1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

HELP! 4g modem/router combo to vpn firewall router configuration

Discussion in 'Networking' started by RexCom, Aug 17, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. RexCom

    RexCom Thread Starter

    Joined:
    Aug 17, 2013
    Messages:
    3
    Hello Everyone,

    I just wanna ask for some help regarding configuration of a vpn firewall router that is connected to a 4g modem/router combo.
    I am new in setting up a vpn and not so much familiar with others things or what setup is necessary, kindly help the poor guy please???

    This is what I need:
    - I need to connect the VPN FIREWALL router and use its features at the same time connected to the internet ( the VPN FIREWALL will act as the security for the whole network and the 4G modem/router will be the one supplying the internet)
    - Need to establish a VPN connection later after the configuration.
    - The server and other lan pc's must be accessible outside the local network when connected to VPN (web server, local pc's shared folder and files, etc)

    Here's some details that i hope might help:
    - I am using a Quanta 1K5 4G LTE modem/router combo
    - I am using a Dynamic public IP address,( but this is not a problem because i am using s DDNS)
    - My VPN FIREWALL brand/model is Micronet SP881 B VPN FIREWALL router
    - Right now i am already connected to the internet using the vpn firewall physical connection is:
    4G modem/router-->hub-->VPN firewall router-->PC
    my connection is 4G(LAN)-->VPN (WAN) set the connection type to Dynamic IP
    -The remote connection and remote access (web server, ftp,RDP) is working fine on the 4G modem/router alone.

    I attached some screenshots of the VPN firewall router
    Looking forward to hear from you guys, Thanks in advance! :)
     

    Attached Files:

    • 1.jpg
      1.jpg
      File size:
      184.6 KB
      Views:
      160
    • 2.jpg
      2.jpg
      File size:
      181.9 KB
      Views:
      102
    • 3.jpg
      3.jpg
      File size:
      136.5 KB
      Views:
      93
  2. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    5,942
    You need to set up the Micronet with a static IP on the WAN port side (or what's referred to as the Primary Setup in the config pages you've posted). The static IP needs to be in the address range the Quanta is using for the LAN side of its configuration. Also make sure the IP you set for the Micronet is not in the DHCP range of what is setup on the Quanta LAN configuration. Or just turn off the internal DHCP server on the Quanta.

    Next you need to config port forwarding on the Quanta for the following ports used in an IPSEC VPN. I'm assuming the Micronet is using an IPSEC VPN.

    IP protocol on port 51
    UDP protocol on port 500
     
  3. RexCom

    RexCom Thread Starter

    Joined:
    Aug 17, 2013
    Messages:
    3
    Thank you for the reply zx10guy
    I did what you told and I attached some screenshots can you kindly verify and see if i'm on the right track?
    And also i am confused :confused: about the IPSEC configuration on the VPN setup can you guide me on how to do it.
    Thanks, your help is so much appreciated.
     

    Attached Files:

    • 4.jpg
      4.jpg
      File size:
      298.3 KB
      Views:
      125
    • 5.jpg
      5.jpg
      File size:
      260.9 KB
      Views:
      200
    • 1.jpg
      1.jpg
      File size:
      203 KB
      Views:
      263
    • 6.jpg
      6.jpg
      File size:
      208.2 KB
      Views:
      84
  4. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    5,942
    First question I have is what is the VPN client you're going to use with the Micronet?

    As far as the screen shots, you shouldn't need to set up any port forwarding on the Micronet which I assume is what is being called the virtual server. I also don't understand why you have a PPTP connection configured.
     
  5. RexCom

    RexCom Thread Starter

    Joined:
    Aug 17, 2013
    Messages:
    3
    Thank you for your reply and patience zx10guy,
    Regarding your question i am planning to use only the Windows built-in VPN client both on W7 & XP, while still configuring it after that if all went well i will search for a good VPN client, if you have something in mind that is more better to use than the Windows built-in VPN client i will gladly appreciate your suggestions

    Regarding the PPTP configuration, if you are referring to the:

    PPTP Dialup
    PPTP Server Name/IP Address Username Password
    192.168.2.155 aaa *********
    ---> You mean I don't need to make any configuration on this part? If that's the case i will remove it.

    Moving along, I reconfigured the Micronet VPN FW and made some local test, and i found out that:
    -I think the Virtual Server (Micronet) needs to be config to forward the port on the designated target (computer), because i noticed that when the port is not forwarded (on the Micronet) i cannot access the target both RDP and the webserver (using web browser)--->this is on local network only for testing.

    At this moment i can access the local network both RDP and the web server, but the problem is when i try to access the target pc remotely (outside local network) using the HOSTNAME that i register using DDNS i cannot access it, but when i tried using the WAN IP of the Quanta modem/router i can access it remotely both RDP and the web server, i haven't yet try configuring the VPN IPSec connection because i'm stock in this problem :(
    I even tried to input the DDNS details on the VPN FW but still no luck :(
    Any suggestions will be much appreciated. :)
    I included a screenshots again of my current config.
     

    Attached Files:

  6. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    5,942
    I've configured the internal VPN client for XP and Win2K. It's a pain in the butt but it worked for what I was doing back then. The drawback with using the internal VPN client for these two OS' is that it doesn't support AES encryption. The highest it goes is 3DES. Now I don't know if Microsoft updated the client with Win7 to support AES. Here's a link to the Netgear instructions on how to do it under Win2K. The steps are similar for XP. I have no idea if things changed drastically for Win7 as I don't use the internal Windows VPN client anymore.

    http://kb.netgear.com/app/answers/detail/a_id/970

    You're not supposed to configure any type of port forwarding when you use a VPN setup. That's the whole purpose of having a VPN so you don't have to punch holes in your firewall to allow external traffic in. If the VPN is setup correctly, the remote client will have a secure/encrypted tunnel to the firewall which will then drop the remote client onto the local LAN like it is plugged in locally. This is part of the VPN setup where you designate a pool of IP addresses for your remote clients to be assigned when they establish a VPN tunnel.

    There's a pretty steep learning curve when you configure a IPSEC tunnel. You'll have to do some research and educate yourself a little on it. This is why many organizations have gone to using SSL VPN type setups. It's a bit more simpler and depending on what you want remote access to, you can do it without the need of a full VPN client to be installed onto the remote client.
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1106194

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice