VPN....May be Off Topic

  • Thread starter Thread starter nick
  • Start date Start date
N

nick

This may be off topic, but I couldn't find the right group for it...


I went to a site that had a VPN/Router device. It looked as if it was
in bridged ethernet mode with Bellsouth's Netopia device because the
DSL sign on information was in the VPN/Router. I'm used to only seeing
this information on the Netopia, and having the VPN or router device
pull an IP from the Netopia.

Ok well it seems that Bellsouth reset all the settings on the Netopia.
The only way to get the Internet to work was to tell the VPN/Router to
pull an IP automatically from the Netopia device.

That was fine until I tried to reestablish the VPN. I'm aware that
VPN's may have problems with NAT. I assumed that the original tech
setup the router in bridged ethernet so that it would "look" as if the
VPN/Router held the Netopia's public IP thereby facilitating the VPN
connection.

Instead I left it as is, and used IP Passthrough on the Netopia to the
VPN/Router. However, users are complaining that the connection to the
remote software shifts in speed. Could this be because of IP
passthrough? Or could it be just their cruddy DSL that keeps going out?
 
nick said:
I went to a site that had a VPN/Router device. It looked as if it was
in bridged ethernet mode with Bellsouth's Netopia device because
Click to expand...

Probably true.
Ok well it seems that Bellsouth reset all the settings on the Netopia.
The only way to get the Internet to work was to tell the VPN/Router to
pull an IP automatically from the Netopia device.

That was fine until I tried to reestablish the VPN. I'm aware that
VPN's may have problems with NAT. I assumed that the original tech
setup the router in bridged ethernet so that it would "look" as if the
VPN/Router held the Netopia's public IP thereby facilitating the VPN
connection.
Click to expand...

Yep. Except it didn't "look" like it had the Public IP#,...it actually did
have the Public IP#
Instead I left it as is, and used IP Passthrough on the Netopia to the
VPN/Router. However, users are complaining that the connection to the
remote software shifts in speed. Could this be because of IP
passthrough?
Click to expand...

That could be. The VPN Passthrough functionality has additonal "over-head"
added to the mix that was not there before.
Or could it be just their cruddy DSL that keeps going out?
Click to expand...

Could be that too. VPN will only match up with and run at the slower
"upload" speed of the DSL. The faster "download" speed is just going to
waste and is unusable to the VPN. But then it could also be *both* at the
same time,...VPN Passthrough plus the crappy DSL.

Best solution is to either put the Netopia and the VPN/Router back exactly
as it was before when it was working right,...or throw out the Netopia and
replace it with a "straight" simple DSL Modem (no NAT, no router, no
firewall) that is compatible with the Bell South DSL,...then configure the
VPN/Router directly with the Public IP# Specs. The VPN /Router may also
need to be capable of using PPPoE,...that is the only logical reason that
there ever would have been any "DSL Sign-On" information in the first place.
There is no "sign-on" information for non-PPPoE DSL connections. At this
point the VPN/Router will "become" their "firewall",...so then you can call
it their VPN/Firewall.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
 
Probably true.



Yep. Except it didn't "look" like it had the Public IP#,...it actually did
have the Public IP#


That could be. The VPN Passthrough functionality has additonal "over-head"
added to the mix that was not there before.


Could be that too.  VPN will only match up with and run at the slower
"upload" speed of the DSL.  The faster "download" speed is just going to
waste and is unusable to the VPN.  But then it could also be *both* at the
same time,...VPN Passthrough plus the crappy DSL.

Best solution is to either put the Netopia and the VPN/Router back exactly
as it was before when it was working right,...or throw out the Netopia and
replace it with a "straight" simple DSL Modem (no NAT, no router, no
firewall) that is compatible with the Bell South DSL,...then configure the
VPN/Router directly with the Public IP# Specs.   The VPN /Router may also
need to be capable of using PPPoE,...that is the only logical reason that
there ever would have been any "DSL Sign-On" information in the first place.
There is no "sign-on" information for non-PPPoE DSL connections.  At this
point the VPN/Router will "become" their "firewall",...so then you can call
it their VPN/Firewall.

--
Phillip Windellwww.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Click to expand...

Good Lord, man! If I could only carry you around in my pocket! Thanks,
Phillip! You're the best!
 
Good Lord, man! If I could only carry you around in my pocket! Thanks,
Phillip! You're the best!- Hide quoted text -

- Show quoted text -
Click to expand...

Phillip, I'm used to the device getting the public IP. What I mean is
that if I take a cable modem, or a dsl modem, and put it on the
network it will be assigned an IP. However, it may or may not work
depending on whether the device is registered/compatible. So in my
mind it would seem as if the VPN router was acting as the DSL modem
(Netopia). Therefore the DSL modem would not be needed.

If I take the DSL modem away then the connection would be non-
existent. That is, that the VPN/Router cannot act as a DSL device. So
technically the signal comes in and hits the DSL. The DSL is assigned
an IP. In IP Passthrough the TCP/IP packets get passed to the VPN/
Router so that it gets the IP address?

So without the DSL there would be no show. So technically, what is
different about bidged ethernet versus IP passthrough?

And what certified person would know this stuff? A CCNA? I don't
recall studying this stuff for MCSE.
 
Good Lord, man! If I could only carry you around in my pocket! Thanks,
Phillip! You're the best!- Hide quoted text -
Click to expand...

It's rare that I get in anyone's pants over networking. Asking the girls
about their bandwidth hasn't done well as a pickup line. :-)
Phillip, I'm used to the device getting the public IP. What I mean is
that if I take a cable modem, or a dsl modem, and put it on the
network it will be assigned an IP. However, it may or may not work
depending on whether the device is registered/compatible. So in my
mind it would seem as if the VPN router was acting as the DSL modem
(Netopia). Therefore the DSL modem would not be needed.
Click to expand...

Couple things:

An DSL Modem has no IP#. It is simply a Layer 1&2 device. It is effectively
just barely more than an "adapter" between the phone line and the ethernet
cable.

What are commonly called "routers" with this stuff are really just cheap
"low-end" NAT based firewalls. That is what the Netopia is. These are what
have the IP numbers. Their are some "routers" out there where the Modem
portion is built into the same piece of plastic but that is not the most
common way it is done. Maybe your Netopia has the Modem built into the same
device,...I don't know

If you configure the Netopia to operate in bridging mode then is *ceases* to
be a "router" or a NAT firewall and acts pretty much the same as a Layer2
Switch (which are effectively bridges). This is typically done when the
Modem portion is built into the same device so you can operate it as if it
was just a straight Modem with all the other functionality "out of the way".
Once done, the Public IP# can be placed on the VPN Device.

I see your choices this way. Restore the Netopia back the configuration it
originally had (whatever that was),...or get rid of it and use a straight
simple DSL Modem and use the VPN Device as the "router" that has the Public
IP# on the external side.
And what certified person would know this stuff? A CCNA? I don't
recall studying this stuff for MCSE.
Click to expand...

MCSE is mostly Microsoft OS centric or at least centric to MS products but
does cover general networking design.

CCNA focuses mostly on network theory, design, and routing.

Both cover the OSA Layers pretty well. None of them cover "how DSL or
CableTV Internet works".

I don't have an MCSE, don't expect I ever will.
I do have an old expired CCNA
I also don't have a High School Diploma. I only finished my Freshman year
and first semester of Sophmore year. (Ok, ok,..so I did do the GED thing).


--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
 
Phillip Windell said:
Both cover the OSA Layers pretty well. None of them cover "how DSL or
CableTV Internet works".
Click to expand...

Had I made it through High School, I probably would have spelled OSI Layers
correctly

:-)
 
Had I made it through High School, I probably would have spelled OSI Layers
correctly

:-)
Click to expand...

You were probably the type in high school that got bored quickly. I
was like that.

Thanks for the explanations. They are excellent. Clear, cut and
practical. You're the man!

And don't worry about the pants thing...I have a wife and kid. I'm
sure you're a good looking guy and all that, but I wasn't trying to
put the moves on you. (And if I was I would've gone for a guy on these
forums that had his CCIE!)
 
You were probably the type in high school that got bored quickly. I
was like that.
Click to expand...

Yep. Pretty much.
Thanks for the explanations. They are excellent. Clear, cut and
practical. You're the man!
Click to expand...

You're welcome!
sure you're a good looking guy and all that, but I wasn't trying to
put the moves on you. (And if I was I would've gone for a guy on these
forums that had his CCIE!)
Click to expand...

Yea,..those CCIE's,...they always get all the action.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
 
Back
Top