DComTalk.com

I've tried in the past but never really had solid results for vpn
setup. I have a BEFSR41 linksys router. Would like to understand the
vpn setup process for windows 2000/xp pro configuration.

Been reading alot on the net, obtaining bits and pieces here and there
but nothing real solid.

I just setup another Windows 2003 server and tried to get the Linksys
units (three of them) to pass PPTP/GRE inbound to the server so that I
could RAS into it and never got it to work. In fact, I spent 2 hours
with the MS Networking Support Team the other night, just to find that
the Linksys units don't pass GRE outbound.

While searching on the Linksys site again, not that CISCO has take over
and change the firmware, I found an interesting article that states you
have to forward PORT 1723 BOTH to the server AND PORT 47 BOTH to the
server. GRE is not a port, it doesn't use PORT 47, but it appears that
Linksys has changed the PPTP sessions to require GRE to use PORT 47 in
their latest firmware.

In article <MPG.1be9449da8ee779c9898bf@news-server.columbus.rr.com>,
Leythos <void@nowhere.org> wrote:
I just setup another Windows 2003 server and tried to get the Linksys
units (three of them) to pass PPTP/GRE inbound to the server so that I
could RAS into it and never got it to work. In fact, I spent 2 hours
with the MS Networking Support Team the other night, just to find that
the Linksys units don't pass GRE outbound.

While searching on the Linksys site again, not that CISCO has take over
and change the firmware, I found an interesting article that states you
have to forward PORT 1723 BOTH to the server AND PORT 47 BOTH to the
server. GRE is not a port, it doesn't use PORT 47, but it appears that
Linksys has changed the PPTP sessions to require GRE to use PORT 47 in
their latest firmware.

Someone there is confused. GRE is IP *protocol* 47, and has nothing
to do with UDP or TCP, which are two other IP protocols, and
"ports" are associated with UDP and TCP. The BEFSR41 has special
PPTP passthrough support, but, as you say, that may be for inbound
only. You might want to take this to the Linksys forum on dslreports:
http://www.dslreports.com/forum/equip,16

I didn't confirm the above, I bought a D-Link DI-808HV unit and it
worked fine, heck, it can even act as a PPTP end-point if you want it
too.

Leythos wrote:

I didn't confirm the above, I bought a D-Link DI-808HV unit and it
worked fine, heck, it can even act as a PPTP end-point if you want it
too.


When a router is used as a PPTP end-point in a peer-to-peer network, can
the remote computer access a host computer within the network? Once the
remote computer validates and connects to the router, how does that
computer access another computer behind the router, if it can?

Leythos wrote:

I didn't confirm the above, I bought a D-Link DI-808HV unit and it
worked fine, heck, it can even act as a PPTP end-point if you want it
too.


When a router is used as a PPTP end-point in a peer-to-peer network, can
the remote computer access a host computer within the network? Once the
remote computer validates and connects to the router, how does that
computer access another computer behind the router, if it can?

OK, I have been setting up VPN here also... Today I succeded some what.
Connection is between 2 BEFSX41 routers.

Net A (My net) running windows 2k pro
Net B (His Net) running win XP

I get all my computers in his Network Places
but
I dont...

Now for MCP6453 the routers all handle the security and tunneling when you
get a connection go to network properties and set up a conection for outside
computers share the files you want and operate the system as if you added a
new computer on you internal net.

I did find one Item that might be helpful... each router that does this end
point MUST be on a different subnet..
IE: router A must have an address of say 192.168.1.1
and router B must have the address of 192.168.2.1

KK

In article <6o2dnawdCZdN-BzcRVn-sA@portbridge.com>, mcp6453
@earthlink.net says...
Leythos wrote:

I didn't confirm the above, I bought a D-Link DI-808HV unit and it
worked fine, heck, it can even act as a PPTP end-point if you want it
too.


When a router is used as a PPTP end-point in a peer-to-peer network, can
the remote computer access a host computer within the network? Once the
remote computer validates and connects to the router, how does that
computer access another computer behind the router, if it can?

You are assigned an IP in the subnet of the LAN side of the router - you
access anything you want in the LAN side subnet by IP.

Leythos wrote:

In article <6o2dnawdCZdN-BzcRVn-sA@portbridge.com>, mcp6453
@earthlink.net says...
Leythos wrote:

I didn't confirm the above, I bought a D-Link DI-808HV unit and it
worked fine, heck, it can even act as a PPTP end-point if you want it
too.


When a router is used as a PPTP end-point in a peer-to-peer network, can
the remote computer access a host computer within the network? Once the
remote computer validates and connects to the router, how does that
computer access another computer behind the router, if it can?

You are assigned an IP in the subnet of the LAN side of the router - you
access anything you want in the LAN side subnet by IP.


I see. That makes a lot of sense. Can I use an XP machine to VPN into
the router, or must I have two routers?

I see. That makes a lot of sense. Can I use an XP machine to VPN into
the router, or must I have two routers?

The DI-804HV and DI-808HV can act as PPTP end-points, the Linksys units
do not act as PPTP end-points.

Leythos wrote:

I see. That makes a lot of sense. Can I use an XP machine to VPN into
the router, or must I have two routers?

The DI-804HV and DI-808HV can act as PPTP end-points, the Linksys units
do not act as PPTP end-points.

Does that mean that an XP machine can initiate the tunnel, or do I have
to have TWO routers providing an endpoint at each end?

On Thu, 28 Oct 2004 17:49:06 -0400, "Kaptain Krunch"
captainkrunch@comcast.net> wrote:

OK, I have been setting up VPN here also... Today I succeded some what.
Connection is between 2 BEFSX41 routers.

Net A (My net) running windows 2k pro
Net B (His Net) running win XP

I get all my computers in his Network Places
but
I dont...

Now for MCP6453 the routers all handle the security and tunneling when
you
get a connection go to network properties and set up a conection for
outside
computers share the files you want and operate the system as if you added
a
new computer on you internal net.

I did find one Item that might be helpful... each router that does this
end
point MUST be on a different subnet..
IE: router A must have an address of say 192.168.1.1
and router B must have the address of 192.168.2.1

KK

Those two addresses aren't necessarily on different subnets. It
depends on the netmask being used.

--
Bill

Leythos wrote:

In article <6o2dnawdCZdN-BzcRVn-sA@portbridge.com>, mcp6453
@earthlink.net says...
Leythos wrote:

I didn't confirm the above, I bought a D-Link DI-808HV unit and it
worked fine, heck, it can even act as a PPTP end-point if you want
it
too.


When a router is used as a PPTP end-point in a peer-to-peer network,
can
the remote computer access a host computer within the network? Once
the
remote computer validates and connects to the router, how does that
computer access another computer behind the router, if it can?

You are assigned an IP in the subnet of the LAN side of the router - you
access anything you want in the LAN side subnet by IP.


I see. That makes a lot of sense. Can I use an XP machine to VPN into
the router, or must I have two routers?