#297812 - 02/05/2007 22:34
VPN Help Anyone?
|
old hand
Registered: 17/01/2003
Posts: 998
|
I'm located in the US and use Huges Net two way satellite connection for my broadband internet connection. It’s the only option I have other than dial-up.
I recently upgraded graded to their DW7000 receiver and now I can not connect up to work via VPN. I now just upgraded to a static IP and still cannot connect.
I’m about to give up.
Any suggestion on getting this to work with VPN?
|
Top
|
|
|
|
#297813 - 03/05/2007 00:44
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 19/01/2002
Posts: 3584
Loc: Columbus, OH
|
Aren't latency times over satellite too high to allow a VPN to be useful anyway?
That said, we'll need more information about what sort of VPN you're using and the equipment on either end.
_________________________
~ John
|
Top
|
|
|
|
#297814 - 03/05/2007 10:29
Re: VPN Help Anyone?
[Re: JBjorgen]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: Aren't latency times over satellite too high to allow a VPN to be useful anyway?
That said, we'll need more information about what sort of VPN you're using and the equipment on either end.
Thanks, I have a DW7000 satellite modem, box, whatever you call it. I connect to this devise via 100 Mbps Ethernet. It then connects me to the internet and I now should have a static ID.
I’ve tried connecting to two different VPN networks…
Cicso systems VPN Client version 4.8.0.00.0440
…and the other is…
Nortel Contivity VPN Client v04_65.09
Both work OK when I connect to a dial-up ISP.
Maybe my issue is that I now connect to the DW7000 satellite modem thing through Ethernet and then I get sent to the web???? Maybe this intermediate network step is causing VPN not to work???
The old satellite modem work at one time (before Huges did “something”) and I connected directly to that via USB.
thanks for your help
|
Top
|
|
|
|
#297815 - 03/05/2007 12:31
Re: VPN Help Anyone?
[Re: Redrum]
|
addict
Registered: 11/01/2002
Posts: 612
Loc: Reading, UK
|
What you say you want to do is 100% do-able. Latency is not an issue. However That doesn't mean that you can do it - it is possible (but unlikely) that some of the components are crippled (most probably the satellite connection may be filtered). It's also possible that this isn't a true satellite modem. One approach to satellite is a true bi-directional ground-space connection - the other is to have a 'slow' ground to ground connection for data flowing from you to the internet (ie page GETs) and then a clever bit of s/w on the PC that looks for HTTP responses on the asynchronous satellite connection (ever seen web connections served by DVB-S satellites?). Assuming it's a bidirectional connection. the most obvious first: you need to look at your PC firewall to ensure the vpn client can penetrate it. You need to make sure your VPN is trying to connect via ethernet. Can you ping your VPN (far) endpoint?
_________________________
LittleBlueThing
Running twin 30's
|
Top
|
|
|
|
#297816 - 03/05/2007 13:03
Re: VPN Help Anyone?
[Re: LittleBlueThing]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: What you say you want to do is 100% do-able. Latency is not an issue.
However
That doesn't mean that you can do it - it is possible (but unlikely) that some of the components are crippled (most probably the satellite connection may be filtered).
It's also possible that this isn't a true satellite modem. One approach to satellite is a true bi-directional ground-space connection - the other is to have a 'slow' ground to ground connection for data flowing from you to the internet (ie page GETs) and then a clever bit of s/w on the PC that looks for HTTP responses on the asynchronous satellite connection (ever seen web connections served by DVB-S satellites?).
Assuming it's a bidirectional connection. the most obvious first: you need to look at your PC firewall to ensure the vpn client can penetrate it. You need to make sure your VPN is trying to connect via ethernet. Can you ping your VPN (far) endpoint?
Thanks, yes it is bidirectional and the newest modem with the faster service. I just got a static IP hoping that would fix the issue.
I just turned off all the firewalls and still no luck.
I can get to the signon screen for both VPN's. With Cisco it just says connection (forever) and with Nortel I get a Banner Text can not be displayed. Somebody said one time it has something to do with NAT or something. I have my home network bridged so other PC's at home can connect to the web.
I have no control over the end-pionts and I'm sure they won't make any changes for just me.
thanks
|
Top
|
|
|
|
#297817 - 03/05/2007 13:13
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
|
Have you tried calling the satellite company and saying that you're having trouble with VPN connections after the upgrade?
|
Top
|
|
|
|
#297818 - 03/05/2007 13:22
Re: VPN Help Anyone?
[Re: tfabris]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: Have you tried calling the satellite company and saying that you're having trouble with VPN connections after the upgrade?
Yes, I called India. They and thier web site says - "While VPN may work we do not suport or recommend you use VPN with Huhges." Have a nice day.
The support for Direcway is way over bad. It took me three calls and was down for 8 hours just to get a staic IP.
|
Top
|
|
|
|
#297819 - 03/05/2007 13:25
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Quote: I have my home network bridged so other PC's at home can connect to the web.
The way you put it, it sounds like you're using the Windows Connection Sharing thing. If so, which computer are you trying to connect from? The one that's connected directly to the modem or one that's connected to the sharing computer?
_________________________
Bitt Faulk
|
Top
|
|
|
|
#297820 - 03/05/2007 13:43
Re: VPN Help Anyone?
[Re: wfaulk]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote:
Quote: I have my home network bridged so other PC's at home can connect to the web.
The way you put it, it sounds like you're using the Windows Connection Sharing thing. If so, which computer are you trying to connect from? The one that's connected directly to the modem or one that's connected to the sharing computer?
I'm using the one that is connected directly to the modem via ethernet. I didn't try the other ones because I thought the bridged network would even be less likely to work. I'm thinking since I'm using ethernet to connect directly to the modem that may be causing the issue.
Even though it's directly connected it's still an internal network. Maybe I'm wrong. I've got no idea and have been at this for days.
|
Top
|
|
|
|
#297821 - 03/05/2007 14:54
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Sorry if you've covered this before:
You said it used to work. Was that with the same computer hooked up to the old satellite system, or just via dialup?
Is your computer's IP address in one the ranges 10.0.0.0 through 10.255.255.255, 192.168.0.0 through 192.168.255.255, or 172.16.0.0 through 172.31.255.255? A simple "yes, it's in one of those ranges" or "no, it's not in those ranges" will do. No reason to tell us your actual IP address if you don't want to.
When you say your VPN client gets to the "signon screen", do you mean it gets to the point where it asks for a username and password?
On the Cisco VPN (I happen to have that one readily available to me), click on your "Connection Entry", then click the "Modify" button. There will be a hostname or IP address in the "Host" field. (This might actually be shown in the main window.) Open a command prompt and see if you can ping that computer.
Let's start with that and see where we end up.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#297822 - 03/05/2007 15:30
Re: VPN Help Anyone?
[Re: wfaulk]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Thanks for your help.
Q) Was that with the same computer hooked up to the old satellite system, or just via dialup?
A) It worked intermittently when I had an old satellite modem. This modem connected to my PC via a USB connection. Not Ethernet like now. I upgraded so that I could take advantage of a faster upload speed. VPN was using the lower upload speed as the max two-way connection speed. This slowed me down a lot.
Q) What is the IP address you use to connect to the Satellite modem
A) Here’s my ipconfig for that connection. The PC also has a Token Ring card connected to another old PC and another Ethernet port not used at the moment. I also have another PC on the below Ethernet network. That’s why its bridged.
Ethernet adapter Network Bridge (Network Bridge) 3:
Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 192.168.0.4 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1
Q) When you say your VPN client gets to the "signon screen", do you mean it gets to the point where it asks for a username and password?
A) Yes, I get to the sign on screen and enter my ID and password. Then I get no farther.
Q) There will be a hostname or IP address in the "Host" field. (This might actually be shown in the main window.) Open a command prompt and see if you can ping that computer
a) Yes, pings fine
|
Top
|
|
|
|
#297823 - 03/05/2007 15:52
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Quote: Here’s my ipconfig for that connection. The PC also has a Token Ring card connected to another old PC and another Ethernet port not used at the moment. I also have another PC on the below Ethernet network. That’s why its bridged.
Okay, now I'm really confused.
How are your computers and networking equipment connected to each other physically? What I'm getting right now is that you have the modem connected to an ethernet switch, into which you also have two computers connected, including this one. Then you also have another computer connected to this one via token ring. (Out of curiosity, why token ring? Is that some computer that you cannot put an ethernet interface in for some reason?)
If that's correct, how is this computer getting its IP address? Via DHCP? Is 192.168.0.1 your wireless modem? The other computer that's on the same network, is its default route also 192.168.0.1? Can you try setting up the VPN client on that machine so that we can take the connection sharing stuff out of the equation?
_________________________
Bitt Faulk
|
Top
|
|
|
|
#297824 - 03/05/2007 16:08
Re: VPN Help Anyone?
[Re: wfaulk]
|
old hand
Registered: 17/01/2003
Posts: 998
|
I know it is a mess but it connected all the PC’s and I didn’t have to spend any $ .
I pulled the wires on the entire house networking stuff. Now it’s just one PC connected to the modem, still no VPN
If you still think the home stuff might interfere I’ll explain more here, if not just disregard. The master PC is connected to the sat. modem via one ethernet card. This PC is also connected to a second PC via Ethernet and a twisted cable (no switch). This “networked is bridged to the master-modem network so the second PC can connect to the web. The third PC is connect to a TR switch and the master PC is connected to this TR switch as well. This connection is not bridged to the web and is only used to connect the master PC to the third PC so I can take control of the master PC remotely via the third PC. If your not totally confused now I am amazed 
|
Top
|
|
|
|
#297825 - 03/05/2007 16:26
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Okay, so your master PC has three distinct network cables running from it, right?
I assume that when you unplugged everything, you just unplugged all the cables except for the one that runs from the master PC to the modem.
Unfortunately, that doesn't really take the "Network Connection Sharing" out of the picture.
Would it be feasible to plug the second PC directly into the modem (configuring its network so that it is able to access the internet that way, obviously) and install the VPN client software on it? If so, do that. If it still doesn't work, it's likely that something in your ISP's network is preventing the VPN from working. If it does work from there, we can assume that there's a configuration problem with the "Network Connection Sharing".
Actually, one thing you might check first is this: open your Cisco VPN client, modify the appropriate configuration entry, click on the "Transport" tab, and see if "Enable Transparent Tunneling" is checked. If not, check it and try again, if it is, try changing the protocol to the other one. Basically, try every possible option: transparent-disabled, transparent-udp, and transparent-tcp.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#297826 - 03/05/2007 16:28
Re: VPN Help Anyone?
[Re: Redrum]
|
pooh-bah
Registered: 25/08/2000
Posts: 2413
Loc: NH USA
|
I suggest you simplify things until you get your VPN up and running.
Remove the second ethernet card from the master PC, leaving only the one connected to the modem. Multi-homed machine troubleshooting (i.e. a machine bridging networks) is a bear.
Try to get the VPN client working in this configuration. If you can, then you'll know the issue is in the routing.
-Zeke
_________________________
WWFSMD?
|
Top
|
|
|
|
#297827 - 03/05/2007 16:34
Re: VPN Help Anyone?
[Re: wfaulk]
|
old hand
Registered: 17/01/2003
Posts: 998
|
I'll try the second PC however it is in another part of the house and I'll need to move it to the modem.
One thing I'd like to make clear is when I use a dialup ISP both VPN's work fine.
I can't change the settings (at least easily) on the Cisco VPN they have them locked down somehow.
|
Top
|
|
|
|
#297828 - 03/05/2007 16:35
Re: VPN Help Anyone?
[Re: Ezekiel]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: I suggest you simplify things until you get your VPN up and running.
Remove the second ethernet card from the master PC, leaving only the one connected to the modem. Multi-homed machine troubleshooting (i.e. a machine bridging networks) is a bear.
Try to get the VPN client working in this configuration. If you can, then you'll know the issue is in the routing.
-Zeke
Yea I removed all the other cables. I know setting them up was a pain.
|
Top
|
|
|
|
#297829 - 03/05/2007 16:42
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 19/01/2002
Posts: 3584
Loc: Columbus, OH
|
It sounds like your satellite modem is also acting as a router. Can you log into the modem/router through a web interface? If so, see if it has a VPN passthrough function that you can enable. Also, more info: HughesNet VPN FAQ
Edited by JBjorgen (03/05/2007 16:51)
|
Top
|
|
|
|
#297830 - 03/05/2007 16:43
Re: VPN Help Anyone?
[Re: wfaulk]
|
old hand
Registered: 17/01/2003
Posts: 998
|
What I'm confused about is the static IP I got. Does this IP go from -> my PC through the modem to the end-piont? If ao that is not working because my PC is known to the modem as 193.168.0.4 and then on the web when I find my web I{P its different.
When I use dialup I'm one IP from the ISP to the VPN end point and then the ISP converts that to the dialup connection and passes the info to me. Maybe since I'm using one IP to coinnect to the modem and another IP to connect to VPN that's the issue????
|
Top
|
|
|
|
#297831 - 03/05/2007 16:48
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Basically, your modem has a static IP. Your PC has a "private" IP address that is translated to that static IP by your router. This is probably where your problem is. Can you at least see the options in your VPN client? Which is it set to?
Edited by wfaulk (03/05/2007 16:50)
_________________________
Bitt Faulk
|
Top
|
|
|
|
#297832 - 03/05/2007 16:49
Re: VPN Help Anyone?
[Re: JBjorgen]
|
old hand
Registered: 17/01/2003
Posts: 998
|
The only thing I can find to change is stuff like this
Attachments
298638-Screen.bmp (123 downloads)
|
Top
|
|
|
|
#297833 - 03/05/2007 17:02
Re: VPN Help Anyone?
[Re: wfaulk]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: Basically, your modem has a static IP. Your PC has a "private" IP address that is translated to that static IP by your router. This is probably where your problem is. Can you at least see the options in your VPN client? Which is it set to?
I've thought that was the problem but I don't know what to do about it. This new modem has no other connections, just ethernet
I can see Cisco settings .....
Enable Transport Tunneling - is checked
IPSec over TCP – is selected
TCP Port is 1000
I can see
|
Top
|
|
|
|
#297834 - 03/05/2007 17:04
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Weird. That should be the absolutely most stable option.
You say they won't change anything for you, but will they help you troubleshoot at all? It might be helpful to see if they're getting any errors on their side.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#297835 - 03/05/2007 17:18
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 29/08/2000
Posts: 14493
Loc: Canada
|
[deadpan] It would probably help a lot if you could set up VPN access so that Bitt could tunnel in and play with the settings [/deadpan].
|
Top
|
|
|
|
#297836 - 03/05/2007 17:32
Re: VPN Help Anyone?
[Re: wfaulk]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: Weird. That should be the absolutely most stable option.
You say they won't change anything for you, but will they help you troubleshoot at all? It might be helpful to see if they're getting any errors on their side.
Yea those setting work great with dialup via an ISP (Netzero).
I'll try but most of those people hide and even a TR doesn't find them. They'll just say "It works for everyone else. Move somewhere in town and get DSL."
|
Top
|
|
|
|
#297837 - 03/05/2007 17:32
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 19/01/2002
Posts: 3584
Loc: Columbus, OH
|
_________________________
~ John
|
Top
|
|
|
|
#297838 - 03/05/2007 17:36
Re: VPN Help Anyone?
[Re: mlord]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: [deadpan] It would probably help a lot if you could set up VPN access so that Bitt could tunnel in and play with the settings [/deadpan].
I'm sure getting into my PC will be much easier than me getting out.
|
Top
|
|
|
|
#297839 - 03/05/2007 17:48
Re: VPN Help Anyone?
[Re: mlord]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Quote: [deadpan] It would probably help a lot if you could set up VPN access so that Bitt could tunnel in and play with the settings [/deadpan].
|
Top
|
|
|
|
#297840 - 03/05/2007 18:01
Re: VPN Help Anyone?
[Re: JBjorgen]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: More info
Thanks. That is the best document I've seen so far. It mentions I need a router.
I'll buy a router if that fixes the issue. What is your confidence level that a router will fix me up?
I'm now paying an addition $10 a month for the static IP and that did nothing. unless they set it up wrong,
|
Top
|
|
|
|
#297841 - 03/05/2007 18:16
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Your main computer is functioning as a router. That's what "Internet Connection Sharing" does.
Can you run through their steps and find if you fall under "Static IP and DHCP disabled" or "Static IP and DHCP enabled", please?
_________________________
Bitt Faulk
|
Top
|
|
|
|
#297842 - 03/05/2007 18:45
Re: VPN Help Anyone?
[Re: wfaulk]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: Your main computer is functioning as a router. That's what "Internet Connection Sharing" does.
Can you run through their steps and find if you fall under "Static IP and DHCP disabled" or "Static IP and DHCP enabled", please?
Thanks, I am using DHCP with 192.168.0.1 as the gateway. I can’t see anywhere where it says if I have a static IP. It mentions that the static IP should be the same inside the network as out. On the web I look like I have an IP that starts with 66. In the setup for the modem it says LAN 1 IP is 67.45.30.125.
Maybe I should setup DHCP to look at the 67.45.30.125 number or the 66 number. I’m starting to get dizzy with all this info.
LAN1 IP Address: 67.45.30.125 LAN1 Subnet Mask: 255.255.255.252 NPR IP Address: 192.168.0.1 NPR Subnet Mask: 255.255.255.0
|
Top
|
|
|
|
#297843 - 03/05/2007 19:46
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
What I would do at this point is reconfigure the networking on your main PC so that the IP address of the interface connected to the modem is 67.45.30.126 (yes, 126), with a netmask of 255.255.255.252. (You might also have to set your DNS servers to 66.82.4.8 & 66.82.4.12.) Write down how it's configured before you change it so that you can change it back.
WARNING: If what I'm thinking is correct, this means your PC will be directly connected to the internet and accessible by anyone, which is bad, since you're running Windows. I'd leave it set up like this for as short a time as possible. Also turn on the firewall option in your network settings if it isn't already set that way.
Once you have it set up like that, make sure you can access web sites. If you can, try your VPN client again.
Then let us know. You might want to go ahead and reset your network settings.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#297844 - 03/05/2007 21:11
Re: VPN Help Anyone?
[Re: Redrum]
|
old hand
Registered: 16/02/2002
Posts: 867
Loc: Oxford, UK
|
Just a quickie, and apologies for not thoroughly digesting this thread before chiming in....
Your LAN IP network/subnet is 192.168.0.x/255.255.255.0 - VPN will fail (but I can't remember at what stage, and maybe this is client specific anyway) if the LAN you're trying to reach is using the same network/subnet. I'm talking about the office LAN sat behind the remote fixed IP you're trying to connect to.
When connecting via the satellite broadband, the PC interface that's initiating the VPN is 192.168.0.<something>. When you initiate the VPN connection across dialup, the PC interface making the connection is likely to be something completely different (and therefore working).
Posting the results of "ipconfig/all" (from a command prompt window) with and without dialup enabled might give a clue as to whether any of this is worthy of further consideration.
Perhaps more importantly, the results of "ipconfig/all" from a friend working on the remote network would help promote or completely disprove this theory.
Edited by AndrewT (03/05/2007 21:17)
|
Top
|
|
|
|
#297845 - 03/05/2007 21:22
Re: VPN Help Anyone?
[Re: AndrewT]
|
carpal tunnel
Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
|
Y'all are assuming that his problem is NAT traversal.
But since he's running the Cisco VPN client, shouldn't it work across NAT without a problem?
|
Top
|
|
|
|
#297846 - 03/05/2007 22:13
Re: VPN Help Anyone?
[Re: tfabris]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Given the options selected in his Cisco VPN client, yes. What Andrew is talking about is separate from that, though. He's talking about the local networking scheme conflicting with the remote networking scheme by being exactly the same. I'm not totally sure what the exact symptoms of that would be, but it would be bad. I don't think they would match the symptoms he's currently seeing, but I could be wrong about that.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#297847 - 04/05/2007 09:42
Re: VPN Help Anyone?
[Re: wfaulk]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: What I would do at this point is reconfigure the networking on your main PC so that the IP address of the interface connected to the modem is 67.45.30.126 (yes, 126), with a netmask of 255.255.255.252. (You might also have to set your DNS servers to 66.82.4.8 & 66.82.4.12.) Write down how it's configured before you change it so that you can change it back.
WARNING: If what I'm thinking is correct, this means your PC will be directly connected to the internet and accessible by anyone, which is bad, since you're running Windows. I'd leave it set up like this for as short a time as possible. Also turn on the firewall option in your network settings if it isn't already set that way.
Once you have it set up like that, make sure you can access web sites. If you can, try your VPN client again.
Then let us know. You might want to go ahead and reset your network settings.
I removed all the bridge config. stuff, that didn't help
I went ahead and tried the 67. stuff you recommended and couldn't connect to the web.
I don't know what I'm doing that is so wrong.
thanks for your help
|
Top
|
|
|
|
#297848 - 04/05/2007 09:46
Re: VPN Help Anyone?
[Re: AndrewT]
|
old hand
Registered: 17/01/2003
Posts: 998
|
I logged on to one of the networks I'm trying to reach and ping’ed for 192.168.0.1 …2 ….3 … 4 and got no response. I don’t thing they are using that range. In the past when I connected through VPN I think I was given an IP on the network that matched their ranges.
Seems like for some reason the handshaking (or whatever it is) is failing after I send my logon information.
thanks
|
Top
|
|
|
|
#297849 - 04/05/2007 10:13
Re: VPN Help Anyone?
[Re: AndrewT]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Here's my ipconfig when I'm connected to Netzero and VPN'ing.
C:\Documents and Settings\jash.CIN02JASH>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : CIN02JASH Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : Yes WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : lenscrafters.com
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast Ethernet Controller (3C905C-TX Compatible) Physical Address. . . . . . . . . : 00-08-74-9D-D0-67
Ethernet adapter {234CED25-DEE7-470E-B76B-55977D187AD7}:
Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Nortel IPSECSHM Adapter - Packet Sch eduler Miniport Physical Address. . . . . . . . . : 44-45-53-54-42-00 Dhcp Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . . . . : 0.0.0.0 Default Gateway . . . . . . . . . :
PPP adapter NetZero:
Connection-specific DNS Suffix . : Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface Physical Address. . . . . . . . . : 00-53-45-00-00-00 Dhcp Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 4.229.195.254 Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : 4.229.195.254 DNS Servers . . . . . . . . . . . : 64.136.28.120 64.136.20.120
Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Cisco Systems VPN Adapter Physical Address. . . . . . . . . : 00-05-9A-3C-78-00 Dhcp Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 10.80.177.9 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : 10.80.1.77 10.80.1.114
|
Top
|
|
|
|
#297850 - 04/05/2007 10:31
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 19/01/2002
Posts: 3584
Loc: Columbus, OH
|
Just a shot in the dark, but when I was on StarBand, everything ran through a Internet Accelerator proxy. I had to disable the proxy to do things like VPN. Is there anything like that going on?
_________________________
~ John
|
Top
|
|
|
|
#297851 - 04/05/2007 10:57
Re: VPN Help Anyone?
[Re: wfaulk]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: What I would do at this point is reconfigure the networking on your main PC so that the IP address of the interface connected to the modem is 67.45.30.126 (yes, 126), with a netmask of 255.255.255.252. (You might also have to set your DNS servers to 66.82.4.8 & 66.82.4.12.) Write down how it's configured before you change it so that you can change it back.
WARNING: If what I'm thinking is correct, this means your PC will be directly connected to the internet and accessible by anyone, which is bad, since you're running Windows. I'd leave it set up like this for as short a time as possible. Also turn on the firewall option in your network settings if it isn't already set that way.
Once you have it set up like that, make sure you can access web sites. If you can, try your VPN client again.
Then let us know. You might want to go ahead and reset your network settings.
Well its not working but I think I'm real close. It looks like you were right on about this setup. The only part missing was the DNS (how would you know). I found this and setup my PC with the 67 address and I got to the web. I think now I just need someone to change my Cisco VPN Client to use IP over UDP instead of IP over TCP. I'll let you know how it goes.
Here's the key link here... I hope!!!
http://groups.google.com/group/alt.satel...b5017e55fd683ff
|
Top
|
|
|
|
#297852 - 04/05/2007 11:12
Re: VPN Help Anyone?
[Re: JBjorgen]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: Just a shot in the dark, but when I was on StarBand, everything ran through a Internet Accelerator proxy. I had to disable the proxy to do things like VPN. Is there anything like that going on?
Yes, good tip, there is a "Turbo page" (god what a name) I'll try to shut that off.
|
Top
|
|
|
|
#297853 - 04/05/2007 11:44
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Quote: I think now I just need someone to change my Cisco VPN Client to use IP over UDP instead of IP over TCP.
Hmm. Read that link. They have a potential point about the latency, but that's kinda odd. Still, it could be the issue.
However, if it is, you're probably wasting your money with the static IP (unless it's free). If you can get the VPN changed from TCP to UDP and it works, I'd try it with your old network configuration, too, and, if it works there, get rid of the extra static IP expense.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#297854 - 04/05/2007 13:27
Re: VPN Help Anyone?
[Re: wfaulk]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote:
Quote: I think now I just need someone to change my Cisco VPN Client to use IP over UDP instead of IP over TCP.
Hmm. Read that link. They have a potential point about the latency, but that's kinda odd. Still, it could be the issue.
However, if it is, you're probably wasting your money with the static IP (unless it's free). If you can get the VPN changed from TCP to UDP and it works, I'd try it with your old network configuration, too, and, if it works there, get rid of the extra static IP expense.
A big thanks Bitt and everyone else. And a big middle finger to Huhges support, man they suck. They didn't clue me in at all on the static IP. You’d think the satellite modem would route you correctly after a static IP was installed. I got into one of the VPN sites. Hopefully I can get into the other one as well. I changed the setting to UDP (config file was just locked down with read only) and that worked.
Thanks, I’ll try going back to the old config and see what happens. It is an extra $10 a month I hope I can not give that to Huhges.
Hopefully I can get the other VPN up. It currently doesn’t work with dialup so I may have configuration issues there. At least that company has dialup access.
The latency is annoying but livable. If you’re in a Putty session or something “live” there is a delayed keying response. But at least you don’t have to wait forever for graphics to load.
thanks again.
|
Top
|
|
|
|
#297855 - 04/05/2007 17:01
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
In that thread you linked to, the person said that the Hughes techs were idiots. Basically, before you purchased the static IP, your modem had a randomly assigned IP address, your computer had a private address, and the modem translated your private IP address to its random public one. Once you purchased the static IP, you got one that you could configure on your PC, but the techs didn't tell you that, so you still had the private IP assigned, and the modem continued to translate your private IP to some random one.
However, none of that should really have a huge bearing on your VPN access, since you have "NAT Traversal" turned on in the VPN client. I could go into why that makes a difference, but neither you nor anyone else cares.
What I'm getting at is that I doubt that there's a difference between you having purchased a static IP and not using it, like you were doing until you changed your PC's network configuration, and not having a static IP at all. So, if I were you, now that you have the VPN working, is reconfigure your PC to use the private address, and then test your VPN client again. If it still works, drop the static IP service. If not, keep it. There is the possibility that there is a difference between the two states, so it's vaguely possible that you'll drop the static IP and the VPN will stop working, but I doubt it. If so, though, you can always have them give you that service again.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#297856 - 04/05/2007 18:00
Re: VPN Help Anyone?
[Re: wfaulk]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: In that thread you linked to, the person said that the Hughes techs were idiots. Basically, before you purchased the static IP, your modem had a randomly assigned IP address, your computer had a private address, and the modem translated your private IP address to its random public one. Once you purchased the static IP, you got one that you could configure on your PC, but the techs didn't tell you that, so you still had the private IP assigned, and the modem continued to translate your private IP to some random one.
However, none of that should really have a huge bearing on your VPN access, since you have "NAT Traversal" turned on in the VPN client. I could go into why that makes a difference, but neither you nor anyone else cares.
What I'm getting at is that I doubt that there's a difference between you having purchased a static IP and not using it, like you were doing until you changed your PC's network configuration, and not having a static IP at all. So, if I were you, now that you have the VPN working, is reconfigure your PC to use the private address, and then test your VPN client again. If it still works, drop the static IP service. If not, keep it. There is the possibility that there is a difference between the two states, so it's vaguely possible that you'll drop the static IP and the VPN will stop working, but I doubt it. If so, though, you can always have them give you that service again.
Thanks I will do just that.
Since I have an IP for my PC that is known on the internet maybe I could setup a web server or VNC into my PC from the web, couldn't I?
I don't know for sure if that is worth $10.
|
Top
|
|
|
|
#297857 - 04/05/2007 18:14
Re: VPN Help Anyone?
[Re: Redrum]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Quote: Since I have an IP for my PC that is known on the internet maybe I could setup a web server or VNC into my PC from the web, couldn't I?
Yes. You don't even need a static IP for that, but you do need to either control the NAT device to allow incoming connections, which I assume you can't do, or it needs to not be NATted at all, with your PC itself getting the "random" address, which is not how it seems to be set up in your case. So while it's not the static IP itself that would allow you to do that, the side effects of ordering one in your case is what would allow that.
_________________________
Bitt Faulk
|
Top
|
|
|
|
|
|