We have Linksys RV082 and Internet connection with one static IP.

We need to set up 1) VPN and 2)access webserver from outside. Is it
possible to do this with one static IP?

For webserver I have set assigned static IP aadress (192.168.1.20).


My questions:

Is it possible to build required solution on one static IP and RV082?

How to set up VPN on RV082 (client to gateway)?

which Internet connection should I connect the WAN  1)Internet(WAN1)
or Internet/DMZ(WAN2)?

I forwarded port 80 to 192.168.1.20, but when open in browser our WAN
IP I get Linsys routers administrive interface not webserver page.
Why?

[ Post a follow-up to this message ]

Raigo wrote:
> We have Linksys RV082 and Internet connection with one static IP.
>
> We need to set up 1) VPN and 2)access webserver from outside. Is it
> possible to do this with one static IP?
>
> For webserver I have set assigned static IP aadress (192.168.1.20).
>
>
> My questions:
>
> Is it possible to build required solution on one static IP and RV082?
>
> How to set up VPN on RV082 (client to gateway)?
>
> which Internet connection should I connect the WAN  1)Internet(WAN1)
> or Internet/DMZ(WAN2)?
>
> I forwarded port 80 to 192.168.1.20, but when open in browser our WAN
> IP I get Linsys routers administrive interface not webserver page.
> Why?

You can do both with a single static IP.

To setup client to gateway you will need some Client software on PC's
that can build the tunnel.  I have not done this with that model though
you should be able to get most of the third party VPN clients to work.
Perhaps something like Safenet softremote.  I think some people have
used the cisco client, or if you really like to suffer you can actually
configure the built in IPSEC features of Windows XP.

You should use the WAN 1 connection.  An interesting side note.  I tried
to use 2 internet connections to share bandwidth.  It slowed the
transfers way down.  Apparently the router is not very efficient at load
sharing between two connections.

You have to go to the firewall settings and change the remote management
port from port 80 to 8080 or disable it completely.  You should disable
it unless you absolutely need to be able to configure your router
remotely.  You really should only be configuring the router while on the
inside of your firewall and not from the outside of your firewall.  Not
only can a hacker use a brute force tool to guess the password on the
router, but if they can sniff your packets while you are connecting to
the router remotely then they can just grab the plain text password as
it is sent between your browser and the router.

--
WARNING!  Email address has been altered for spam resistance.
Please remove the -deletethispart-. section before replying directly.
Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)

[ Post a follow-up to this message ]

Thanks  I got port 80 forwarding to work on now I can see webserver
from outside.

But tell me in more details how to configure VPN in router side?


Also, I have created VLAN's on ports. In longer run I need to set up
VPN user groups so that depending on group and permissions user is
sent into certain VLAN. How to do this?








Mike Drechsler - SPAM PROTECTED EMAIL <mike-newsgroup@-DELETETHISPART-.upcraft.com> wrote in
 message news:<Xlgld.4365544$ic1.418507@news.easynews.com>...
> Raigo wrote: 
>
> You can do both with a single static IP.
>
> To setup client to gateway you will need some Client software on PC's
> that can build the tunnel.  I have not done this with that model though
> you should be able to get most of the third party VPN clients to work.
> Perhaps something like Safenet softremote.  I think some people have
> used the cisco client, or if you really like to suffer you can actually
> configure the built in IPSEC features of Windows XP.
>
> You should use the WAN 1 connection.  An interesting side note.  I tried
> to use 2 internet connections to share bandwidth.  It slowed the
> transfers way down.  Apparently the router is not very efficient at load
> sharing between two connections.
>
> You have to go to the firewall settings and change the remote management
> port from port 80 to 8080 or disable it completely.  You should disable
> it unless you absolutely need to be able to configure your router
> remotely.  You really should only be configuring the router while on the
> inside of your firewall and not from the outside of your firewall.  Not
> only can a hacker use a brute force tool to guess the password on the
> router, but if they can sniff your packets while you are connecting to
> the router remotely then they can just grab the plain text password as
> it is sent between your browser and the router.

[ Post a follow-up to this message ]

There is a page about configuring RV082:
http://routerworld.dyndns.org/RV082/12.htm

but which scenario from where should I use? what is the difference
between them?

if I would like to try first
http://routerworld.dyndns.org/RV082...g2c1_left.htm#1

Under "Local Group Setup" I already have numbers (on the link A.A.A.A)
and they are my WAN IP.

But numbers under "Remote Client Setup" - on the link B.B.B.B. What
numbers should I type in there?

[ Post a follow-up to this message ]

Raigo wrote:
> There is a page about configuring RV082:
> http://routerworld.dyndns.org/RV082/12.htm
>
> but which scenario from where should I use? what is the difference
> between them?
>
> if I would like to try first
> http://routerworld.dyndns.org/RV082...g2c1_left.htm#1
>
> Under "Local Group Setup" I already have numbers (on the link A.A.A.A)
> and they are my WAN IP.
>
> But numbers under "Remote Client Setup" - on the link B.B.B.B. What
> numbers should I type in there?

Try setting it up first and THEN ask questions.

--
WARNING!  Email address has been altered for spam resistance.
Please remove the -deletethispart-. section before replying directly.
Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)

[ Post a follow-up to this message ]

I configured my router according to Scenario 7 from
http://routerworld.dyndns.org/RV082...g/g2c8_left.htm

data is like this:
A.A.A.A = WAN IP 62.x.x.218

Local Security Group Type=Subnet, IP=192.168.5.0
router itself is 192.168.1.1, is this OK to put IP like that?

everything else in router is like on the tutorial.


For client I use LinkSys QuickVPN (only free client I could find. is
there anything better?)

My client configuration differs from the one in tutorial
http://routerworld.dyndns.org/RV082.../g2c8_right.htm

because I don't have all the fields what are in there. (The only
fields in QuickVPN are: server IP, username, password). For username I
set e-mail address.

I set
Server IP: WAN IP
Username: my@email
password: preshared key


But I get error message when connecting.
any ideas what could be wrong and I should do better?

[ Post a follow-up to this message ]

I tried connecting with cisco VPN client 4.6.
But I get error message.

"Secure VPN connection terminated locally by the client. Reason 412:
The remote peer is no longer responding."

what may be wrong?

[ Post a follow-up to this message ]