Linksys wrt54g router & dns problems

Sat Jul 3 10:22:01 2004

Barry,

On Friday 02 July 2004 20:43, Shinehouse "at" cox.net wrote:
> Going to your point, my router does have VPN which linksys tech
> explained as a router dynamic address change for protection.

?Sorry - I don't fully understand this, so...

Your router outside should be dynamic - except you are paying for a 
static IP-address from the outside at your provider. Then the case is 
different. As I did understand your provider assigns you the WAN IP 
address at least one time you switching your router on?

What I did mention with www.dyndns.org is a possibility where - if your 
LinkSys supports this - you can automatically tell through your router 
at dyndns.org where your new ISP assigned address is to be found. You 
get a domain-name, there and can reference this at the other side.

One of my forespeakers suggested to use static addresses on YOUR!! 
inside LAN. You should use a privately declared address range of say 
192.168.3.0 ... 254. You may declare your inside addresses as you like. 
Say your worksation has 192.168.3.11 and your router 192.168.3.254.

The other side should also have inside static routes. Outside happens 
the same game as with yours. That router needs to know where your 
router is and vice versa. So that trick with dyndns.org needs to be 
done twice.

That's one requirement. The other requirement is, that both routers need 
to know when VPN-tunnels should be established. It means that some sort 
of implicit routes need to be set. How this is done with LinkSys - 
don't ask me. As I told you we having ZyXEL routers. 

Very important is that both subnets behind your routers NEED TO BE 
different!! Say your LAN has 192.186.3.x the other LAN 192.168.24.x. 
Otherwise no routing is possible. Did you do this?

You mentioned a personal firewall you are using. Well. This may cause 
some trouble, too. With Zonealarm you need to declare that remote hosts 
that want / use to have access. There are no other things you need to 
do. When VPN through routers is configured correctly all works 
completely transparent but of course much slower as you may find it 
locally.

> Where do I go to follow up your suggestions?  Is this something set
> inside the linksys set up, or an external service, or both.

As I described above. Go to www.dyndns.org and grab a domain name for 
yourself (does not cost anything please read their howtos. It is 
described very well). Do the same for the other side, too. 

Tell your Linksys the domain name of the other router. Do the same with 
your own router with the other sides domain name. Your routers must 
have a possibility to connect to dnydns.org. Enter your logins and 
passwords there. It automatically updates your outside WAN address at 
dyndns.org.

So both routers can find each other and are able to start IPSEC 
communication to establish their VPN tunnel.

Correct your personal firewall settings (testwise you could disable them 
shortly). Anyways! Use ping to test, if you can reach the other side. 
If no ping goes through you have a network connection problem. Start 
over again with checking comm links. See above.

If ping gets answers start RealVNC server (or any other VNC like server 
tightVNC - you may even use vncserver from a Linux box ;-) there. Start 
VNCviewer at your machine and type in IP address from other side. If 
communication between VNC engines start you will be presented a dialog 
where you need to give in the password defined at the other side. After 
this the remote desktop should appear at your monitor. That's it.

Hope this helps.

Robert