D-Link Forums
The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: tuvia on January 28, 2010, 08:47:16 PM
-
I created on the DFL-210 a VPN using the dlink tutorial. I connected to it from my WinXP network connection. I unchecked the use remote gateway, and it seems to work. But that is not what I really want, I want the dfl-210 to be my internet gateway. IOW I am in a hotel in City One. The internet there at the hotel blocks Voip and some other things. I want to connect to the dfl-210 and use it to allow me whatever internet access the dfl allows but the hotel blocks.
how do i do this?
tia
-
Ensure you have outbound rules (similar to what you have under lan_to_wan) NAT'ing the outbound connections. A more comprehensive solution would be to change all those rules to use a new interface and network group that included your VPN and LAN objects grouped together.
-
the option of use remote gateway must be checked to use the vpn tunnel as you gateway to all internet traffic going encapsulated from your location to the dfl 210, and go out to the internet from iits internet connection.
when you un check this option any traffic pass through vpn tunnel, unless you add a static route to the remote networks you want reach through vpn tunnel
This solution provides the solution to avoid restrictions on location, and increase your security, its a recommended solution every time you use a hotspot or any public wired or wireless environment
-
I am way confused in my simple mind. When I connect, I get:
ip address: PPTP tunnel, say x.x.x.101 CORRECT
dns: dns set in pptp server properties CORRECT
default gateway: same as ip address above NOT CORRECT
My new connection has a good ip and dns, but its gateway is the same as its own IP!
If I could fix that gateway IP to be the dfl like it is for all the other connections, I would be solved. How can I do this?
Thanks.
-
what type of vpn are you using?? PPTP L2TP or IPSEC
-
He already answered that Chechito.
Having your own IP ad the gateway actually is correct for a PPTP tunnel, just ignore that field and continue troubleshooting with us. Do you see log entries in your DFL pertaining to this outbound traffic?
-
Sorry if i hijack the thread , but i have the same challenge as tuvia.
When im on travel i can connect from laptop using win7 to DFL-210 (Firmware 2.26.01) with my PPTP VPN and access everything on the LAN without a problem. But as tuvia I would like to use the DFL-210 as a internet gateway for my VPN connection.
(http://dl.dropbox.com/u/459103/wan.png)
2010-04-21 19:18:34 Warning RULE 6000051 Default_Rule TCP pptp_server
192.168.1.86 **.**.89.197 57176 80 ruleset_drop_packet drop ipdatalen=28 tcphdrlen=28 syn=1
2010-04-21 19:18:33 Warning RULE 6000051 Default_Rule UDP pptp_server 192.168.1.86 **.***.196.5 54219 53 ruleset_drop_packet drop ipdatalen=56 udptotlen=56
-
Do you have a NAT rule for the outbound traffic from the VPN? It should look much like the default outbound LAN traffic rules.
-
Thanks. Did'nt think about that.
Did add :
Name : PPTP-NAT
Action : NAT
Service : all_tcpudp
Schedual : none
Address filter
Source Destination
Interface : pptp_server wan
Network : lannet all-nets
Then it works for me. Please dont close the thread before tuvia have solved his problem.
-
I only close threads if it has proven to be a subject we can't discuss wholesomely in public. So no politics, sex, religion, or Cisco products.
Also, I would change your source net to your PPTP_Pool, but I am weird like that.