|
-
October 31st, 2002, 06:44 PM
#1
 router, firewall, and VPN headaches
I've got a business customer on a DSL connection thru a Zyxel Prestige 640R modem/router with port 1723 directing to a Windows 2000 server for VPN access. Been working great. But now the boss is wanting to add a Webramp 700s firewall into the mix to filter porn and other undesirable content. So now the connection goes from ISP > DSL ROUTER > FIREWALL > SWITCH > VPN SERVER. I've got internet access running just fine, but I can't get the port forwarding right so the VPN works. At the suggestion on our ISP, I forwarded the ports in the DSL router to the firewall, and then in the firewall I forwarded the ports to the server. The firewall log shows the packets coming through on port 1723 are being dropped.
Can anyone give me any suggestions on how to get the VPN working?
-
November 1st, 2002, 04:24 PM
#2
Registered User
Is the firewall doing NAT? Is it capable of IPSEC passthrough? If it won't do IPSEC passthrough, your VPN traffic will be corrupted.
-
November 1st, 2002, 05:26 PM
#3
No, the firewall isn't doing NAT. The Webramp 700s has a mode called "Standard" in which it doesn't do NAT or DHCP. The WAN & LAN ports have the same IP address and it's supposed to just pass the signal thru from a router. At least that's the way I understand it. As for IPSec, it has VPN capability but it's not available due to lack of that license. Of course the manufacture is out of business, so that can't be helped.
-
November 4th, 2002, 11:59 AM
#4
Registered User
sounds like you have a network design flaw....
rather than filter traffic like porn... get a tool to report on it's useage. (Private I, WebSense)
What this does it when an employee goes to a pron or unapproved site.. an admin alert is sent to ??? whoever and logged... so they can either monitor and make sure it is not a flase positve.. like brest cancer reasearch at lunch time... compared to well... you get the idea.... or if no one is there to get the alerts.. it is all logged which you can genrate HTML based reports on filters you set.
How does it work? how is it set up? Glad you asked.... lol (by the way... dont sell any of this crap... i just have to use it)
Set you firewall log messages to go to the server running the software... which watches for set items... and logs all traffic.
so user on internal lan.... going to thru the firewall... gets logged...
User VPN in... the back out thru firewall for internet (since that is the path he'll take now) gets logged.
When you find a looser that abuses company resource... document it.. warm them.. if they keep it up they have a problem and you probally dont want them working there anyway. So when you fire them you now have a paper trail to stop lawsuits and bad claims on unemployment.
I can help ya more if you need it!
You know you want a crabby patty!!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
Bookmarks