|
Posted by Freewheeling on January 16, 2007, 2:55 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Hi:
I'm attempting to set up a VPN connection between a work network and my
home network (or client computer on my home network). (Eventually hope
to expand this for use of about 6 or 7 clients.) On the work side
there's a Netgear FVS318 router. On the home side a computer is running
Netgear's client software under Windows XP-Pro, which ought to make
things easy, but doesn't seem to. There's also a Belkin wireless router
on the home site, with VPN pass-through.
It's not clear to me what I need to put in the IPSec Identifier sections
of the Netgear router at work. I gather that the remote identifier (in
the Netgear router at work) needs to be the LAN address of the computer
that's running the Netgear Client software, but what is the local
identifier at work? Why is it that when I use the "wizard" to set up
the network on the router it leaves the local IPSec identifier as
0.0.0.0? Am I supposed to change that to the address assigned to the
router (typically, something like 192.168.0.1) or should it be set to
the WAN address, or just left 0.0.0.0? Also, does it make a difference
whether I set this up from the office or home network? I'm kind of
inferring that since the software at home is called a "client" that the
communication parameters will be established by the Netgear router, but
I'm a little puzzled about that. Does the distinction between client
and (server?) really matter in this case?
I should add that I'd also like to set up a connection with my MacBook
at home, but does that need to be a completely separate connection in
the work router, since it will have a different identifier? If I want
to set things up so I can connect using my MacBook from any location am
I supposed to use the MAC address as the remote identifier? If not, how
do you set up such a "wandering" VPN connection?
This stuff just seems far more inscrutable than it has to be. If the
"identifier" has to be a dot4 address, why don't they just say that? If
it can be a MAC address why don't they tell me? If it's really supposed
to be unique (not mentioned anywhere else in the VPN definition) can it
just be any random name?
In general I think that whatever the local and remote identifiers are at
the initiation (server?) site those have to be reversed for the client
at my home site (or my wandering MacBook). Is that right?
|
| Similar Threads | Posted | | Big Questions | October 8, 2007, 12:42 am |
| Beginner Questions | June 28, 2005, 3:26 pm |
| VPN Setup and accessed, but a couple of questions.... | March 16, 2005, 5:56 pm |
| IKE and IPSEC | October 10, 2007, 8:54 am |
| Need help routing IPX over IPsec | February 10, 2005, 11:35 pm |
| GRE traffic over PIX IPSEC VPN | June 6, 2005, 5:55 pm |
| trouble connecting XP over IPSec VPN | March 4, 2005, 5:37 pm |
| IPSec over L2TP - Snapgear + NAT | December 2, 2005, 3:07 am |
| Bintec VPN 25 - Zyxel VPN IPSec | December 2, 2005, 4:30 am |
| IPSEC VPN using Belgian EID Card ? | March 21, 2006, 9:06 am |
|
|
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map