Setup: Home or small business broadband connection via a Cisco 678 DSL modem/router and Windows 2000 Pro SP2. Nortel Extranet Access Client (EAC) to establish VPN connection.
DHCP, DNS, and NAT are set up on the Cisco DSL modem/router. The router's DHCP server will connect to the ISP ip address and supply internal ip addresses to the LAN. The router will also use NAT to translate specified ports from internal to extrnal and vice-versa. The VPN client requires certain ports and/or protocols to be available (hence they need to be in the NAT setup).
An example:
set nat entry add 192.168.0.x 0 xxx.xxx.xxx.xxx 0 50
set nat entry add 192.168.0.x 500 xxx.xxx.xxx.xxx 500 udp
set nat entry add 192.168.0.x 1701 xxx.xxx.xxx.xxx 1701 udp
set nat entry add 192.168.0.x 1723 xxx.xxx.xxx.xxx 1723 tcp
(Specific ports and/or protocols need to be set up here for VPN.)
The "192.168.0.x" is the internal IP address that the router's DHCP server assigned the system that the VPN client resides on (use "ipconfig /all" from a command prompt to find out what it is). "xxx.xxx.xxx.xxx" is the external IP address assigned by the ISP (this may be static or dynamic, do a "show nat" in the Cisco router to find out what it is).
Assume (LAN) DHCP and (external) ISP IP addresses are dynamic. NAT is NOT dynamic. If you can't connect via VPN, do an "ipconfig /all" and make sure it matches your NAT table.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.