Yep, but I'm not in the UK office, I'm in Redmond. It's a tough nut to crack, remotely. It'd be much easier if I were on site.
But.... Ah, you've given me an idea for some of the diagnostics, anyway. The firewall management GUI has not revealed anything when I pull an audit. It's a Sidewinder (now Mcafee, something, something something) and I can ssh into it and pull a few things out of it that way. Tcpdump, arp and all that. Unfortunately, that probably won't help with the Netgear router itself. Kurt On Tue, Mar 30, 2010 at 17:16, Richard Stovall <[email protected]> wrote: > You probably know this being as you're a FreeBSD guru and all, but you > can get the MAC addresses via arp -a. > > I have no notions at all about what replacement hardware you should look for. > > On Tue, Mar 30, 2010 at 7:56 PM, Kurt Buff <[email protected]> wrote: >> All, >> >> This is probably just whining, so bear with me - though if you have >> any insight into the technical issues, I'd surely like to hear it. >> >> So, I'm putting up a SonicWall SSL VPN unit in our UK office. >> >> They're way out in the boonies - about 50 SW of London, in the middle >> of farms and whatnot - and have a crappy PPPOA ADSL connection. >> >> Fortunately, BT got them a /29, and I've got a nice firewall for their >> office, and they can do OWA and RPC/HTTPS to their Exchange box. >> >> The Netgear router (it's a DG834, installed about 6-7 years ago, and >> I've turned off NAT) is also the PPPOA modem, and has a dynamic >> address on the ADSL connection with the /29 sitting the LAN side. >> >> I put an alias on the firewall, and the DG834 sees both the main IP >> address for the firewall and the alias (showing the MAC address as the >> same for both, and different than the MAC address for the DG834), when >> I query the admin web page for devices that are attached to the LAN, >> and it pings the firewall's external addresses just fine, though it >> doesn't report back the MAC address when pinging.. >> >> We've also got an IPSec VPN between our offices, so I can connect to >> the SSL VPN unit over that. >> >> Here's the problem: When I try to connect via the public IP address - >> https://aaa.bbb.ccc.ddd - I get what looks like the browser popup for >> the DG834, not the Sonicwall login page, although I can't actually log >> in, probably because of the restrictions I've put in place. >> >> I've got an email in to the part-time IT guy at the site, so that I >> can get the serial number of the unit, in the hopes that by getting >> that and registering the unit, I can get the latest firmware for it, >> and see if that fixes the problem. >> >> But, failing that, does anyone have a recommendation for a PPPoA >> router to replace this thing - something that will actually be a >> router, and not steal packets destined for other units on the subnet? >> >> Thanks for your indulgence, >> >> Kurt >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
