Archived from groups: microsoft.public.windowsxp.work_remotely (
More info?)
Thank you Bill for the extensive information. I will do the upgrade and see
if the wizard can simplify things any. You've been incredibly helpful.
"Bill Sanderson" <Bill_Sanderson@msn.com.plugh.org> wrote in message
news:O8YH7wJ2EHA.524@TK2MSFTNGP09.phx.gbl...
> OK.
>
> Here's Netgears support page. On the right it mentions firmware versions.
> One generally good idea is to update to the newest firmware--or at least
> check how far back you are.
>
>
http://kbserver.netgear.com/products_automatic/FVS318.asp
>
> You will also note a number of items relating to VPN issues on the right
> under the firmware references, in "MISC"
>
> This device can initiate up to 8 outbound IPSEC vpn tunnels. I don't know
> that you need that capability, from what you've said.
>
> It can also be the endpoint of an IPSEC VPN tunnel if you use their
(vp01L)
> proprietary vpn client software ($40 at amazon.com.)
>
> For how to forward ports, see:
>
>
http://kbserver.netgear.com/kb_web_files/N101145.asp
>
> You want to use the "add a service" method. To do PPTP VPN, use start
port
> and end port of 1723, and a name of your choice.
> Hmm - you might look at the section for "Let an APplication use" to see
> whether PPTP VPN is defined by the router already. If so--use the
> predefined definition, which may open the GRE protocol as well.
>
> OK - I found this PDF format faq:
>
> www.netgear.com/pdf_docs/FVS318_FAQ.pdf
>
> which states that PPTP and IPSEC passthrough are implemented--don't know
> whether you'll find checkboxes for those somewhere or not, but PPTP
> passthrough is what you need in addition to forwarding port 1723 to make a
> PPTP VPN to an XP client work.
>
> So:
>
> 1) forward port 1723 to the XP host machines fixed IP address in the
router.
> Make sure PPTP passthrough isn't disabled.
> 2) enable incoming connections and VPN on those connections in an XP
host.'
>
> 3) If you have more than one machine behind the router, you can test the
VPN
> connection within the lan by creating an outbound VPN connection on that
> second machine and "dialling" the IP of the machine you've set up as host.
> If you can connect and authenticate, at least you know that the host is
set
> properly.
>
> 4) then you need to either use a dialup, or another location, to test
> whether you can connect across the Internet through the router. You'll
use
> the fixed IP address of the router to connect.
>
> You would be most secure, using the proprietary client for the router and
> connecting to the router, using an IPSEC VPN. However, you may want to
try
> out the PPTP VPN just to see how the process works, and consider how
useful
> it will be for you,
>
>
>
>
>
> "tiki2k" <tiki2k@home.not> wrote in message
> news:%23KaWE5I2EHA.804@TK2MSFTNGP12.phx.gbl...
> > Wow that sounds quite intimidating.
> > The router is a Netgear FVS318. The manual was not very specific about
VPN
> > setup.
> >
> > Bill Sanderson <Bill_Sanderson@msn.com.plugh.org> wrote in message
> > news:#iaSYjB2EHA.1524@TK2MSFTNGP09.phx.gbl...
> >> Ahh--want to tell us the model of the router?
> >>
> >> I may be mistaken, since I know very little about IPSec VPN's, but this
> >> sounds as though the router is capable of terminating the VPN
> >> itself--i.e.
> >> the router as VPN server. Might only be capable of automatically
VPN'ing
> >> into some fancier device, though.
> >>
> >> If it is capable of being the end-point of an incoming VPN, you'll need
> >> their docs on how to set it up, and whether or not proprietary VPN
client
> >> software is needed to talk to it.
> >>
> >> You can probably ignore that aspect and just use normal port forwarding
> >> in
> >> the device to forward to an XP machine, though. The trick will be
> >> finding
> >> the terminology for the GRE protocol 47 stuff.
> >>
> >>
> >>
> >> "tiki2k" <tiki2k@home.not> wrote in message
> >> news:%23W1XLjA2EHA.524@TK2MSFTNGP09.phx.gbl...
> >> > Thank you.
> >> > The VPN setup for the Netgear router at the office end is a little
> >> > different
> >> > it seems. It asks for:
> >> > "Local and Remote IPSec Identifier"
> >> > Local/Remote tunneling access from a range, to specific or any local
> >> > address
> >> > Encryption Protocol
> >> > Key Life
> >> > IKE Life Time
> >> >
> >> > Also, do I specify the VPN IP Address as the same static address the
> >> > office
> >> > modem is on? Or do I need to buy more IP Address? B/c I tried pinging
> > that
> >> > IP Address and I get nothing.
> >> >
> >> > Bill Sanderson <Bill_Sanderson@msn.com.plugh.org> wrote in message
> >> > news:O3#DiBA2EHA.2192@TK2MSFTNGP14.phx.gbl...
> >> >> Go to Help and Support and search on the topic "incoming
connections."
> >> >>
> >> >> Note that there is almost no UI to setting up an incoming VPN--just
a
> >> > single
> >> >> check-box, and setting up authorized users. You don't need to tell
it
> >> > which
> >> >> interface to allow the VPN on--it automatically allows it on all
> >> > interfaces.
> >> >>
> >> >> You then need to forward ports appropriately through the router. If
> > the
> >> >> router is doing Nat, you want to choose a PPTP VPN, and in the
router,
> >> >> forward port 1723, TCP. The router also needs to forward all GRE
> >> >> protocol
> >> >> traffic--this is IP type 47. Routers differ in how this is
done--some
> >> > older
> >> >> Linksys boxes have a checkbox for it. Some routers take care of it
> >> >> automatically--your router's support web site will have an article
on
> > how
> >> > to
> >> >> do this.
> >> >>
> >> >> One note: It is easiest, in my experience, to go to properties of
> > TCP/IP
> >> > on
> >> >> the incoming connection (either as part of the initial setup, or
> >> > afterwards)
> >> >> and set the IP addressing to give out a group of fixed addresses,
> > rather
> >> >> than depend on DHCP. Some routers don't seem to be able to handle
> > giving
> >> >> out DHCP for incoming VPN connections to an XP client. Pick a range
> >> >> of
> >> >> addresses (4 or 5) on the same subnet as the router's DHCP, but
> >> >> outside
> >> > the
> >> >> range the router is giving out.
> >> >>
> >> >> Remember that any VPN client is effectively on your network--pay
> > special
> >> >> attention to making sure they are virus-free and up to date on
> >> >> patches,
> >> > and
> >> >> that you use strong passwords.
> >> >>
> >> >>
> >> >> "tiki2k" <tiki2k@home.not> wrote in message
> >> >> news:uKTfhe$1EHA.2788@TK2MSFTNGP15.phx.gbl...
> >> >> > My office network is connected to a router which accesses the
> > internet
> >> >> > through a static IP DSL service. All machines are XP Pro. What do
I
> >> >> > need
> >> >> > to
> >> >> > do or acquire to setup a VPN server so that I can access it from
> > home?
> >> >> > I
> >> >> > found an article in Microsoft Support site on how to configure a
VPN
> >> >> > Server
> >> >> > in W2000 but can't find one for XP Pro.
> >> >> >
> >> >> > Any suggestion is greatly appreciated.
> >> >> >
> >> >> >
> >> >>
> >> >>
> >> >
> >> >
> >>
> >>
> >
> >
>
>