BEFSX41's: VPN across a wireless intranet - then to internet

Discussion in 'Networking Issues' started by BlueSkye, Sep 21, 2005.

  1. BlueSkye

    BlueSkye Network Guru Member

    I am using BEFSX41 routers and wish to establish a VPN tunnel across a wireless intranet and then be able have client#1 reach the Internet through Client#2's internet connection. I have the BEF router WAN sides facing the wireless link for security (considering the wireless link as an "internet" zone). The network architecture is described below:

    client1---lan.BEF1.wan---(linux router to linux router wireless link)---wan.BEF2.lan---client2---internet

    Both client boxes are Win 2000 Pro's. I have enabled IPRouting in Client2 with a registry hack. The default gateway in Client2 points toward the internet interface in this dual-homed machine.

    The VPN tunnel connects and I can fileshare between client1 and client2. Client2 can surf to the internet (out it's second interface).

    But Client 1 cannot surf to the internet. Client1 pings the BEF2-side interface of Client2, but is unable to ping the address of the internet interface inside client2.

    Just as an aside, I was able to make this architecture work without the BEFSX41 routers - just:


    In this case, Client1 was set up in Win2000 as a VPN Client, and Client2 was set up in Win2000 as a VPN Server. This architecture worked fine. Both clients1 and 2 could share files over VPN and both clients could reach the internet through the internet interface on Client2.

    I am using the same machines as in this configuration, only I inserted the BEFSX41's and am using the routers rather than the Win boxes to create the tunnel.

    It seems to me that my problem may originate in the fact that I am unable to set the default gateway on a BEFSX41 to an address on the "LAN" side of the router. I realize that is not a "normal" thing to do, but in my architecture, that is what I need. I am able to set up all the addressing on the WAN side of my routers with static IPs and added subnets in the static routing table. My problem is that I want default traffic in BEF#2 to travel out the "LAN" side of BEF2 to Client2 as the default gateway.

    Would anyone have any suggestions on how Linksys VPN endpoint routers could be used to achieve my overall objective here? Does anyone know of a VPN endpoint router where the default gateway can be placed on the LAN side?

    Would appreciate any help/suggestions!

    BlueSkye :(
  2. mbescher

    mbescher Network Guru Member

    Same Problem


    I have the same problem but with 2 BEFVP41. If you resolve the problem I'd be interested in knowing how.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice