[plug] vpn breaks home network

Jon L Miller jlmiller at mmtnetworks.com.au
Sun Dec 9 14:28:20 WST 2007 

I have a similar setup 3 pc's connected to a switch with a cisco 1721 router
on the switch.  The vpn is from router to router and therefore I do not need
to use the vpn client.  
However, when I do it does drop off the local lan until I set the router to
do allow transparent tunneling.
Have you set this up on the router?

Jon

-----Original Message-----
From: plug-bounces at plug.org.au [mailto:plug-bounces at plug.org.au] On Behalf
Of Rob Dunne
Sent: Sunday, 9 December 2007 11:52 AM
To: plug at plug.org.au
Subject: [plug] vpn breaks home network

Hi list,

I have a little home network with a ASDL2+ modem, a hub and
two computers with IP addresses 192.168.1.100 (plastic)
and 192.168.1.13 (lycra)

It all works well until I start up cisco vpn on plastic. The vpn
works but I can not see lycra any more.

I think what I need is a "VPN pass-through" on the modem. Does this
sound right?

The vpn gives the following information when it starts up.
Client address: 130.155.80.7
Server address: 150.229.98.10
Encryption: 256-bit AES
Authentication: HMAC-SHA
IP Compression: None
NAT passthrough is active on port UDP 10000
Local LAN Access is disabled

The modem (iconnectAccess621) has an IP Forwarding menu
that has VPN with IPSEC L2TP -- which (if I understand it)
sets up the following
Protocol PortStart PortEnd PortMap
UDP  500   500   500
ESP   *     *     *
UDP 4500   4500   4500

turning this on doesn't fix the problem. Perhaps because the
vpn is expecting "NAT passthrough" on "port UDP 10000"?

I have tried to set this up as a "Custom Port Forwarding" with
Source IP 150.229.98.10
Mask 255.255.255.0
Destination IP 130.155.80.7
Mask 255.255.255.255
Port Start 10000
Port End 10000
Port Map 10000
Protocol UDP

but I am really just guessing here. Is the "source" the server at work
or the modem or what?

any pointers received gratefully!

Bye
Rob

_______________________________________________
PLUG discussion list: plug at plug.org.au
http://www.plug.org.au/mailman/listinfo/plug
Committee e-mail: committee at plug.linux.org.au

More information about the plug mailing list