Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Page 2 of 2 < 1 2
Topic Options
#297842 - 03/05/2007 18:45 Re: VPN Help Anyone? [Re: wfaulk]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
Quote:
Your main computer is functioning as a router. That's what "Internet Connection Sharing" does.

Can you run through their steps and find if you fall under "Static IP and DHCP disabled" or "Static IP and DHCP enabled", please?


Thanks, I am using DHCP with 192.168.0.1 as the gateway. I can’t see anywhere where it says if I have a static IP. It mentions that the static IP should be the same inside the network as out. On the web I look like I have an IP that starts with 66. In the setup for the modem it says LAN 1 IP is 67.45.30.125.

Maybe I should setup DHCP to look at the 67.45.30.125 number or the 66 number. I’m starting to get dizzy with all this info.

LAN1 IP Address: 67.45.30.125
LAN1 Subnet Mask: 255.255.255.252
NPR IP Address: 192.168.0.1
NPR Subnet Mask: 255.255.255.0

Top
#297843 - 03/05/2007 19:46 Re: VPN Help Anyone? [Re: Redrum]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
What I would do at this point is reconfigure the networking on your main PC so that the IP address of the interface connected to the modem is 67.45.30.126 (yes, 126), with a netmask of 255.255.255.252. (You might also have to set your DNS servers to 66.82.4.8 & 66.82.4.12.) Write down how it's configured before you change it so that you can change it back.

WARNING: If what I'm thinking is correct, this means your PC will be directly connected to the internet and accessible by anyone, which is bad, since you're running Windows. I'd leave it set up like this for as short a time as possible. Also turn on the firewall option in your network settings if it isn't already set that way.

Once you have it set up like that, make sure you can access web sites. If you can, try your VPN client again.

Then let us know. You might want to go ahead and reset your network settings.
_________________________
Bitt Faulk

Top
#297844 - 03/05/2007 21:11 Re: VPN Help Anyone? [Re: Redrum]
AndrewT
old hand

Registered: 16/02/2002
Posts: 867
Loc: Oxford, UK
Just a quickie, and apologies for not thoroughly digesting this thread before chiming in....

Your LAN IP network/subnet is 192.168.0.x/255.255.255.0 - VPN will fail (but I can't remember at what stage, and maybe this is client specific anyway) if the LAN you're trying to reach is using the same network/subnet. I'm talking about the office LAN sat behind the remote fixed IP you're trying to connect to.

When connecting via the satellite broadband, the PC interface that's initiating the VPN is 192.168.0.<something>. When you initiate the VPN connection across dialup, the PC interface making the connection is likely to be something completely different (and therefore working).

Posting the results of "ipconfig/all" (from a command prompt window) with and without dialup enabled might give a clue as to whether any of this is worthy of further consideration.

Perhaps more importantly, the results of "ipconfig/all" from a friend working on the remote network would help promote or completely disprove this theory.


Edited by AndrewT (03/05/2007 21:17)

Top
#297845 - 03/05/2007 21:22 Re: VPN Help Anyone? [Re: AndrewT]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31600
Loc: Seattle, WA
Y'all are assuming that his problem is NAT traversal.

But since he's running the Cisco VPN client, shouldn't it work across NAT without a problem?
_________________________
Tony Fabris

Top
#297846 - 03/05/2007 22:13 Re: VPN Help Anyone? [Re: tfabris]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
Given the options selected in his Cisco VPN client, yes. What Andrew is talking about is separate from that, though. He's talking about the local networking scheme conflicting with the remote networking scheme by being exactly the same. I'm not totally sure what the exact symptoms of that would be, but it would be bad. I don't think they would match the symptoms he's currently seeing, but I could be wrong about that.
_________________________
Bitt Faulk

Top
#297847 - 04/05/2007 09:42 Re: VPN Help Anyone? [Re: wfaulk]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
Quote:
What I would do at this point is reconfigure the networking on your main PC so that the IP address of the interface connected to the modem is 67.45.30.126 (yes, 126), with a netmask of 255.255.255.252. (You might also have to set your DNS servers to 66.82.4.8 & 66.82.4.12.) Write down how it's configured before you change it so that you can change it back.

WARNING: If what I'm thinking is correct, this means your PC will be directly connected to the internet and accessible by anyone, which is bad, since you're running Windows. I'd leave it set up like this for as short a time as possible. Also turn on the firewall option in your network settings if it isn't already set that way.

Once you have it set up like that, make sure you can access web sites. If you can, try your VPN client again.

Then let us know. You might want to go ahead and reset your network settings.


I removed all the bridge config. stuff, that didn't help

I went ahead and tried the 67. stuff you recommended and couldn't connect to the web.

I don't know what I'm doing that is so wrong.

thanks for your help

Top
#297848 - 04/05/2007 09:46 Re: VPN Help Anyone? [Re: AndrewT]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
I logged on to one of the networks I'm trying to reach and ping’ed for 192.168.0.1 …2 ….3 … 4 and got no response. I don’t thing they are using that range. In the past when I connected through VPN I think I was given an IP on the network that matched their ranges.

Seems like for some reason the handshaking (or whatever it is) is failing after I send my logon information.

thanks

Top
#297849 - 04/05/2007 10:13 Re: VPN Help Anyone? [Re: AndrewT]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
Here's my ipconfig when I'm connected to Netzero and VPN'ing.

C:\Documents and Settings\jash.CIN02JASH>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : CIN02JASH
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lenscrafters.com

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast Ethernet
Controller (3C905C-TX Compatible)
Physical Address. . . . . . . . . : 00-08-74-9D-D0-67

Ethernet adapter {234CED25-DEE7-470E-B76B-55977D187AD7}:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Nortel IPSECSHM Adapter - Packet Sch
eduler Miniport
Physical Address. . . . . . . . . : 44-45-53-54-42-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :

PPP adapter NetZero:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 4.229.195.254
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 4.229.195.254
DNS Servers . . . . . . . . . . . : 64.136.28.120
64.136.20.120

Ethernet adapter Local Area Connection 4:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Cisco Systems VPN Adapter
Physical Address. . . . . . . . . : 00-05-9A-3C-78-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.80.177.9
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.80.1.77
10.80.1.114

Top
#297850 - 04/05/2007 10:31 Re: VPN Help Anyone? [Re: Redrum]
JBjorgen
carpal tunnel

Registered: 19/01/2002
Posts: 3584
Loc: Columbus, OH
Just a shot in the dark, but when I was on StarBand, everything ran through a Internet Accelerator proxy. I had to disable the proxy to do things like VPN. Is there anything like that going on?
_________________________
~ John

Top
#297851 - 04/05/2007 10:57 Re: VPN Help Anyone? [Re: wfaulk]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
Quote:
What I would do at this point is reconfigure the networking on your main PC so that the IP address of the interface connected to the modem is 67.45.30.126 (yes, 126), with a netmask of 255.255.255.252. (You might also have to set your DNS servers to 66.82.4.8 & 66.82.4.12.) Write down how it's configured before you change it so that you can change it back.

WARNING: If what I'm thinking is correct, this means your PC will be directly connected to the internet and accessible by anyone, which is bad, since you're running Windows. I'd leave it set up like this for as short a time as possible. Also turn on the firewall option in your network settings if it isn't already set that way.

Once you have it set up like that, make sure you can access web sites. If you can, try your VPN client again.

Then let us know. You might want to go ahead and reset your network settings.


Well its not working but I think I'm real close. It looks like you were right on about this setup. The only part missing was the DNS (how would you know). I found this and setup my PC with the 67 address and I got to the web. I think now I just need someone to change my Cisco VPN Client to use IP over UDP instead of IP over TCP. I'll let you know how it goes.

Here's the key link here... I hope!!!

http://groups.google.com/group/alt.satel...b5017e55fd683ff

Top
#297852 - 04/05/2007 11:12 Re: VPN Help Anyone? [Re: JBjorgen]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
Quote:
Just a shot in the dark, but when I was on StarBand, everything ran through a Internet Accelerator proxy. I had to disable the proxy to do things like VPN. Is there anything like that going on?


Yes, good tip, there is a "Turbo page" (god what a name) I'll try to shut that off.

Top
#297853 - 04/05/2007 11:44 Re: VPN Help Anyone? [Re: Redrum]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
Quote:
I think now I just need someone to change my Cisco VPN Client to use IP over UDP instead of IP over TCP.

Hmm. Read that link. They have a potential point about the latency, but that's kinda odd. Still, it could be the issue.

However, if it is, you're probably wasting your money with the static IP (unless it's free). If you can get the VPN changed from TCP to UDP and it works, I'd try it with your old network configuration, too, and, if it works there, get rid of the extra static IP expense.
_________________________
Bitt Faulk

Top
#297854 - 04/05/2007 13:27 Re: VPN Help Anyone? [Re: wfaulk]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
Quote:
Quote:
I think now I just need someone to change my Cisco VPN Client to use IP over UDP instead of IP over TCP.

Hmm. Read that link. They have a potential point about the latency, but that's kinda odd. Still, it could be the issue.

However, if it is, you're probably wasting your money with the static IP (unless it's free). If you can get the VPN changed from TCP to UDP and it works, I'd try it with your old network configuration, too, and, if it works there, get rid of the extra static IP expense.



A big thanks Bitt and everyone else. And a big middle finger to Huhges support, man they suck. They didn't clue me in at all on the static IP. You’d think the satellite modem would route you correctly after a static IP was installed. I got into one of the VPN sites. Hopefully I can get into the other one as well. I changed the setting to UDP (config file was just locked down with read only) and that worked.

Thanks, I’ll try going back to the old config and see what happens. It is an extra $10 a month I hope I can not give that to Huhges.

Hopefully I can get the other VPN up. It currently doesn’t work with dialup so I may have configuration issues there. At least that company has dialup access.

The latency is annoying but livable. If you’re in a Putty session or something “live” there is a delayed keying response. But at least you don’t have to wait forever for graphics to load.

thanks again.

Top
#297855 - 04/05/2007 17:01 Re: VPN Help Anyone? [Re: Redrum]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
In that thread you linked to, the person said that the Hughes techs were idiots. Basically, before you purchased the static IP, your modem had a randomly assigned IP address, your computer had a private address, and the modem translated your private IP address to its random public one. Once you purchased the static IP, you got one that you could configure on your PC, but the techs didn't tell you that, so you still had the private IP assigned, and the modem continued to translate your private IP to some random one.

However, none of that should really have a huge bearing on your VPN access, since you have "NAT Traversal" turned on in the VPN client. I could go into why that makes a difference, but neither you nor anyone else cares.

What I'm getting at is that I doubt that there's a difference between you having purchased a static IP and not using it, like you were doing until you changed your PC's network configuration, and not having a static IP at all. So, if I were you, now that you have the VPN working, is reconfigure your PC to use the private address, and then test your VPN client again. If it still works, drop the static IP service. If not, keep it. There is the possibility that there is a difference between the two states, so it's vaguely possible that you'll drop the static IP and the VPN will stop working, but I doubt it. If so, though, you can always have them give you that service again.
_________________________
Bitt Faulk

Top
#297856 - 04/05/2007 18:00 Re: VPN Help Anyone? [Re: wfaulk]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
Quote:
In that thread you linked to, the person said that the Hughes techs were idiots. Basically, before you purchased the static IP, your modem had a randomly assigned IP address, your computer had a private address, and the modem translated your private IP address to its random public one. Once you purchased the static IP, you got one that you could configure on your PC, but the techs didn't tell you that, so you still had the private IP assigned, and the modem continued to translate your private IP to some random one.

However, none of that should really have a huge bearing on your VPN access, since you have "NAT Traversal" turned on in the VPN client. I could go into why that makes a difference, but neither you nor anyone else cares.

What I'm getting at is that I doubt that there's a difference between you having purchased a static IP and not using it, like you were doing until you changed your PC's network configuration, and not having a static IP at all. So, if I were you, now that you have the VPN working, is reconfigure your PC to use the private address, and then test your VPN client again. If it still works, drop the static IP service. If not, keep it. There is the possibility that there is a difference between the two states, so it's vaguely possible that you'll drop the static IP and the VPN will stop working, but I doubt it. If so, though, you can always have them give you that service again.


Thanks I will do just that.

Since I have an IP for my PC that is known on the internet maybe I could setup a web server or VNC into my PC from the web, couldn't I?

I don't know for sure if that is worth $10.

Top
#297857 - 04/05/2007 18:14 Re: VPN Help Anyone? [Re: Redrum]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
Quote:
Since I have an IP for my PC that is known on the internet maybe I could setup a web server or VNC into my PC from the web, couldn't I?

Yes. You don't even need a static IP for that, but you do need to either control the NAT device to allow incoming connections, which I assume you can't do, or it needs to not be NATted at all, with your PC itself getting the "random" address, which is not how it seems to be set up in your case. So while it's not the static IP itself that would allow you to do that, the side effects of ordering one in your case is what would allow that.
_________________________
Bitt Faulk

Top
Page 2 of 2 < 1 2