Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN connection through two firewalls

Status
Not open for further replies.
hren

hren

Technical User
Oct 2, 2004
2
CA
Initially we had Netgear FVS318 firewall installed in our office, and remote users were able to VPN connect to office' LAN without any problem. Everything was ok just until we added additional firewall (Webamp 700s), which is now between Netgear and office' LAN. Thus, we have one subnet (10.0.0.0) after 1st firewall (Negear), then goes second firewall (WebRamp) and its subnet (192.168.0.0).

I spent days trying to re-establish VPN connection to internal network (192.168.0.0), but no progress so far. As a Client I used Netgear ProSafe VPN Client (10.1.1)

Netgear FVS318 settings:
WAN IP: xxx.xxx.xxx.xxx (public address)
LAN IP: 10.0.0.1 (255.255.255.0)

WebRamp 700s settings:
WAN IP: 10.0.0.2 (255.255.255.0)
Gateway: 10.0.0.1
LAN IP: 192.168.0.1 (255.255.255.0)

LAN address: 192.168.0.0
Gateway: 192.168.0.1

I need to be able to VPN connect from remote location to internal subnet (passing both firewalls).

Any suggestion greatly appreciated.
 
Sort by date Sort by votes
What you need to check first is if the netramp performs NAT, and if so, turn it off. If you can turn it off, all that needs to be checked is if all static routes have been defined properly to allow the lan behind the netramp to find the internet and vice-versa.
 
Upvote 0 Downvote
Thanks pmf71, I’ve actually intentionally enabled NAT on 2nd firewall (WebRamp), but no problem, I will disable it on Monday. However, the problem is how to configure both firewalls to get encrypted traffic (vpn) up to 2nd firewall. The goal is to establish vpn from remote location up to company’s lan, so that I could map to company’s shares.

I tried to implement the following (with no success so far):
1) create vpn connection from remote to 1st firewall (Netgear) …. done with Netgear VPN Client
2) then establish vpn tunnel between Netgear and WebRamp … not yet achieved, and actually not sure if Netgear can be set up as a client, which will initiate connetion …
3) then I guess I need some static routes on Netgear to route vpn traffic to WebRamp ...

I’m still confused with all these. Any further clarification still welcome ...
 
Upvote 0 Downvote
What you are trying is very complex and unnecessary.

Why try to initiate a second vpn link? If your netgear acts as vpn server, then your traffic is already safe, unless you consider the area between the netgear and webramp as unsafe. In that case it is better to configure a vpn server within the companies network, and make appropriate port mappings for the vpn protocol (pptp is port TCP port 1723) and appropriate filtering rules on the webramp, And if any, appropriate routes on the vpn server.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Locked
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
702
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Locked
  • Question
Best vpn safe and fast
Replies
4
Views
520
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
482
sircles
sircles
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
435
Joon Smith
Joon Smith
LearningNetworking
  • Locked
  • Question
Linking Hosts on the same subnet via VPN
Replies
0
Views
486
LearningNetworking
LearningNetworking

Part and Inventory Search

Sponsor

Back
Top