Clicky

I have a client who until recently was using a DSL connection and had remote access in to their network over SSL VPN using a Netgear SRXN3205.

They are in a rural area and the DSL line was too slow for their needs, so they are testing out a Mobile Internet "Hub" (as termed by the provider). It is essentially a Modem/Router that works on the 4G network. It has wireless b/g for internal use as well as a 4 port switch built in.

I was able to configure the Netgear device as an access point behind the Mobile device and give users access to the LAN and Internet.

I'm wondering if it's possible to still allow VPN access using the Netgear in this configuration.

On the Mobile device I am able to forward port 443 to the Netgear, and I can see the port open from the Internet.

The portal at https://public.ip.address/portal/SSL is not working however. On the Netgear I have the portal configured at https://192.168.1.2/portal/SSL

Has anyone tried this kind of a setup before? What other configuration might I require on the Mobile device or Netgear to get this working? Or is it even possible?

Thanks,
IT_Service

asked 12/03/2011 03:41

IT_Service's gravatar image

IT_Service ♦♦


6 Answers:
I am not familiar with those products, but the firewalls that I work with normally require the WAN interface to have the Public IP address for VPN to work.
If you have a Windows server then you could setup a PPTP or other WIndows VPN.  Then set the port forwarding as needed and change to a Windows VPN.

Otherwise, I would check on that device from the ISP and ask if it has any type of bridged mode feature so that the public IP can be set on the Router/Firewall.  Or maybe it is possible to assign your Netgear a Public IP with some reconfig os the ISP device.
link

answered

chakko's gravatar image

chakko

What do you mean by "On the Netgear I have the portal configured at https://192.168.1.2/portal/SSL"?

Did you switch from:

VPN ---1--- internet --2-- DSL modem --3--  Netgear SRXN3205 --4---- computer (VPN)

to

VPN ---1--- internet --2-- Mobile Internet "Hub" --3--  Netgear SRXN3205 --4---- computer (VPN)


"On the Mobile device I am able to forward port 443 to the Netgear, and I can see the port open from the Internet."

Is the Netgear setup correctly to forward port 443 or other secure ports? Have you tried to DMZ the computer and see if that works?

link

answered 2011-12-03 at 20:38:58

inbox788's gravatar image

inbox788

@chakko - that may be the case ... that the WAN port needs to be used, in which case they are probably out of luck with this type of connection. There is no 'bridged mode' feature on the Mobile device.

@inbox788 - You are correct in what was changed, but note that the VPN is not being hosted by any computer or server. The VPN is configured on the Netgear SRXN3205. The config screen where I set up the VPN shows the SSL portal at that URL --> https://192.168.1.2/portal/SSL



link

answered 2011-12-05 at 14:12:18

IT_Service's gravatar image

IT_Service

I see. Looks like you're using the router to tunnel the VPN. Have you enabled remote management on the router? Are you using an administrator level account on the client?
link

answered 2011-12-05 at 15:43:18

inbox788's gravatar image

inbox788

Did you get an internet package with more than 1 IP address?  if yes, then maybe you can assign the WAN interface with a public IP, and if the Mobile device is performing a NAT function that may need to be turned off.
link

answered 2011-12-05 at 16:32:14

chakko's gravatar image

chakko

Decided to just work around this issue for now.

I think chakko is correct in that it likely has to be the WAN port.

Thanks for the advice.
link

answered 2011-12-05 at 18:45:53

IT_Service's gravatar image

IT_Service

Your answer
[hide preview]

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Tags:

×40
×3
×1

Asked: 12/03/2011 03:41

Seen: 217 times

Last updated: 12/11/2011 01:32