Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN suggestions? 1

Status
Not open for further replies.
davidmulcair

davidmulcair

Programmer
Jun 26, 2001
35
0
0
CA
Hi there,

Our company is looking into setting up a VPN to connect branch offices. I've been looking into several products, and wanted to know what everyone thought was a superior (mainstream) hardware or software product. The branch offices are very small (<10 systems).

Thanks.

David
 
Sort by date Sort by votes
Seems like the tunnels are getting stopped at the GNAT box... I enabled remote management, and i can get to THAT throught the GNAT, but the tunnel just shows

02:54:40
02:54:40 IKE[1] Tx >> MM_I1 : <my IP address> SA

(i replaced my ip with <my ip address>)

and doesnt continue connecting from there.. Now im quite lost.

Any idea anyone?
 
Upvote 0 Downvote
And finally,

Would it be feasible (smart, secure) to use the linksys as a firewall replacement to the gnat? This seems like the simplest way. That said, when testing this kind of set up, the domain server still didnt seem to carry through.
 
Upvote 0 Downvote
For the &quot;No Domain Servers...&quot; at the remote site - assuming the domain server is on the local network, you'll get this when the tunnel isn't up, for sure. When the tunnel is up, and you still get the message, try setting the primary and secondary WINS server on the client machine. You will need a route from the remote->local as well as the local->remote - either provided by the LinkSys (remotely) and locally, half by the GNAT and half by the other Linksys, or on the client machines.

No response through the GNAT could be a routing problem (or a block) - do you see the ESP packet come out the other side of the GNAT?

I can't answer whether you should use the LinkSys instead (refer to lack of experience with GNAT). There's some feeling that this router is low end (you get what you pay for) so I like having it behind another wall. The only problems we've had with ours was when our ISP reassigned our &quot;fixed ip&quot; to someone else (hello). Helpful detail: The BEFSX41 doesn't refresh the web page when you &quot;Connect&quot; the tunnel (even though it seems to, it will still say &quot;Disconnected&quot; - you have to &quot;refresh&quot; the page again after the connect is attempted - or view the logs. The tunnel's actually there, so it's just an interface nuisance.

And finally, an offer. I just realized there's a VPN forum, and this thread is long (my fault). While at culmination you should carefully weigh remote management (perhaps using Out of Band management, like a modem + PCAnywhere) I'm happy to provide personal assistance that way. I'll post my spam-magnet account next, so it can be flagged seperately if inappropriate. I'm sure you know not to post specifics here. I'll do what you need to ensure non-disclosure, and if we solve it, we can post the solution back for the forum's benefit.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
145
intel233
intel233
ISDPCMAN
  • Locked
  • Question
RDP fails over VPN
Replies
1
Views
67
gkittelson
gkittelson
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
167
Shmid
Shmid
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
51
WhosYourDiffie
WhosYourDiffie
ITSUPPORTIT
  • Locked
  • Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
41
ITSUPPORTIT
ITSUPPORTIT

Part and Inventory Search

Sponsor

Back
Top