home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   comp.dcom.vpn      VPN protocols, clients, awesomeness      2,349 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 1,844 of 2,349   
   Mike Drechsler - SPAM PROTECTED EMA to All   
   Re: vpn to office and access internal la   
   25 Nov 05 17:47:12   
   
   From: mike-newsgroup@-DELETETHISPART-.upcraft.com   
      
   pIX2 wrote:   
   > Simon wrote:   
   >> pIX2 wrote:   
   >>> Hi,   
   >>> I'm in a customer's office and I'm trying to vpn to my office.  I can   
   >>> login using my cisco 4.6 vpn client and it was authenticated ok by my   
   >>> office's vpn cisco concentrator.  But the problem is I can not ping /   
   >>> telnet to my office LAN.   Can someone tell me what the customer needs   
   >>> to open up in his firewall, so i can access my office LAN >>>??   
   >>> thanks for your help.   
   >>> J   
   >>>   
   >> If you can connect with the vpn client then nothing else needs to be   
   >> opened on the customer firewall. It's not something like the customers   
   >> lan subnet is the same as your company subnet ? that would break things.   
   >> simon   
   >   
   > Well, if i'm outside the firewall of the customer, after I vpn in, I   
   > was able to ping/telnet to my servers in the office.  If I'm inside the   
   > customer's firewall, I can vpn in but I'm unable to access any of my   
   > servers, such as telnet/ http, etc.  ping, telnet, and http are open in   
   > the customer's firewall.  I can ping yahoo, browsed web, etc.   
   >   
      
   They are using the same IP subnet as the network on the remote side.  A   
   small travel router may allow you to setup a simple little network where   
   you can control the local IP subnet.  Even if an intermediate network   
   segment (the part between your little router and their firewall) has a   
   conflicting IP range this should still work.  It's a lame little hack   
   that can work if you have no ability to renumber the networks.   
      
   This is one of the reasons you should avoid using the common network   
   numbering for consumer routers when you setup an office LAN with a VPN   
   gateway.  Try to avoid the 192.168.0.x-192.168.2.x ranges.   
      
      
   --   
   WARNING!  Email address has been altered for spam resistance.   
   Please remove the -deletethispart-. section before replying directly.   
   Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca