[Vpn-help] RV042 with Shrew VPN Client
Michel Savarin
analdistortion at hotmail.com
Thu Aug 20 03:50:02 CDT 2009
Hello folks, at first sorry about my english.
My VPN Group Tunnel on RV042 with Shrew is working like a charm, (btw thank you very much for the development team, doing a good job like this and for free), but here we go...
I followed this how to http://www.shrew.net/support/wiki/HowtoLinksys, and as i can see on it my router doesn't support modcfg and becouse of this I cannot "auto assign" an ip address.
Since I have 40 possible users for VPN, and every month some ppls on this "team" changes, is pretty annoying choose myself an IP for each one, so I have tried with "use an existing adapter and current adress" option, and seems it is all ok, but searching for more info about this option I found this following known issues about another router howto (Zywall):
Select the "Use an existing adapter and current address" option under the General tab. This also works with my Zywall but will has some severe limitations in a production environment ...
a) Two clients cannot use the same public adapter address simultaneously when connecting to the Zywall gateway. This can happen easily if two clients exist behind different SOHO firewalls and receive the same address via DHCP. Essentially, this creates a similar problem to using option (1) and configuring identical virtual adapter address for more than one client.
b) The Zywall needs to be the default gateway for the network it protects or NAT all inbound IPsec traffic that passes to the private network. Otherwise, the return traffic destined to the client will go out your default gateway instead of being seen by the Zywall.
c) The client cannot use a public adapter address that exists in any private network protected by the Zywall. If this happens, you will end up with a very confused gateway that doesn't know which direction to pass the traffic. This can easily happen, again, if the client exists behind a SOHO firewall that uses an IP pool that maps to one of your internal networks.
So, all that I need know is:
This issues apply for my case to (RV042)?
And if not, what kind of issue can I have using "Use an existing adapter and current address" on RV042?
I'll apreciate any help, thanks!
_________________________________________________________________
Descubra todas as novidades do novo Internet Explorer 8
http://brasil.microsoft.com.br/IE8/mergulhe/?utm_source=MSN%3BHotmail&utm_medium=Tagline&utm_campaign=IE8
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20090820/5891c89f/attachment-0001.html>
More information about the vpn-help
mailing list