Hi,
I have a hard time setting up a VPN connection. I have a DSL modem, which
uses PPtP, and a wireless router. Things won't work with the router,
probably because it uses NAT, but that is a problem I will tackle later.
First I want to do the simple thing: connect through the modem.
This works, but only if I use the very elaborate protocol below. I have
checked and double checked the protocol. I think every step is needed,
and the protocol works every time.
Here it is:
1. Disconnect laptop from modem, and connect router to modem (both
connections use a cable)
2. Plug wireless card into laptop
3. Connect to an outside web site (the router's web site won't do). To be
sure: this connection runs through the air to the router, then to the
modem, and then out.
4. Unplug wireless network card
5. Disconnect router from modem, reconnect laptop to modem
6. Start the PPtP connection to get online
7. Start IPSec
After a reboot, I have to restart the protocol. Simply disconnecting from
and reconnecting to the PPTP connection is OK.
Obviously, I would like to skip steps 1 through 5. I have no idea what is
going on, though. Does anyone have any ideas?
I am a newbie to IPsec, and no Windows expert, but not a newbie otherwise.
Details are below.
Any help would be much appreciated!
Roderick Bloem
Laptop runs WinXP, IPSec 2.2.0. The DSL connection is labeled "WAN
Miniport (PPTP)"
The router is a 3com 3crwe52196 officeconnect wireless cable/dsl gateway
The modem is a Thomson/Alcatel Speedtouch 510.
I can get into the internet fine, both with and without the router. The
router builds its own PPTP connection, and does NAT, and the wireless
connector uses DHCP. If I connect to the modem instead of the router, I
have to start PPTP on the laptop.
Here's the output of IPSec (regardless of whether the connection succeeds
or not).
IPSec Version 2.2.0 (c) 2001-2003 Marcus Mueller
Getting running Config ...
Microsoft's Windows XP identified
Setting up IPSec ...
Deactivating old policy...
Removing old policy...
Connection roadwarrior-net:
MyTunnel : 129.27.236.15
MyNet : 129.27.236.15/255.255.255.255
PartnerTunnel: 129.27.200.40
PartnerNet : 129.27.153.0/255.255.255.0
CA (ID) : C=AT, L=GRAZ, O=KNOW-CENTER, CN=Know-Center CA,
Em...
PFS : y
Auto : start
Auth.Mode : MD5
Rekeying : 3600S/50000K
Activating policy...
The output of a subsequent ping depends on whether the connection
succeeds:
* either
C:\ipsec>ping exchange
Pinging exchange [129.27.153.187] with 32 bytes of data:
Negotiating IP Security.
Reply from 129.27.153.187: bytes=32 time=34ms TTL=127
Reply from 129.27.153.187: bytes=32 time=33ms TTL=127
Reply from 129.27.153.187: bytes=32 time=32ms TTL=127
Ping statistics for 129.27.153.187:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 32ms, Maximum = 34ms, Average = 33ms
* or
C:\ipsec>ping exchange
Pinging exchange [129.27.153.187] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 129.27.153.187:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
