Putting a Netgear VPN device behind a Cisco router
Charles Waters
I have a Netgear VFS318 VPN concentrator device that the boss wants me to
set up. My problem is that it must be placed behind a Cisco 3620 router
which is also being used for other types of access. The Cisco has a single
Ethernet port which I have set up as 192.168.0.1, my default gateway. I can
create a static NAT translation between an Internet IP address and the WAN
side of the Netgear device, but I don't have a seperate Ethernet subnet to
attach it to. So here's what I was trying to do....tell me why it doesn't
work :)
I'm running the single Ethernet connection from my router (192.168.0.1) to
my primary switch so that everyone can see it....
I have created secondary IP address on the ethernet port (192.168.254.25 /
255.255.255.252) and made the IP address of the WAN port on the VPN device
192.168.254.26/255.255.255.252).
I set the network side of the VPN device as 192.168.0.5 on my primary IP
network.
Both the WAN port and Network port of the VPN device are attached to the
same switch. They're on the same physical network (which concerns me) but
they are seperated logically on different subnets).
I can ping 192.168.0.5 from the router. No problem.
I cannot ping 192.168.254.26 even after I turned on "Return Pings from WAN"
from the VPN device.
This strikes me as a weird set up becuase I really don't have traffic
segmented out on different physical networks. Why doesn't this work? Because
I have only one Ethernet port on the Cisco device, I can't create a seperate
physical interface. Is that what I'm going to have to do to make this work?
Thanks for your advice guys!