My first VPN - and it "almost" works - BEFVP41 V2

Archived from groups: comp.dcom.vpn (More info?)

I have successfully set up a tunnel between a computer outsi­de my
network and my LAN at home. (No small feat for a network new­bie, I
have to admit).

The VPN Gateway at home is a LinkSys BEFVP41 Router with Firmware­
Version 1.00.12

The remote VPN Client software is TheGreenbowVPN (In trial mode)

The good news is that both the client and VPN Gateway agree ­a tunnel
has been created. The log on the Gateway is reporting "IKE[­1] Set up
ESP tunnel with aaa.bbb.ccc.ddd Success!" (aaa.bbb.ccc.ddd­ is the
address of the remote client).

The bad news is that the remote machine cannot ping the mach­ines on
the other end of the VPN nor does it have any access to the shared
reso­urces on the remote LAN.

I do have one thing that confuses me even more. The client ­as well
as the VPN Gateway is on LAN that has local addresses of
192.16­8.1.xxx So how does the client differentiate between machine
192.168­.1.100 (for example) on his network and a machine on the local
LAN with ­the same address?
Thanks in advance for all replies.

Wardell Castles

Archived from groups: comp.dcom.vpn (More info?)

CoolUncle wrote:
> wardellcastles wrote:
>
>> I have successfully set up a tunnel between a computer outsi­de my
>> network and my LAN at home. (No small feat for a network new­bie, I
>> have to admit).
>>
>> The VPN Gateway at home is a LinkSys BEFVP41 Router with Firmware­
>> Version 1.00.12
>>
>> The remote VPN Client software is TheGreenbowVPN (In trial mode)
>>
>> The good news is that both the client and VPN Gateway agree ­a tunnel
>> has been created. The log on the Gateway is reporting "IKE[­1] Set up
>> ESP tunnel with aaa.bbb.ccc.ddd Success!" (aaa.bbb.ccc.ddd­ is the
>> address of the remote client).
>>
>> The bad news is that the remote machine cannot ping the mach­ines on
>> the other end of the VPN nor does it have any access to the shared
>> reso­urces on the remote LAN.
>>
>> I do have one thing that confuses me even more. The client ­as well
>> as the VPN Gateway is on LAN that has local addresses of
>> 192.16­8.1.xxx So how does the client differentiate between machine
>> 192.168­.1.100 (for example) on his network and a machine on the local
>> LAN with ­the same address?
>> Thanks in advance for all replies.
>> Wardell Castles
>>
> Hi,
>
> the answer is unfortunately that it doesn't. The two ends have usually
> to be in two different subnets. For some top-of-the-range routers fudges
> can be made, but don't go there unless you have to. Be a coward and put
> one of the LANs at 192.168.2.xxx for example.
>
> HTH,
>
> Colin

Static routes for both remote networks should resolve your problems

Ken