From: NtOrSoPzAzMo@arcor.de   
      
   Hi,   
      
   I'm trying to set up a VPN connection from the corporate network to my home   
   network. I need to use a VPN connection because company policy does not   
   allow the use of Remote Desktop. My home network consists of 3 computers   
   (all XP Pro) sitting behing a Zyxel Prestige 660HW router/firewall with VPN   
   capabilities, which in turn sits behind a DSL modem.   
      
   I've been reading all over the place and I'm still not clear on the   
   configuration.   
      
   The home network is set up as a workgroup. It's set up behind NAT in the   
   192.168.1.0/24 block. I have a dynamic IP, but I'm using a dynamic DNS   
   service (which I'll call blablabla.dyndns.org).   
      
   The work computer is part of an AD domain, and uses NAT in the 172.16.0.0/12   
   range. I don't know the firewall setup, nor do I have any sort of access to   
   it.   
      
   In the VPN/IPSec settings of the router, I've set up the following:   
      
                               Menu 27.1.1 - IPSec Setup   
      
             Index #= 1        Name= blablabla.dyndns.org   //not real address   
             Active= No        Keep Alive= No   //not yet activated   
             Local ID type= DNS        Content= 12345   
             My IP Addr= 0.0.0.0   
             Peer ID type= DNS         Content= 12345   
             Secure Gateway Address= blablabla.dyndns.org   
             Protocol= 0       DNS Server= 0.0.0.0   
             Local:  Addr Type= SUBNET   
                 IP Addr Start= 192.168.1.0      End/Subnet Mask= 255.255.255.0   
                    Port Start= 0                End= N/A   
             Remote: Addr Type= SUBNET   
                 IP Addr Start= 192.168.2.0      End/Subnet Mask= 255.255.255.0   
                    Port Start= 0                End= N/A   
             Enable Replay Detection= No   
             Key Management= IKE   
             Edit Key Management Setup= No   
      
      
   In the Key Management Setup:   
      
                               Menu 27.1.1.1 - IKE Setup   
      
         Phase 1   
           Negotiation Mode= Main   
           PSK= 12345678   
           Encryption Algorithm= DES   
           Authentication Algorithm= MD5   
           SA Life Time (Seconds)= 28800   
           Key Group= DH1   
      
         Phase 2   
           Active Protocol= ESP   
           Encryption Algorithm= DES   
           Authentication Algorithm= SHA1   
           SA Life Time (Seconds)= 28800   
           Encapsulation= Tunnel   
           Perfect Forward Secrecy (PFS)= None   
      
      
   The router manual isn't much help. I'm planning to create the connection   
   using the XP client from work. I haven't tried it from work yet (will do it   
   tomorrow), but does anyone see any glaring errors in the above configuration   
   that might not cause it to work, so that I can change it today while I'm   
   still home?   
      
   I also plan to be traveling quite a bit in the next few months. Would this   
   work no matter where I am? (of course, if I'm not inside the company's   
   network, I have a chance of being able to use RDP).   
      
   Thanks,   
   Mike   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)