Topic: VPN/VNC With 4.1.2

[Mike]

I am essentially trying to connect a client on one network to a client on another network (Client1 <==> eSmith Server <==> NT Server <==> Client 2).  I tried to get this working on 4.1.1, but understood there was an issue with IP masquerading.  But, my understanding is that 4.1.2 has corrected that issue.  I first tried upgrading to 4.1.2, then fresh reinstall.  Neither update seems to have corrected my problem.  If I take esmith out of loop, I can connect fine. With 4.1.1, first client would 'say' VPN tunnel connected, but VNC would not connect to non-routable IP address on other end. Upgraded to 4.1.2. Now I don't even get VPN tunnel. Any ideas?

Thanks in advance for any help.
Mike

[raj]

Hi Mike,
       IF i am correct it has something to do with port forwarding. You want to forward your packets. I have a hardeware based firewall for a client, and we connect to it from the outside and i forward my packets to a internal host (NT4) once i am in i can do what i like.

my setup is as follows  internet--hardwarefirewall-with static ip-->>portforwarding on to 192.168.x.x to NT server

nt server is running vnc on it and all of my packets get forwarded.

once i am in here i can access anything.

i know your scenario is different, i assume that your e-smith is your firewall gateway machine and your NT is your other gatway mahcine.

you many want to possible have pptp between the e-smith and the nt box and then just allow those users.

its theoretical here as i am not doing it quite exactly like you.

Raj

[Mike]

Actually Raj, my setup is more like what you described (win 98 client -- e-smith box -- Internet -- nt server/firewall -- nt client).  The NT server/firewall is enabled to allow VPN tunnel into network.  Once I am into network, NT client has VNC installed and I can access from VNC on 98 client.  

I suspect I have to do something with port forwarding, but the topic is still a little over my head.  Currently, I remove e-smith from mix and it works correctly.  

I wrote org. message because I thought that 4.1.2 had enhancements so i did not have to mess with port forwarding and just allow VPN tunnel to pass through.  

Thank you very much for responding to my request for help.

Mike

[Charlie Brady]

Mike wrote:

> I wrote org. message because I thought that 4.1.2 had
> enhancements so i did not have to mess with port forwarding
> and just allow VPN tunnel to pass through.

It does.

Charlie

[Mike]

OK, what am I doing wrong.  I cannot even get VPN Tunnel to create.  I know that Client and server on other end are setup correct because if I remove e-smith server I connect properly.  But with e-smith server in loop, here is what I get when I try to create VPN connection:

Connecting security gateway xxx.xxx.xxx.xxx
Retrieving configuration for gateway xxx.xxx.xxx.xxx
Error downloading tunnels
Error retrieving information.  Terminating connect operation.

Any ideas?

Mike