vpn endpoint inside firewall

vpn endpoint inside firewall
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?
 comp.dcom.vpn  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
vpn endpoint inside firewall Jaz 11-02-2006
Posted by Jaz on November 2, 2006, 2:47 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

Hi all,

When placing a VPN router/server inside a firewalled network, I assume
it will be fine to just attach one LAN-side port to the local LAN, and
not have a connection to the vpn router's WAN port. Yes?

My firewall router is a Linksys WRT54G v3.0 running HyperWRT v15c. I'm
using this setup because I need lots of ports forwarded (more than
what's available with the standard firmware), and I need to be able to
forward GRE using iptables. And I'd like to keep the firewall separate
from the vpn endpoint.

For the vpn endpoint I'll be using a Netscreen, Netgear, D-Link, or
Linksys. The client will be an XP laptop running a clinet that's IPsec
-- either the vpn device's proprietary client or TheGreenBow, etc.

Alternately, I could move the WRT54G to the inside and use it as just
a wireless access point, but I'd need to port-forward 30+ ports.
(usually soho routers only allow 10 or so.)

I've had trouble setting up various software VPN servers:

A) XP host inside private network listening for VPN conections:
-- I forwarded nececary ports, plus used IP tables to be sure the
GRE is forwarded.
-- Got 721 error. Tried & tried & tried. No joy.

B) OpenVPN running on same XP box:
-- Bridged network and Tapi interfaces.
-- On laptop, worked okay, but soon stopped.
-- Note, when switching from Ethernet to Wireless must delete
bridege, recreate & rename bridge on new interface. PITA.

So, what's the popular physical arrangement for a soho VPN box inside
the firewalled home LAN?

Thanks in advance.

Similar ThreadsPosted
Is PPTP from inside NAT possible? February 21, 2005, 1:03 am
Wireless AP with VPN endpoint October 6, 2005, 2:28 pm
Best choice of a Firewall with VPN? April 1, 2006, 6:49 am
SoftRemote VPN Client with Checkpoint Firewall February 16, 2005, 6:05 am
Zywall 70 Firewall problems with the new Firmware March 25, 2005, 2:36 am
Netscreen 5GT vs. Symantec Enterprise Firewall 7.04 July 21, 2005, 7:25 pm
Netgear ProSafe VPN Firewall FVS318 July 26, 2006, 7:06 pm
A question about Checkpoint firewall and Telnet over VPN November 5, 2006, 4:45 pm
Netgear ProSafe FVS318 VPN Firewall September 27, 2007, 5:23 pm
Cisco Router and Watchguard VPN and Firewall November 26, 2007, 4:46 pm

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map