Hi all

Another newbie 834 question.
I would like to run a VPN into my workplace and connect to my desktop.
At work we have CheckPoint Firewall1 software and to get through to that I
have installed SecureRemote software on my laptop.
The connectivity works fine across a dial up connection, but obviously speed
is not acceptable
I don't get error messages when syncing to the works router with that
software.
So now the laptop is part of a home network, accessing the internet via the
netgear DG834 router.
The secure remote software seems to launch and connect OK, but attempting to
remote desktop to my work PC results in the 800 windows error message being
displayed.

My understanding is that the Checkpoint software at the workplace and the
SecureRemote software at home represent the "end points" of the VPN tunnel.
Looking at the reference manual for the router/firewall, the VPN setup
instructions seem to be using the router/firewall as the tunnel end point.
All I think I need is for the firewall settings to allow communication
between the SecureRemote software at home and the CheckPoint software at
work.

Can anyone clarify this for me and point me towards the correct setup
procedure for this please?

TIA

Phil

"TheScullster" <phil@dropthespam.com> wrote in message
news:PJGdneijtIkNyF3bRVnyuwA@eclipse.net.uk...
Some general points that may help:

The VPN to the CheckPoint firewall should rely only on the client software
on the laptop. However, it is possible that it has been set up at the
workplace end with some security parameter which absolutely relies on the
dial-up connection; for example your dial-up might have a static IP
address - your worklplace IT staff should be able to help if this is the
case.

The router you have takes no part in managing the VPN - it simply carries
the VPN traffic. However, some ISPs - notably the cheaper "domestic"
services - do block or slow down the VPN traffic. I think this is because
they regard the VPN as "commercial" and therefore not compatible with their
"domestic" service. It may be that the Netgear router blocks this traffic.

In principle it is possible to configure the local router as the VPN client;
which provides a quite different arrangement, where the whole of your local
network is connected to your workplace network. This would be necessary
where you required several computers at your home to connect to the
workplace. I use Vigor routers for this sort of LAN-to-LAN configuration;
others will be able to say whether such a configuration is possible with a
Netgear. You would not then need any client software running on the local
computers.

--
Graham J

"Graham" wrote

Pretty sure that this is not the case!

I'll have to check up on this.
Being in Hull, we have one domestic ISP only - Kingston Communications, so
options are limited to a monopoly of 1.

the networks separate to avoid trouble from (my own) meddling kids.

Thanks Graham

Phil

This site is an excellent resource for all things networking and VPN

http://www.chicagotech.net/

Error 800 is usually a firewall problem

I have problems with a Speedtouch 780WL which spontaneously and sporadically
decides not to handle IP Protocol 47 (GRE)

On Mon, 13 Aug 2007 14:40:12 +0100, in uk.telecom.broadband , "Graham"
<graham@nospam.zen.co.uk> wrote:

Not entirely - depending on how the VPN works, you are very likely to
have to set up some port forwarding on the router to send the VPN
traffic to and from your PC. Again your office IT team should be able
to explain what is required. I would not recommend doing this without
their agreement as you may be in breach of company security
regulations.

--
Mark McIntyre

"Mark McIntyre" <markmcintyre@spamcop.net> wrote in message
news:q7f1c3di71uo3e9gin3a0bs1tr09d397tf@4ax.com...
Exactly my point - the router does not manage the VPN, it simply carries the
VPN traffic. As Mark suggests, you might have to open specific ports on the
router to achieve this.

--
Graham J

I use Secure Client for work and it doesn't require you to forward ports.
Although whether that's down to the configuration or not I don't know.

Kev