Hi,
I have a Netgear FVS318 firewall and DG834 router. I currently have
the router connected to my home network and it links to my Demon ADSL
service without a problem.

I would now like to add the FVS318 firewall into the system as it will
then allow me VPN access. However, I'm totally confused with all the
IP settings and gateways and what should be set to what!

Can anyone help!!!

I am running a 2003 SB server with DHCP.

Many thanks,

Martyn.

<martyn@neptunect.co.uk> wrote in message
news:1162750746.964949.112090@f16g2000cwb.googlegr oups.com...
Firstly, the FVS318 isn't just a firewall, it's a Cable/DSL router, so
effectively you are trying to use 2 routers. Secondly, you are going to have
to investiagte port forwarding on the 834 to allow the vpn connection
through to the 318. If you connect the 318's WAN port to one of the 834's
LAN ports, it should get it's address settings from the 834, though it needs
to be a static address if you are going to use VPN. I would also turn the
DHCP server OFF on the 318, since it's likely to clash with the 834's, as
they are both Netgear products, their DHCP could be set the same. You'll
find it on the LAN IP Setup page. If you're running 2K3 server, why bother
with the 318? 2k3 can act as a VPN endpoint server anyway, adding the 318 to
the mix will only serve to confuse things.

P.

martyn@neptunect.co.uk wrote:


What I have had working is:

Demon static IP service.

DG632 (similar to the DG834) connects to ADSL - all traffic is forwarded via
DMZ to the 318.

The 318 WAN port is connected to the 632's LAN port and a small subnet is
set up which is different from the LAN subnet of the 318.

The 318 does NAT and DHCP.

318 can act as VPN end point by using the same router set up at the other
end. Under the IKE settings use FQDN and set the value to the external IP
address.

HOWEVER!

Recently the Netgear products have been playing up and reliability has
become an issue. You should always upgrade to the latest firmware but even
then I'm still now having problems. Things which I've set up before are
now simply not working with no real reason. VPN's used to stay up for
months but now are not available.

YMMV.

BTW - true router to router IPSec type VPN's are better than Windows VPN
(PPTP) because when they work well they are seamless.


Kevin

On 5 Nov 2006, martyn@neptunect.co.uk wrote:

On the assumption the Netgear FVS318 has a "WAN" port, that would go into
the DG834, and on the DG834, you'd set up DMZ to forward everything to the
"WAN" port of the FVS318 (so in effect, the NAT function of the DG834 would
be disabled, and all security then depends on the FVS318). Probably someone
with hands on of both items will come along in a moment to put me straight!

On 5 Nov 2006, "Flyer" <me@privacy.net> wrote:

I'd have suggested using DMZ on the DG834, and fixed IP for the FVS318,
so data goes to the FVS318, and let it deal with any port forwarding...