| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 35877 | 2003-07-24 06:20:00 | need to join hardware firewall and software router | falvrez (390) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 162532 | 2003-07-24 06:20:00 | yeah vague description but ore than a mouthful. Further to my previous posts about trying to track excess jetstream usage, I download a trial version on Winroute Pro, as the lite version does not have VPN capabilities (which we need). The scenario: Up until now we have had snapgear firewall and a Dlink adsl router at each of our sites for shared internet access, with an IPsec tunnel running between the buildings (using a preshared secret) to allow users at one building to access the intranet and some other programs (using terminal servives) at this site. Has been working perfectly like this until our jetstream overload of downloads. So! At the site with the excess usage, I setup a gateway internet PC with winroute Pro, and also installed a trial verson of Capsa network monitoring software to meter the usage by workstation (which we haven't been able to do with our previous setup). I got the gateway machine going, had the net working perfectly at this site, with Capsa monitoring the usage just beautifully (well when you've been in PCs a while these things do come accross as such). So, the metering is working, but the VPN tunnel is not. Winroute supports VPN and terminal services, but has *very* vague decriptions on troubleshooting of either. So now we have the snapgear firewll at one site, where users at that site cannot access our server here (on 192.168.0.1). My point after all this rambling, is that, although I've set up port mapping in Winroute, by having the snapgear at the other end using a pre shared secret, how can the users there possbily access out network if there is nowhere in winruote to add in teh shared secret, or any other part of the ipsec setup (static IP address of the other site etc)...or am I missing something basic here? Thanks for any suggestions. |
falvrez (390) | ||
| 162533 | 2003-07-24 11:41:00 | Hi Falvrez, I checked out the Kerio Winroute site (www.kerio.com) and thought it covered the issue fairly well. It appears that you need to have both sites running Winroute to enable VPN. This would appear to be where the problem lies as you mention that only one site has Winroute ;) |
Gorela (901) | ||
| 162534 | 2003-07-24 22:14:00 | Hi Arthur (?) I posted this reply but it came back with an error so hopefully I'm not doubling up. The problem with the scenario listed is that it's for 2 win2000 pro macines both running winroute. I'm running winroute on a 98se machine here and the other site has the original snapgear hardware firewall - ideally I'd like to keep this setup. Will delve more into the suggested "solutions" and see if I can adapt to suit. Thanks for the help - that was one link on the Kerio webiste I had not clicked on! :) |
falvrez (390) | ||
| 162535 | 2003-07-25 08:09:00 | Howdy again Falvrez, I had a further check of the site and this page ( . kerio . com/us/supp_wrp_focus_server . html" target="_blank">www . kerio . com) continues with the setting up of the client and server . It mentions setting a logon and password, but whether this is the same as the authentication key sequence for the snapgear you will have to decide . Personally I thought the onsite documentation for Winroute appears to be far better than the Snapgear site . Perhaps I haven't delved far enough into it though :) Hope this link leads you further towards success and Arthur's pretty close ;) |
Gorela (901) | ||
| 162536 | 2003-07-27 09:52:00 | Thanks Gorela Had printed out that page already from the link you gave nme last week - just need to get time to look at it, but doesn't look too hopeful for my desired setup. Yes snapgear site is pretty useless, there never seems to be the answer that you are looking for. At least their firmware upgrades are dead simple. Cheers and thanks |
falvrez (390) | ||
| 1 | |||||