Really dumb VPN question

I must be missing the forest for the trees... I successfuly established a VPN connection between my work computer (client software) and my Netgear router at home (FSV114). My intent was to access a Linkstation on my home LAN that stores important copies work files. I was originally going to just use FTP but was alarmed at the number of pings was receiving after I opened the port. So, I was thinking VPN would offer me more security.

So basically, the VPN is established but I cannot figure out how to access the Linkstation. I thought I would simply appear on the home network and be able to access it via its local IP - but that doesn't work.

Any help greatly appreciated - I have googled this to death and still confused.
14 answers Last reply
More about really dumb question
  1. Sorry I dont really have any help for you but may be you can help me. Can you explain how you actually setup the freaking Netgear VPN endpoint with teh Netgear Client?? I cant seem to get it to work. I cannot seem to get a connect button highlighted to work under the conections. I know you can just let it run and it sets up automatically but i cannot for the life of me get it to let me hit a connect situation. It has been driving me freaking bonkers. I have even tried using Microsoft Client software and still NOTHING.
  2. I followed the example in the included software manual that set up the client and a different netgear router. I remoted to my router from work, and could compare each of the settings. I always could select "connect" but could not connect until I got the name and some of the encryption stuff set correctly. This was a little bit trial and error.

    I did learn today that I probably have 1 fundamental problem: Both my work and home LAN have the same IP structure (192.168.1.xxx) which appears to be a major booboo. 8O

    I did notice that I cannot select the "connect" button until I have activated the security policy. Once it is selected, I can connect and disconnect. What drives me insane is that it reconnects right after I disconnect. I disable the security policy to prevent this.
  3. Quote:
    I did notice that I cannot select the "connect" button until I have activated the security policy.


    Ya I have tried that too and still nothing. I had it going one time but was not connecting so i changed the settings again and then it went away again. It has given me qiute the headache.
  4. Quote:
    I did learn today that I probably have 1 fundamental problem: Both my work and home LAN have the same IP structure (192.168.1.xxx) which appears to be a major booboo. 8O



    I dont think that would matter with both systems using NAT??? Am I wrong?
  5. :D That was actually my final problem. I now have full access to the home network, can map drives and print.

    Did you follow the example in the manual? Following this seemed to work very well for me. There may also be a possibility that you need to open ports on the client side firewall. I have them open now, and will close them to see if they are needed.

    I will probably type up a step by step procedure on what I did, otherwise I would forget it in about a month. If you want, I could send that to you.
  6. No, I did not get to the example as of yet. If you could send me the step by step in the meantime that would be great just for a extra example for me. This is the first time I have tried to setup a VPN and went into it blind. I have now pretty much got all the security down I just need the actual addressing and setup. It is extremely confusing.

    Thanks a bunch for your help.
  7. My first attempt to setup a VPN locked my pc from unternet access. I had to leave on a trip and haven't tried since. I would appriacate a copy of your step by step instructions. To see what I did wrong. I was following examples but apparently missed something.
  8. I had the same issue with mines too. I had to disable the rule to get it back to working. It is a PITA.
  9. I am working on a step by step procedure on what I did with the VPN Prosafe client and my FSV114 router. When I get through it, I will post it here so you can see what worked for me.

    8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O
  10. Quote:
    I am working on a step by step procedure on what I did with the VPN Prosafe client and my FSV114 router. When I get through it, I will post it here so you can see what worked for me.

    8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O 8O


    Great Thanks a bunch!!
  11. To start, make sure the 2 lan networks you are trying to connect have different IP structures: Such as 192.168.2.xxx and 192.168.10.xxx. You will be finding resources on each lan via its IP address, so everthing must be unique.

    In the Prosafe VPN client:

    Create a new connection with these properties:
    ID Type: IP Subnet
    Subnet: 192.168.2.0 this is the lan you are trying to connect to
    Mask: 255.255.255.0
    Protocol: All
    Check the box for connecting with a secure gateway tunnel
    ID Type will be IP Address
    Enter the IP address of the router you are trying to reach (WAN IP)

    Next edit My Identity:
    Enter the pre-share key
    ID type will be how you are identified - I chose Domain Name and entered my domain here at work. You could just use a name. (match this on the router)
    Virtual Adapter is disabled
    Internal IP address is 0.0.0.0

    Next edit the security policy
    Choose the negotiation mode (match this on the router)
    Enable Perfect Forward Secrecy and select PFS Key Group (match this on the router)
    Unselect replay detection

    Next edit the authentication proposal 1
    Method is pre-share key
    Encrypt Alg (select and match with router)
    Hash Alg (select and match with router)
    SA Life (select and match with router)
    Key group (select and match with router)

    Finally edit the key exchange

    IPSec protocols (select and match with router - I did not use compression)
    Select Encapusulation Protocol
    Set Encrypt Alg and Hash Alg as was set above
    Encapsulation - use Tunnel
    Do not select Authentication Protocol

    Thats it for the client software. Now for the router. Most of this is simply match what you have already done.

    Here are some tidbits:


    IKE Policy Configuration:

    Direction Type is Remote Access
    Exchange Mode (same as security policy in vpn client)
    Remote Identity and Type should be the same as My Identity in vpn client
    IKE SA Parameters - set all of these the same as corresponding settings in vpn client (including the preshare key)

    VPN Configuration:

    Remote VPN Endpoint - set address type to IP Address and use the local IP address of the machine running the VPN client
    SA Lifetime - match the setting in the client
    Enable IPSec PFS and match setting in client

    Traffic Selector, set local IP to subnet address and set as follows:
    192.168.10.0
    255.255.255.0

    Remote IP address set to single address, and put in the WAN IP address of the VPN client network (I did it this way to limit traffic to only my work IP address).


    In the ESP configuration, select both Encryption and Authentication and set these to match the VPN client.


    This is just a quick overview of what I did and it worked. I was a little vague with things that needed to be. This pretty much follows the Netgear example verbatim except I tweaked it for my particular router. You will need to hunt around on your router for the particular fields that need filled out.

    Hope this helps. 8O
  12. Thankyou very much I will give it a try, when I get somw free time again.
  13. Thanks a bunch. Hopefully I can get this working right. :P
  14. Quote:
    <SNIP>
    So basically, the VPN is established but I cannot figure out how to access the Linkstation. I thought I would simply appear on the home network and be able to access it via its local IP - but that doesn't work.
    <SNIP>


    How are you trying to contact it by it's IP? Can you ping it?

    Some protocols do not cross over to different LANs well. Network neighborhood stuff is usually unreliable or unavailable. You should be able to map a drive reliably with \\IPaddress\sharename
Ask a new question

Read More

Connection VPN Networking