1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Linksys NAT-T VPN Solution Request

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by lespaa, Sep 1, 2007.

  1. lespaa

    lespaa Network Guru Member

    I tried implementing the following scenario with the WRV200 1.0.32.2 but the firmware is not capable of it due to the remote gateway = ANY requirement with NAT-T enabled. I would like to know if other Linksys hardware can support this scenario. I.E. have NAT-T enabled and itself be behind NAT(actively initiating a tunnel).

    It appears to me as though the linksys NAT-T implementation on the WRV200 technically is "unconditionally compliant" though it lacks some capability which is described in the intent (even driving factors) of the RFCs(fc3715, rfc3947, rfc3948). I would like to know if any other linksys business class routers have the NAT-T implementation capability that I am looking for or if I am going to have to look for other implementations.

    My needs are described through the following network map.

    WRV200 (net w)
    internal net 10.0.10.0/24
    |
    NAT Router (net x)
    internal net 192.168.252.0/24
    |
    INTERNET
    |
    NAT Router (net y)
    internal net 192.168.253.0/24
    |
    WRV200 (net z)
    internal net 10.0.11.0/24

    I would like to have net x, net y be unsecure networks/WAPs and have new w and net z be connected through VPN. The linksys WRV200 implementation using NAT-T vpn tunnel only supports half of the equation (only allowing the tunnel implement-ator to exist behind NAT). Thus with my current hardware I can only make a tunnel from net w to net y. The linksys NAT-T implementation seems to mostly be designed for road-warriors to GW tunnels and not expandable business GW to GW tunnels as it can only be set to be completely open as to what IP and subnet it expects to receive a connection from (any).

    Any ideas to any business class hardware that may be able to accomplish this? I'd hate to have to get major professional equipment for just 5 computers. And yeah, I'm trying not to spend the extra $20/month for two more static IPs as I'm low on cash.

    Also I was able to make a VPN tunnel initiating from location net w to net y when net y was set to be NAT-T and net w had NAT-T disabled. The exact connection in reverse could not be made. I guess that is why linksys is careful to label the functionality as “remote initiator behind NATâ€, or “NAT-Traversal Responderâ€.

    My overall question is do the gateway-gateway connection functionality of the RV042, RV082, RVL200, RVS4000, WRV54G, and WRVS4400N work the same? I.E do I have to go to another vendor, or other WRT firmware options to get the needed functionality?

    Thanks,
    Dan

    Note: originally posted at http://forums.linksys.com/linksys/board/message?board.id=Wireless_Routers&message.id=58176
     

Share This Page