Results 1 to 6 of 6

Thread: V7610 Netgear BUSINESS GATEWAY VPN pool ip address understand concept

  1. #1
    Regular Member
    Join Date
    Dec 2005
    Posts
    102

    V7610 Netgear BUSINESS GATEWAY VPN pool ip address understand concept

    Dear folks


    https://www.telstra.com.au/content/d...tion-guide.pdf


    I have got V7610 Netgear GATEWAY and I followed the attached document to setup Client to Gateway VPN page 5 and 6 says :


    In the VPN remote virtual IP field, enter an IP address and mask and click Save. This is the range of IP addresses that the remote clients will be configured with when the VPN tunnel is set up. Note that this range must not be in the range of LAN IP addresses set up for the V7610 device "


    I chose My gateway range of DHCP LAN ip address from 192.168.0.101-192.168.0.199.



    1- How can I assign the VPN remote virtual IP say 192.168.0.52-192.168.0.80 same network but different range from the DHCP LAN ranges 192.168.0.101-192.168.0.199 ?

    2- Snapshot below from the document above showing unique ip address been configured which is 192.168.16.1/24 ,,,,,Is this typo ? Shouldn't be 192.168.16.0/24 to refer to network address
    https://imgur.com/a/xA9yH24


    VPN is working ip addresses confused me

    Thx

  2. #2
    Administrator Philip's Avatar
    Join Date
    May 1999
    Location
    Jacksonville, Florida, United States
    Posts
    10,531
    Blog Entries
    6
    1. Your LAN IP address range is 192.168.0.101 - 199, however that is most often configured with the subnet mask 255.255.255.0 (CIDR notation 192.168.0/24). This means all 192.168.0.* IPs (255 of them) would be assigned to your LAN, whether they are using DHCP or not. Any IP address in that range can reach your router's IP. You'd have to reduce that to fewer IPs with a different subnet mask if you want to use part of the same 192.168.0.* IP range for the VPN. This can be achieved with subnet masks of (255.255.255.128/25), 255.255.255.192 (/26), etc. dividing the 192.168.0.* range further. However, you wouldn't gain anything, since you'd have to first exclude IPs from the LAN IP range before you can add them to the VPN range. The VPN gets its own "VPN remote virtual IP" outside of the LAN subnet.

    2. It is probably a typo, since the 192.168.1.0 is not usable, it is the "network address", just as the .255 is reserved as the "broadcast address".
    Linux is user friendly, it's just picky about its friends...
    Disclaimer: Please use caution when opening messages, my grasp on reality may have shaken loose during transmission (going on rusty memory circuits).
    ๑۩۞۩๑

  3. #3
    Regular Member
    Join Date
    Dec 2005
    Posts
    102
    Thx Philip

    Your LAN IP address range is 192.168.0.101 - 199, however that is most often configured with the subnet mask 255.255.255.0 (CIDR notation 192.168.0/24).
    Clear

    This means all 192.168.0.* IPs (255 of them) would be assigned to your LAN, whether they are using DHCP or not.
    Make sense

    You'd have to reduce that to fewer IPs with a different subnet mask if you want to use part of the same 192.168.0.* IP range for the VPN. This can be achieved with subnet masks of (255.255.255.128/25), 255.255.255.192 (/26), etc. dividing the 192.168.0.* range further.
    Clear to me

    Now my next question to assign the VPN's pool a range of ip addresses on a subnet different from my LAN subnet (192.168.0.0/24) I have to enter something like below :
    192.168.0.0/25
    Or
    192.168.0.0/26
    Or
    192.168.20.0/24
    Or
    10.0.0.0/24
    Or
    172.16.0.0/16
    etc

    Or for the Netgear box to understand it,,,,,we have to enter it like this
    192.168.0.1 and subnetmask is 255.255.255.128
    Or
    192.168.0.1 and subnetmask is 255.255.255.192
    Or
    192.168.20.1 and subnetmask is 255.255.255.0
    Or
    10.0.0.1 and subnetmask is 255.255.255.0
    Or
    172.16.0.1 and subnetmask is 255.255.255.0
    etc


    If VPN pool subnet is different from LAN subnet ,,,,,,How remote Laptop if it has different subnet ip address that accessing my LAN via VPN would access the printer for instance ?
    Last edited by zillah; 05-14-20 at 04:11 PM.

  4. #4
    Administrator Philip's Avatar
    Join Date
    May 1999
    Location
    Jacksonville, Florida, United States
    Posts
    10,531
    Blog Entries
    6
    There may be a setting in the VPN configuration somewhere that allows you to access local LAN resources. I would try it, even if the assigned VPN IPs are in a different subnet, the router is probably setting some type of route to access local resources on the LAN.

  5. #5
    Regular Member
    Join Date
    Dec 2005
    Posts
    102
    There may be a setting in the VPN configuration somewhere that allows you to access local LAN resources. I would try it, even if the assigned VPN IPs are in a different subnet, the router is probably setting some type of route to access local resources on the LAN.
    That is right we have to add a static router as it says in the same document page 46:

    https://imgur.com/a/AvcQzaH

    route add <Modem LAN subnet> mask <subnet mask> <VPN remote virtual IP of the gateway>

    My last question

    Why the client windows 10 Built-in VPN keeps asking for the VPN's password although I saved the username and password ?

  6. #6
    Administrator Philip's Avatar
    Join Date
    May 1999
    Location
    Jacksonville, Florida, United States
    Posts
    10,531
    Blog Entries
    6
    Hmm, check this:
    Control Panel > System & Security > Administrative Tools > Local Security Policy. In there, check Local Policies > Security Options > Network access: "Do not allow storage of passwords and credentials for network authentication". Should be set it to Enabled

    There may be something in Group Policies..

    You may also check this in the registry:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\InternetSettings\DisablePasswordCaching
    Linux is user friendly, it's just picky about its friends...
    Disclaimer: Please use caution when opening messages, my grasp on reality may have shaken loose during transmission (going on rusty memory circuits).
    ๑۩۞۩๑

Similar Threads

  1. Comcast SMC Business Gateway + Netgear R6200 router setup??
    By Matthew Friend in forum Wireless Networks & Routers
    Replies: 0
    Last Post: 03-24-13, 10:32 AM
  2. Web server behind Comcast Business Class gateway(SMC)
    By Archaismic in forum Wireless Networks & Routers
    Replies: 2
    Last Post: 08-22-12, 04:47 AM
  3. Comcast Business Gateway issues
    By Elderan in forum Wireless Networks & Routers
    Replies: 6
    Last Post: 10-22-09, 09:21 PM
  4. IP Address is in a different subnet as the gateway address
    By karthik in forum alt.comp.networking.routers
    Replies: 2
    Last Post: 04-29-08, 08:55 PM
  5. do animals/pets understand the concept of "accidental"?
    By Faust in forum General Discussion Board
    Replies: 14
    Last Post: 04-04-02, 02:13 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •