Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

HELP setting up a vpn and linksys BEFVP41router

Status
Not open for further replies.
jeck

jeck

Technical User
Jun 26, 2003
14
US
I am trying to set up a vpn in a small office (wkstations-windows2000pro, LAN) to connect to another small office (wkstations--same, linksys BEFVP41 router, LAN).

Is there any step by step instructions out there?
Any help would be greatly appreciated! :)

Thanks
 
Sort by date Sort by votes
Upvote 0 Downvote
Thank you for your post, I have went to linksys site and followed that doc, but still no luck. I am very "green" in this area! Ok, in the steps of the linksys doc. they have at the beginning an IP address example for the Windows 2000 environment, what do you use if you do not have a static IP at that end? Also if you do set this up router to router, can you do it with only one router that is a vpn router and the other is not? These questions may be not be stated as well as they should, if you need clarification please email me!! Thanks for any more info that you have time to give!!

Thanks
Jeck
 
Upvote 0 Downvote
For a router to router, if they are both Linksys, they need to both be VPN routers.
You need to change your IP on the Windows box to static. Unless you are not behind a router? IS this maybe a home machine connected to DSL or Cable? If that is the case, do an IPCONFIG from the command line, and use whatever the IP is. But when your IP changes, you will have to change you rule also. Once you have followed all the steps, before you try and connect, run GPUPDATE for XP and SECEDIT /REFRESHPOLICY MACHINE_POLICY for 2k.

Don't worry about having trouble. The windows to router IPSec policy is very tricky!

Good Luck!


Thanks,

Matt Wray
MCSE, MCSA, MCP, CCNA

 
Upvote 0 Downvote
Thanks for the quick reply :)
This is a small office trying to connect to another small office. We do have a befvp41 linksys vpn router at the host, and befsr41 linksys router at the client. So, what I gather Is I need to have a vpn router at the client and a static IP also?! Would this make it easier?
 
Upvote 0 Downvote
That is one way. If you set the machine you are trying to get up with IPSec in the DMZ, it should work. I have done this exact steps with a client I have to take care of them remotely. But, it would be far easier with a router. You only need one static address, though, with the router solution. There is instructions on the Linksys KB, or you could post back....

Thanks,

Matt Wray
MCSE, MCSA, MCP, CCNA

 
Upvote 0 Downvote
Just to make sure I am understanding you...I can not configure the vpn with a client router(befsr41 linksys) to a host (befvp41 linksys)?! Both routers need to be befvp41 linksys? Also I just have to have a static IP at the host, right?!
Thank you for all your help!!
Jessica
 
Upvote 0 Downvote
If both routers are Linksys, they must both be BEFVP41's BEFSX41's or a combo of either/or. The BEFSR41 does not support making a VPN connection to it.[sad]
And you only have to have a static address on one side. It does not matter which, but you will have to initiate the connection from the dynamic side, or the static side won't know who to connect to....

Thanks,

Matt Wray
MCSE, MCSA, MCP, CCNA

 
Upvote 0 Downvote
Got the befvp41 in and will be working on the vpn this week. Will let you know how it turns out.
 
Upvote 0 Downvote
Is there any step-by-step instructions on how to set up the router to router vpn?

Thanks
Jeck
 
Upvote 0 Downvote
:)
I am getting confused on the Local Secure Group,Remote Secure Group, and Remote Security Gateway. I have set the L.S.G at the client and the R.S.G. at the host to be the same. Does the remote security gateway at the client end need to be the static IP of the host?

Thank for any help
Jeck
 
Upvote 0 Downvote
Really it is very easy.
You need to set up a tunnel first and enable it.
For your local secure group choose subnet, this is the LAN for the router you are configuring. For the remote do the same, but enter the IPs for the other LAN. Remember to end both subnets with a 0, 192.168.1.0 for example.
The remote security gateway for the static router will be Any and for the Dynamic router will be the static IP of the Static router.
The following steps will be the same for both routers.
For encryption, use 3DES and for authentication use SHA, as those are the most secure.
Key Mgmt, Auto. Check pre-shared key and enter a key name.
Once you have configured and saved all the info on both routers, from the Dynamic router, click Connect. You should connect. If not, click view log and post the output here, and we'll help...
Oh, and of course you must already be connected to the Internet.[smile]

Thanks,

Matt Wray
MCSE, MCSA, MCP, CCNA

 
Upvote 0 Downvote
:) I have connection!!
Now, how to I browse the files at the other end?
 
Upvote 0 Downvote
That depends on your DNS. Do you have a DNS server at either location? If not, you should be able to connect to files by IP address. If you have DNS, you need to point the other site to it...

Thanks,

Matt Wray
MCSE, MCSA, MCP, CCNA

 
Upvote 0 Downvote
I do not have a dns server at either location, so.. where do I go to enter the IP address? Do I need to do anything else to enable me to browse the LAN? I am sorry if these questions are not clear, if they are not let me know. Thanks again for everything! :)

Jeck
 
Upvote 0 Downvote
If you don't have a whole lot of clients, you can add the IP to Host mapping in your Host file. C:\%systemroot%\system32\drivers\etc You can edit it with Notepad. That should enable you to browse thru Net Places.
Or you can map drives and browse like that. From a command prompt, NET USE <drive letter>: \\<IP>\sharename
example NET USE Z: \\192.168.1.1\Public /PERSISTENT:YES
That will map your Z drive to a share named Public on the machine with that IP and will reconnect at logon. Keep in mind, you must have the appropriate permissions.

Thanks,

Matt Wray
MCSE, MCSA, MCP, CCNA

 
Upvote 0 Downvote
ok, I went to the host file and added the IP address of the Computer on the LAN that I want to access. I do not find it in Net Places. What else should I do?

Thanks
Jeck
 
Upvote 0 Downvote
Are you able to ping it by name and IP address? Is it just one particular machine you need access to? Do you need access to it all the time?
If you only need it right now, Start-> Run-> \\<IPaddress>\Sharename. If you need it all the time, follow the instructions above for mapping a drive.

Thanks,

Matt Wray
MCSE, MCSA, MCP, CCNA

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Locked
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
687
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Locked
  • Question
Best vpn safe and fast
Replies
4
Views
515
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
474
sircles
sircles
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
422
Joon Smith
Joon Smith
LearningNetworking
  • Locked
  • Question
Linking Hosts on the same subnet via VPN
Replies
0
Views
475
LearningNetworking
LearningNetworking

Part and Inventory Search

Sponsor

Back
Top