XPost: comp.os.ms-windows.networking.misc   
   From: day_trippr@REMOVEyahoo.com   
      
   On 17 May 2004 04:53:56 -0700, bob101@mailinator.com (bob101) wrote:   
      
   >I'm at home trying to connect to my workplace VPN through an Actiontec   
   >DSL Gateway, and am having no luck.   
   >I'm running XP Pro, and on my machine my IT dept have installed   
   >NetScreen Remote software which has to be activated before I can get   
   >into the VPN. It all worked fine via dial-up, BTW. Then I get DSL and   
   >the Actiontec router, and it's no soap.   
   >I've talked to the Actiontec tech support people, and we've tried   
   >various different settings on the router, but still no good. VPN   
   >passthrough is enabled, ports have been forwarded, it still doesn't   
   >work, so they tell me the problem is with the VPN I'm trying o connect   
   >to. One clue is, I can connect to the workplace firewall OK and   
   >authenticate myself, but not to the servers or my mailbox.   
   >When I talk to my IT dept, they tell me the problem is with the   
   >router: either I should upgrade to a static IP address from my ISP, or   
   >I should disable NAT. On this router NAT can only be disabled if you   
   >add a static routing address, and the Actiontec support people won't   
   >even tell me how do do this - I don't know what a static routing   
   >address is, and when I've tried my best I couldn't connect to the   
   >internet at all - (legal problems if their firewall is down and I get   
   >hacked?).   
   >   
   >So I'm stuck, back with my crappy dialup.   
      
   They probably mean a "static routable address" - an address permanently   
   assigned to you and existing in a routable network realm. You probably can   
   obtain this at some extra cost, contact your DSL provider if you want to   
   consider this possibility.   
      
   Otherwise...have you tried connecting the DSL modem directly to the PC you are   
   trying to use with VPN? If there is any doubt about the router, run around it   
   until you get your VPN client connected. Then insert the router and try to   
   make that work.   
      
   If you are relying on VPN Passthrough then you must not be using the gateway   
   device as the tunnel portal. So what is the actual name of the VPN service you   
   are using? I presume you are not using Microsoft's VPN service, but I also   
   suspect "Netscreen Remote" is not the tunnel client, but is a VNC client   
   instead. Otoh, if that is the case, it is hard to understand why Netscreen   
   Remote should precede establishment of the tunnel that Netscreen Remote will   
   have to use.   
      
   Finally, if you are using name-based resolution for those servers at work,   
   edit your LMHOSTS file and add the domain controller entries to it....   
      
   eg: 	   
      
   123.444.551.120 	startech01	#PRE  #DOM:STARTECH_ENG   
   123.444.551.120	"STARTECH_ENG    \0x1B"  #PRE   
      
   ....then reload it ("nbtstat -R" in a Command Prompt window) and see if you   
   can now access your mail server.   
      
   fwiw, I've used three different VPN services in the last two years (Microsoft   
   Remote Desktop, SecuRemote and now the Nortel Contivity client talking to a   
   Nortel VPN appliance) through Linksys and Netgear routers and WAPs over cable   
   modems. Each one had some last switch that had to be thrown correctly to make   
   run, but run they all did. The DSL provider techs aren't going to be much   
   help...   
      
   /daytripper   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)