Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[chrysalid]

Hello,
I have a client that is using a DIR-655 router.
He uses Cisco VPN to access his work PC.
At first, the only way we could get this to work was by skipping the router and plugging directly in to the modem.
This is not ideal - so after receiving no response here to this question - I did the following - I put his PC (by IP) in a DMZ.
This has done the trick - but will only work until the next time his IP address changes.
Is there another (more permanent) fix?
Thanks,
Amber

[FurryNutz]

Can you set his PC up for a reserved IP address so it doesn't change? I recommend doing this for all devices regardless. Helps maintain a constant IP address and helps some in troubleshooting and wont break options and rules on the router should they change while using DHCP.

[chrysalid]

Is that different from a static IP?
If so - I'm not sure how to do that...
This is a work laptop - so when he takes it to his office, his IP addy changes - when he gets back home, there are others on his network - so he doesn't always get his same IP.

Thanks!
Amber

[FurryNutz]

Well you can reserve or make a Static IP address on the 655 router for when the LT is at home. Can his IT department do the same thing when he's at work?

[Hard Harry]

Well you can reserve or make a Static IP address on the 655 router for when the LT is at home. Can his IT department do the same thing when he's at work?

Why do so many people have such horrible IT's? It amazes me. Not your fault, just saying the horror stories I could tell.

Need alot more info:
Is it a Cisco VPN unit? Like something you plug in? Or a client(software)? What does it use? PPPTP? IPSec? Does he require a static IP? What ports does it use? Does he require a code from a little key chain like thing?

[chrysalid]

The VPN access is done with Cisco's software client.
IPSec.
He doesn't require a static IP.
I'm not sure about the port - where would I find that out?
He doesn't use a little key chain like thing

[Hard Harry]

Well the same people who gave your the VPN software should have provided you with some settings and requirements.  But anyway..

1. Make sure you set a DHCP reservation.

• [Setup > Network Settings]
• Look under "Number of Dynamic DHCP Cliens" and choose his. You can usually tell by host name. If not, turn every other device off except his.
• Click Reserve and his info should come up under "Add DHCP Reservation" and click Save
• Click on save settings up top.

2. Turn down Firewall.

• [Advanced > Firewall Setting] Make sure UDP and TCP Endpoint Filtering is set to Endpoint Independent.
• Make sure IPSec is checked under ALG configuration.

3. Make sure his laptop is connecting wired. Sometimes the client software only installs on the local area connection IPStack.

4. Turn off securespot. [Advanced > Securespot]

Try it that way, with the computer out of the DMZ. If it doesn't work, there are specific ports you need to open, and must contact your work's IT[/list]

[chrysalid]

Ok - thanks for all your help!

I set up this laptop with a DHCP reservation (I assume it will always have the current IP address of 192.168.0.100)?
I made the first suggested change to the firewall. The 2nd item (IPSec) was already checked.
I couldn't find the Securespot to turn off...
But after doing all this - VPN wouldn't work.
Once I put the laptop back into the DMZ it worked...

What do I try next?

Thanks
Amber

[Hard Harry]

You need to contact your IT. We need more info about your network and VPN configuration to help. Even if you have to contact a supervisor or something, they should be helping you more.