[NBLUG/talk] vpn via linksys befvp41 router

Dave Sisley dsisley at sonic.net
Thu Mar 3 09:46:30 PST 2005


[Apparantly, I replied directly to Tim, but my response never reached
the mailing list... My apologies if this ends up as a double-post!]


On Wed, Mar 02, 2005 at 02:27:18PM -0800, Tim Preston wrote:
> Dave,
> 
> It sounds like you are getting to their router. Can you ping any of 
> their resources; other workstations, servers, etc.?

Not from home, no.  I *can* do all sorts of things from my work
machine with other company machines within the vpn.  Meaning I can log
into a machine in Petaluma from my work machine in Sebastopol.  

> 
> Your config: So, you set up an IP tunnel from their router to your valid 
> IP on you router and vice-versa. Yes? 

No.  *That* is the problem.  I cannot figure out how to configure the
router I have here at home.  I've managed to get the router to respond
to pings, but it will not show me the admin screen in my browser.  If
I could see it with a browser, I would be able to tell it to use the
appropriate tunnel. I could also tell it where the other nodes of the
vpn are (meaning the real-world IP addresses at which all the other vpn
routers are connected).

In that tunnel config you allowed 
> your range 192.168.30.x as the remote network. Yes?

Yes, I think so.  As I said, I am able to configure the settings on
the various company routers and can set up a tunnel to my home IP
address. I just can't configure the router I have here.

> 
> If so, you would be able to ping and or see resources from their 
> network. However, you will still not neccessarily be able to administer 
> the router from this tunnel as it is still from the external port. Even 
> though it seems like you are inside the network via tunnel. I haven't 
> tested this concept so I may be a bit off base. But, this is my 
> understanding.
> 

I'm not sure I understand what you mean when you refer to the external
port.  You mean the physical connection to the router?  Or are we
talking Unix ports?  Could that be it? In order to administer one of
the company routers on the network, my browser has to be pointed at an
IP address *and* a port number.  Like this (made up number, of
course):

12.345.67.89:1234

The routers at work are set so that you *can* administer them from
outside.

I didn't see any mention of requiring a port number when you configure
the router for the first time. You are just supposed to point a
browser at 192.168.1.1 and then tell it how to connect to other
routers and assign it a new network address, etc.

> So, how is the connection to other resources?

>From work (inside the vpn) it's great!  From home, I get nothing!

Thanks for the help, Tim.  ...I'm still googling!

-dave.

-- 
Dave Sisley
dsisley at sonic.net
roth-sisley.net



More information about the talk mailing list