A question for a VPN expert

**lilelvis2000** · 10 October 2007, 10:40

Does sonicwall require any port triggers to be set?

I assume the network monkeys at her workplace are also on it.

**gingerjedi** · 10 October 2007, 10:59

Originally posted by lilelvis2000 View Post

Does sonicwall require any port triggers to be set?

I assume the network monkeys at her workplace are also on it.

hmmm I don't know about port triggers? Can't remember setting anything on the Netgear? But yes she should be calling their one and only support monkey as I type.

**MrRobin** · 10 October 2007, 11:06

If all you have done is change your router and you did not open up any specific ports before then the problem should not be at your end, especially if she can connect and be authenticated onto the main VPN.

Then again, just by changing your router shouldn't need anything to be reconfigured at her work end either. Could be just a coincidence that it stopped working the same time you get a new router.

**gingerjedi** · 10 October 2007, 11:55

I plugged the old one back in and it worked so no coincidence, could they have a MAC address filter? I know my router I can be set to allow or deny attached devices by MAC filtering so I assume they would have similar.

**lilelvis2000** · 10 October 2007, 12:46

If they filtering on MAC you would'nt make it through the firewall. But its worth a shot . I'm not knowledge on it. Perhaps her client VPN licence is tied to the MAC?

Also worth a check on Linksys website to see if there are any known VPN issues with specfic VPN software/hardware.

**monkeyboy** · 10 October 2007, 13:41

Probably not this reason as you sayyou can log onto the domain.

Some cheap adsl routers don ot understand IKE properly and will not pass trough NAT PAT correctly. Ike packet has source 500 dest 500. The router passes this through PAT and the remote end does not see this as a ike packet as source port is not 500.

Nat traversal fixes this.

Otherwise if you can log on then the vpn is only supplying a transport layer so can't see how the router would make a difference.

The only other thing is that the new router might have a dhcp subnet that conflicts with the one at work.

Say it give you a 192.168.0.0 addresses with a huge mask there is a good change that the server at the remote end may well use that subnet and hence the packet will not route to the remote site.

do an ipconfig on the client when connected to each router and see what address you get. Change the new one to macth the old one and see if it now works.

**gingerjedi** · 10 October 2007, 13:47

Cheers, I'll give those suggestions a try tonight.

**Dante** · 15 October 2007, 15:17

Does the new router dish out the same IP address range as the old one via DHCP?

If it's dishing out a 10.0.0.x/24 address and the VPN is on a similar subnet - she'll have issues after initial connection.

I've seen it a few times.

Cheers,

Dan.

**gingerjedi** · 16 October 2007, 10:53

Sorted, VPN passthrough was enabled but block WAN requests was ticked.

I doesn't really matter as I'm taking it back and getting another Netgear as the wireless was pathetic!

A question for a VPN expert