I know.
If the Linksys subnet is 192.168.3.0, then the Netopia subnet can be anything but 192.168.3.0. If they are both 192.168.1.1 now change the Linksys to 192.168.3.1 as your configuration already shows. (Either one, really, I do not know details)
Remote Security Gateway is the WAN address of the other router. It needs to be the IP address as the Netopia can't do Fully Qualified Domain Names (FQDN)*
It worries me that I can't see which DH group the BEFSX41 uses. (it is in the Advanced tab, according to the manual)
»downloads.linksysbycisco.com/dow···EB,0.pdf (page 9)
*Couple ways to help your track the Dynamic IP Address:
1) Have someone's PC at the site have www.whatismyip.com as their home page. Then you can call them, and they do not need to know anything, it comes right up everytime.
2) DynDNS.com will allow free FQDNs for you. You add a program to one PC on the Netopia end and it keeps them informed about the IP address of that site. The Linksys router allows DDNS to be in the router, (page 6 of that PDF) no need for a PC client. (also good for laptops, if stolen, you can see it sign on from anywhere. If you need more than a couple FQDN, they are about $15 a year for 30.)
3) VNC would allow you to sign on to a remote PC, then configure the router as if you were there. I use UltraVNC.
--
I tried to remain child-like, all I achieved was childish. |
|
vpnoob
@dslextreme.com | Thank you for reply, both place have static ip, so that is not a problem. Will give a try what you posted. Thank you. |
|
vpnnoob
@dslextreme.com | reply to noobvpn
I just noticed that this board has virtual private network forum, can a moderator please move it there. Thank you. |
|
vpnnoob
@dslextreme.com
| reply to noobvpn
Jim i changed my subject and router ip address on my linksys forum as you suggested...still don't work but probably i am still doing something wrong 
Here are the latest setting..did i misunderstand something and put something in wrong place? |
|
jimbopalmer
Tsar of all the Rushers
join:2008-06-02
Greenwood, MS
·Windjammer Cable
| Starting with the Linksys config
(all the passthroughs can be disabled, but are not hurting)
Local Secure Group should be a Subnet, (not IP Addr.) I would guess something like 192.168.3.0 (The local IP address of the Linksys router, with a 0) You seem to have a subnet mask typed in here, not an IP Address.
Remote Secure Group should be a Subnet, (not IP Addr.) I would guess something like 192.168.1.0 (The local IP address of the Netopia router, with a 0) You seem to have a subnet mask typed in here, not an IP Address.
In the Advanced config, turn on stay alive.
Hope this helps
--
I tried to remain child-like, all I achieved was childish. |
|
jimbopalmer
Tsar of all the Rushers
join:2008-06-02
Greenwood, MS | reply to noobvpn
It may help if you post an IPCONFIG from a PC in each location.
--
I tried to remain child-like, all I achieved was childish. |
|
vpnnoob
@dslextreme.com | I might be doing seomthing very stupid, on the first page of my netopia router(picture in my second post), whos ip do i enter? What it be linksys static ip or my netopia ip? |
|
jimbopalmer
Tsar of all the Rushers
join:2008-06-02
Greenwood, MS
·Windjammer Cable
| said by vpnnoob :
I might be doing seomthing very stupid, on the first page of my netopia router(picture in my second post), whos ip do i enter? What it be linksys static ip or my netopia ip?
The Netopia knows it's IP, it needs the WAN address of the linksys.
--
I tried to remain child-like, all I achieved was childish. |
|
vpnnoob
@sbcglobal.net
| said by jimbopalmer  :said by vpnnoob :
I might be doing seomthing very stupid, on the first page of my netopia router(picture in my second post), whos ip do i enter? What it be linksys static ip or my netopia ip?
The Netopia knows it's IP, it needs the WAN address of the linksys. this is what i call noob mistake. I entered its own wan ip the first time, no wonder it would not work
Will change it and will try again at night when i am home. |
|
vpnnoob
@sbcglobal.net | reply to jimbopalmer
another question:in netopia (first screen) do i enter peer internal ntwork the ip is for netopia local ip or again for linksys? I am thinking i been maki very stupid mistakes.
TIA for all your help |
|
jimbopalmer
Tsar of all the Rushers
join:2008-06-02
Greenwood, MS
·Windjammer Cable
| said by vpnnoob :
another question:in netopia (first screen) do i enter peer internal ntwork the ip is for netopia local ip or again for linksys? I am thinking i been maki very stupid mistakes. The Peer's internal network is the network on the Linksys. (if the Linksys is 192.168.2.1 then the network is 192.168.2.0)
I had the good luck to do my first VPN on two Netopias, my second VPN has Netopia 3347, Linksys RV042 and Linksys WRV210 routers. I suspect my third VPN will feature a Sonicwall TZ 170 and a WRV210. Each vendor has their own quirks, and I have yet to see two Linksys router models that were similar. (my RV042 screen captures are different than your BEFSX41 screens, both differ from the WRV210 screens)
I prefer the RV042 to the Netopia, which only allows me 1 tunnel, has no DDNS client, cannot use FQDNs, and has no way to restart a VPN tunnel except reboot the router. The RV042 is not wireless, but can have 50 tunnels, can do FQDNs as end points, has an internal DDNS client and a connect button. The WRV210 is unstable, has 5 tunnels, and I have not made FQDNs to work yet. Neither Linksys is a DSL modem like the Netopia.
--
I tried to remain child-like, all I achieved was childish. |
|
jimbopalmer
Tsar of all the Rushers
join:2008-06-02
Greenwood, MS
·Windjammer Cable
| reply to noobvpn
Here is a write up on my second VPN
»episteme.arstechnica.com/eve/for···09655931
--
I tried to remain child-like, all I achieved was childish. |
|
