Connecting 2 VPN hardware boxes without internet connection

[animeka]

I am trying to setup two DLINK DFL-200 router/vpn boxes and I want to test everything without having an actual internet connection... (Basically, simulating 2 sites, at home).

I configured the two routers like this:

BOX-A
LAN: 10.0.1.1
WAN: 192.168.1.100

BOX-B
LAN: 10.0.2.1
WAN: 192.168.1.200

I tried connecting the WAN ports on a 24 port switch, no luck. I tried with a crossover cable, no luck.

I'm trying to ping one router from the other one's interface and I get no response... I tried setting up a VPN and the connection is not made.

What am I missing?

Thanks!

Marc

 

[g8orade]

Post a copy of your config.
G8orade

 

[animeka]

what more do you need? i posted the lan/wan IPs, all masks are 24 bits, no gateway/dns on the wan side.

Thanks,

Marc

 

[g8orade]

How do I configure my DFL-200/DFL-700/DFL-1100 to connect to another DFL-200/DFL-700/DFL-1100 using an IPSec VPN tunnel?

DFL-200/DFL-700/DFL-1100 A Configuration

Step 1 Open a web browser and type the IP address of the firewall in the address bar (default is 192.168.1.1). Press Enter.

Step 2 The default username is admin (all lower case) and there is no default password. Click OK

Step 3 Click on the Firewall tab and then click VPN to the left.



Step 4 Click Add new.



Step 5 Enter the below details for the tunnel (change IP addresses where needed):


Name - DFL-200-A, DFL-700-B or DFL-1100-B
Local Net - 192.168.1.0/24
Authentication - PSK
Pre-shared key - dlinktest
LAN-to-LAN tunnel
Remote Net - 192.168.2.0/24
Remote Gateway - 195.74.119.181


Step 6 Click Apply to save the settings.

Step 7 Click Edit to the right of the newly created profile.



Step 8 Click Advanced and configure the following:




IKE Mode - Main mode IKE
IKE DH Group - 2 - modp 1024-bit
PFS - Enable Perfect Forward Secrecy
NAT Transversal - On if supported and needed (NAT detected between gateways)


Step 9 Click Apply to save the settings.

Step 10 Click Activate on the bottom left hand corner of the screen.



Step 11 Click on Activate Changes to apply the settings.


DFL-200/DFL-700/DFL-1100 B Configuration


Step 1 Open a web browser and type the IP address of the firewall in the address bar (default is 192.168.1.1). Press Enter.

Step 2 The default username is admin (all lower case) and there is no default password. Click OK

Step 3 Click on the Firewall tab and then click VPN to the left.



Step 4 Click Add new.



Step 5 Enter the below details for the tunnel (change IP addresses where needed):


Name - DFL-200-A, DFL-700-A or DFL-1100-A
Local Net - 192.168.2.0/24
Authentication - PSK
Pre-shared key - dlinktest
LAN-to-LAN tunnel
Remote Net - 192.168.1.0/24
Remote Gateway - 195.74.119.180


Step 6 Click Apply to save the settings.



Step 7 Click Edit to the right of the newly created profile.



Step 8 Click Advanced and configure the following:


IKE Mode - Main mode IKE
IKE DH Group - 2 - modp 1024-bit
PFS - Enable Perfect Forward Secrecy
NAT Transversal - On if supported and needed (NAT detected between gateways)


Step 9 Click Apply to save the settings.

Step 10 Click Activate on the bottom left hand corner of the screen.



Step 11 Click on Activate Changes to apply the settings.


Testing the Connection

From the DFL-200-A, DFL-700-A or DFL-1100-A side you can initiate a ping to a machine on the LAN side of the DFL-200-B, DFL-700-B or DFL-1100-B (i.e. 192.168.2.10). The tunnel should then be generated and you should get a response.


G8orade

 

[animeka]

Thanks for your reply, but this is not what I was asking... I have read the manual (from which you quoted this).

I was trying to figure out how to configure the two routers/vpn boxes so that they can work without having an internet connection to simulate two sites in my office...

I got it working this afternoon.

Thanks,

Marc