Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN on wireless lan? 2

Status
Not open for further replies.

hbwr

Technical User
Jan 8, 2000
20
US
Anyone using VPN to secure wireless LAN links? Work ok?

Rik

Rik Rasmussen
hrasmussen@nc.rr.com
Communications Maintenance Adminstrator

City of Durham, NC
 
i would actually like to know this too cause i would like to get a VPN going on our current Wireless Lan Links....
 
I have a VPN over a wireless linksys router hooked to a cable modem and it runs smoothly.
 
I have successfully setup wireless remote access to our
company VPN without difficulty.

We are using a Nortel Contivity 2600 VPN switch (although
this should not make a difference.)

We outfitted a laptop with a wireless modem & ISP.

1) Establish wireless connection to internet.
2) Launch VPN client
3) You're in!

All the Nortel VPN client and Contivity switch care
about is an internet connection. It does not matter
if it is wireless.


 
I've also setup vpn over wireless using a linksys router but performance isn't good. How are you addressing this?

Please advise.

Thank you.
 

Just purchased wireless D-Link 614+ router / 650+ cardbus.

Using Contivity 4.15 VPN client on a 2000 laptop.

Would not work.

D-Link says "fix in the works."

Any ideas on firewalls setups / special apps setups ?

Tried port 500 TCP/UDP method with negative results.
 
I have this on SMC wireless access points connecting throughout our own company. We have all these access points only in our DMZ. The only way to connect to the LAN is using our router-based VPN. It has been very good for us and we are recommending this to our clients as a good way to secure the wireless access points.

Alex
 
I have a problem using VPN to connect to my works server.
My set up is as follows...
Main machine runs XP and has a USB cable modem connection, shared between 3 other machines. I have a wireless USB network connecting the three PCs (so no router is involved).
I can run the VPN client software on the XP machine no problem, but if I try to run the VPN client on my laptop (98 SE) , it will not connect, returning the message 'cannot find host' or something close to that. Also, if I do run the VPN on the XP machine, I cannot access the internet from any of the other PCs.

Ideally I would like to be able to use my laptop to access the VPN and still allow the other PCs to access the internet, but I would settle for using the XP PC to connect to the VPN whilst still allowing the other PCs to access the internet.

Could anyone help with suggestions as to how I can make this happen please?
 
svlloyd: I'm guessing that you are using internet connection sharing on the XP box. This is very unreliable. I would suggest using a NAT capable router such as a Linksys 4-port wireless access point (BEFW11S4). It has 4 ethernet ports and can host 256 wireless connections. I have no problems getting a wireless VPN session while others have internet connections.
 
Guitech: Good guess, I am using internet connection sharing. I'll give your suggestion a try and let you know the outcome.

Thanks.
 
I just got my response from D-link. I guess I am out of luck since I use Nortel Contivity. I hope this ends a lot of frustration everyone else is encountering. Perhaps I wll go out and buy another brand other than D-link. This is what they said:

Nortel Extranet works with all our routers. All you need to do is open port 500
in the virtual server section of your router, or, for multiple connections, open
port 500 as a trigger port and incoming port within the special applications
section of your router.

Nortel Contivity most likely will NOT work with the DI-604 or DI-614+ router.
Disable the KEEP ALIVE option in the software for best results.
 
Yes, I have it running at 12 locations and works fine.
 
Guitech: Bought a router (Linksys wireless access), connected it up, played with the settings a little and Voila, I now have my internal network connected, the VPN connects, all the PCs can use the internet, in short it is all as I wanted it. Thanks again for the tip.
 
svlloyd:

I've just got myself a linksys wireless router (befw11s4) and no matter what settings I try I can't get it to work with my company Nortel Contivity VPN client.

I get to the 'Checking for banner text' message... then the connection is dropped.

It'd be great if you could post what settings you 'played with a little' to get your VPN to work.

Thanks.

 
I have similar problems with a linksys BEFW11S4 and CISCO VPN client. If I use the wired ports then no problem but over the wireless the connection always fails. I've tried disableing IPSEC tunnel on the router as per some other suggestions but no luck. I'm using firmware version 1.44.2z, Dec 13 2002.

Any ideas?
 
I know this might sound strange, but try disabling keepalives. It might give some other results, but I think it solved our Banner Text errors. We have always had Banner Text messages turned off, but we still go the error. I can't recall the fix, but I believe it had something to do with Keepalives. I have only disabled them on the Contivity, but they work the same on the client. I'm guessing the both the contivity and the client are trying to manage the connection state and get locked on Banner text. See what happens.

GuiTech
 
GuiTech:

I've tried that... didn't work... any other ideas?
 
Rik,

VPN wireless connections from a client PC, in theory, work just fine. I use a Win2K client with D-Link wireless card to D-Link router to a cable internet connection. Using Nortel Extranet Access Client the connection to my office works great. Reason for the "in theory" comment -- another VPN connection without Extranet will not work at all with the router involved. However, if I remove the wireless card from the PC, insert the Ethernet card and connect the PC directly to the cable modem, that VPN connection then works fine, too.

Hope everything works out well for you.
 
Set up your wireless LAN per the manufacturer's instructions.

On each Win2K Professional client machine that belongs to the wireless LAN, go to Start, Settings, Network and Dial-up Connections. Right-click your wireless adapter and select Properties. Clear the Client for Microsoft Networks and File and Printer Sharing for Microsoft Networks check boxes. Make sure Internet Protocol (TCP/IP) remains selected, as Figure 1 shows. Click OK.

On the Win2K Server machine, select Start, Settings, Network and Dial-up Connections, Make New Connection to start the Network Connection Wizard. Click Next, then select the Accept incoming connections check box. On the wizard's next screen, make sure that All connection devices remains cleared. On the following screen—the Incoming Virtual Private Connection page—click Allow Virtual Private Connection, then click Next. Choose the users to which you want to permit access to the virtual connection (don't select Guest). On the next screen, ensure that all networking components are selected. On the final page, which lists the name of the resulting connection, click Finish.

On each client, select Start, Settings, Network and Dial-up Connections, Make New Connection to start the Network Connection Wizard. After clicking Next, select Connect to a private network through the Internet. On the next screen, click Do not dial the initial connection. On the following screen, enter the server's DNS name or IP address, then click Next. You can create the connection for all users or for only the logged-on user. Finally, you can edit the name of the connection. Click Finish.

A Connect Virtual Private Connection dialog box appears on the client. To complete the connection, the user must type a username and password. The client now sees the server as if the two were connected directly on the LAN
 
I recently purchase a DLink 614+ router. Connecting to the Internet is no problem and works great over the Wireless connection. However, I have been unsuccessful in connecting to my company's network through VPN. I have Nortel's Extranet Access Client V02_62.33 and Windows 2000. I have followed the FAQ's on the DLink website for both Contivity and Extranet clients. I am able to successfully connect through VPN using the Extranet configuration. However, when it auto logs off and I try to log back in, the login script hangs for windows 2000. Any ideas?
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top