SearchSearch   ProfileProfile   Log inLog in   RegisterRegister 

Can FirstSpot pass VPN traffic?
Goto page 1, 2  Next
 
Post new topic   Reply to topic    FirstSpot Forum Index -> Pre-sales Support Forum
View previous topic :: View next topic  
Author Message
JF



Joined: 03 Mar 2004
Posts: 4

PostPosted: Thu Mar 11, 2004 4:14 pm    
Post subject: Can FirstSpot pass VPN traffic?

It looks like FirstSpot cannot pass the VPN traffic out to Internet. I have used Cisco VPN client to test. I have opened a web browser to type a URL, authenticated with FirstSpot before the test.

It is very important function, because our clients need using this connection to their company. Can FirstSpot do it?
Back to top
Blide



Joined: 24 Feb 2004
Posts: 14
Location: Texas

PostPosted: Fri Mar 12, 2004 7:26 pm    
Post subject:

I have used 2 different VPN clients (Sonicwall & Symantec) and they are also a no go on firstspot. I'm willing to help patronsoft test but they will need to contact me.
_________________
Thanks for the help..
Back to top
kevin
Forum facilitator


Joined: 26 Sep 2003
Posts: 442

PostPosted: Sat Mar 13, 2004 1:58 pm    
Post subject:

Thanks, JF, Blide.

We've tested FirstSpot with IPSEC VPN and MS PPTP before. We will also do a round of extensive testing on IPSEC this coming week (Mar-15). And will let you know our findings ASAP.

~ Patronsoft Limited ~
Back to top
bhhanson



Joined: 05 Apr 2005
Posts: 15

PostPosted: Thu Nov 03, 2005 3:05 pm    
Post subject: does firstspot support VPN? I see no replies on this thread

I got a call from a guest that they were trying to connect VPN to their office and was unable to connect. They appear to be using Microsoft PPTP and GRE VPN. I see packets hit the firewall here and are accepted and are forwarded on. I have not yet had a chance to work with them to do a TCPDUMP to watch traffic.

So, is there some conclusions on the ability to support VPN connections?

Thank you.
Brad Hanson
Minneapolis
Back to top
kevin
Forum facilitator


Joined: 26 Sep 2003
Posts: 442

PostPosted: Thu Nov 03, 2005 5:39 pm    
Post subject:

If you're using Advanced Edition of FirstSpot, you can turn off the NAT at the public interface, FirstSpot will then act like a vanilla router. Please remember to add a return route at the next-hop router though.
_________________
~ Patronsoft Limited ~
Back to top
bhhanson



Joined: 05 Apr 2005
Posts: 15

PostPosted: Thu Nov 03, 2005 6:52 pm    
Post subject: VPN only works when NAT is turned off?

Does your reply imply that in order for VPN access to work for guests, the NAT feature should be disabled? I'm not sure I want that to be that way as it might cause other problems for us.

Thank you...
Back to top
kevin
Forum facilitator


Joined: 26 Sep 2003
Posts: 442

PostPosted: Fri Nov 04, 2005 2:24 am    
Post subject:

If the VPN server and clients supports NAT-traversal, then they should have no problems passthrough any NAT-devices and we've tested that with FirstSpot. For others, a workaround is to turn off the NAT of FirstSpot.
_________________
~ Patronsoft Limited ~
Back to top
jeisenzimmer



Joined: 21 May 2006
Posts: 17
Location: Devils Lake, ND

PostPosted: Wed May 24, 2006 5:32 am    
Post subject:

Kevin, as you said before:

"If you're using Advanced Edition of FirstSpot, you can turn off the NAT at the public interface, FirstSpot will then act like a vanilla router. Please remember to add a return route at the next-hop router though."

I need a smigit of help setting this up. I've tried and it will not cooperate, with or without ProxyARP. Can I get a solution USING and NOT USING ProxyARP, if possible? On the public side, everything's fine, but on the private side it's not. Here's the scenario:

CLOUD
(G/W:209.243.31.1)
|
|
(WAN IP: 209.243.31.122)
Linksys Router
(LAN IP: 192.168.1.1)
|
|
(PUB IP: 192.168.1.5)
FirstSpot Server
(PRI IP: 10.0.0.1)
|
|
(IP: 10.0.0.50 (DHCP))
My Laptop


Any ideas? please reply!
Thanks much appreciated!
_________________
Jeremy Eisenzimmer
Professional Technologies
Back to top
kevin
Forum facilitator


Joined: 26 Sep 2003
Posts: 442

PostPosted: Wed May 24, 2006 6:45 am    
Post subject:

Hi Jeremy,

First, please verify that your VPN connection works ok if FirstSpot is taken out completely.

Then, according to your topology,

1) this can be done without ProxyARP.

2) you would disable NAT at FirstSpot's public interface (under the Dispatcher tab, inside Configuration Manager), restart FirstSpot

3) At your Linksys router, add a route like this:

destination network: 10.0.0.0
netmask 255.255.255.0 (I'm assuming you're using 24bit mask)
gateway ip: 192.168.1.5
metric: 2 (or anything that's appropriate)

Reboot your router.

4) after changing these, try if you can access the Internet through FirstSpot (i.e. being asked for authentication and then redirected).

5) If #4 works, try your VPN connection
_________________
~ Patronsoft Limited ~
Back to top
sdwedemeyer



Joined: 18 Oct 2006
Posts: 21
Location: Atlanta, GA, USA

PostPosted: Thu Apr 26, 2007 1:24 pm    
Post subject:

What happened to the original questions in this thread? Is the conclusion that we have to have the Advanced version in order to support IPSEC VPN?

I have FirstSpot 4.012 installed and a guest claims that his VPN client is not working through the system.

I do know that MS LLTP VPN does work, but did not test IPSEC.
_________________
Stephen D Wedemeyer
Back to top
ramada



Joined: 16 May 2007
Posts: 11
Location: Portugal

PostPosted: Thu May 24, 2007 1:18 pm    
Post subject: cisco vpn client

Hi.

I have 4.0.13 trial version and I'm using Cisco VPN Client without any problem. I use IPSEC/TCP on port 10000.

cya
Ramada
Back to top
sdwedemeyer



Joined: 18 Oct 2006
Posts: 21
Location: Atlanta, GA, USA

PostPosted: Fri May 25, 2007 2:38 am    
Post subject:

Did you make any specific configuration changes in firstspot for that to work?
_________________
Stephen D Wedemeyer
Back to top
ramada



Joined: 16 May 2007
Posts: 11
Location: Portugal

PostPosted: Mon May 28, 2007 8:46 am    
Post subject:

no, no specific configurations.
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Mon May 28, 2007 10:55 am    
Post subject:

ramada, what Windows version are you running FirstSpot on? Also, I assume the NAT within FirstSpot is on (default), right?
_________________
~ Patronsoft Limited ~
Back to top
ramada



Joined: 16 May 2007
Posts: 11
Location: Portugal

PostPosted: Mon May 28, 2007 11:47 am    
Post subject:

I'm running FS in Win 2003 standard with NAT enabled.

My Cisco VPN client uses ipsec over tcp. It's a good way to get through firewalls.

BTW Alan, when will be out FS v5 so I can give it a try? My trial v4 is expiring and I would like to see the improvements on v5...
Back to top
Display posts from previous:   
Post new topic   Reply to topic    FirstSpot Forum Index -> Pre-sales Support Forum All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group