DLINK DI-824VUP VPN router setup with windows remote computer

[carl d.]

I am trying to set up a vpn tunnel (IPSec/IKE) from my remote windows xp laptop into my home network with a D-Link router as an endpoint. I need to be able to vpn into my home network from remote places to access my home computers.. 

I just exchanged a netgear LINKSYS (CISCO) BEFVP41 Etherfast Cable/DSL VPN ROUTER because it won't do it.

 

CDW checked and said "this Dlink DLINK DI-824VUP will do the job" with the stock vpn client built in to windows 2000/windows XP (no need to buy a client) so now I have this DLINK http://www.dlink.com/products/?pid=274.

 

Well, I've got a little problem because the instructions kinda suck.

The manual has a how-to for setting up router-to-router.

The manual has theory of what the vpn setup options do but no examples for setup with a non dlink client.

The support site here: http://support.dlink.com/products/view.asp?productid=DI%2D824VUP ...

Answers this question: How can I connect to the Internet while using the built-in Windows VPN client and connected to the PPTP server of my router ? ...

With this response "click here for microsoft setup instructions: http://www.microsoft.com/technet/community/columns/cableguy/cg1003.mspx "

Which has nothing to do with setting up a DLink router.

 

Maybe given enough time I will probably figure it out, hopefully before the return period expires.

 

sheesh

[Richard Jones]

Carl,

I just got this router (DI-824VUP), and had a round of fun
getting it set up. :-) I am not up on all the alphabet soup of acyronyms for
the VPN stuff, but as near as I can tell, the router has a total of 4 ways
of doing VPN connections.

1) "Full" static VPN tunnels, endpoint-to-endpoint. This is what
you get on the main VPN setup page. The problem with this for a mobile
connection, is the IPs of both ends must be known and entered to establish
the tunnel.

2) "Dymanic VPN". Only the IP address of the router needs to be
known, and the other end's IP address can vary.

Both 1 and 2 above require you to go deep into the innards of XP and
set up all these IPSec policies that make my eyes glaze over. <g> Type 1)
would be used for router to router connections, and for router to a XP (or
whatever) machine endpoint with a static public IP address. Type 2 could
conceivably let a mobile XP client connect for anywhere, but you still have
a mess of IPSec policies to deal with. The other two are

3) PPTP server

4) L2TP server

You can use the built-in VPN client of XP to connect to the
router using these. ON the VPN set up page, click the buttons for PPTP and
L2TP server to set up. The way D-Link sets this up, you have to use a
virtual IP subnet for the PPTP or L2TP. The default is 10.0.0.0/8, I think.
Anyway, the D-Link will NOT let you enter the same subnet you use on the LAN
side, and this causes routing problems for the client.

If, under the advanced TCP/IP properties for the VPN client, you
check the "use default gateway" on the remote server, it will work, however,
all traffic to the internet is then routed to the VPN. If you uncheck it,
internet traffic goes as normal on the client, but it can't reach any
machines on the LAN subnet behind the router, without manually entering the
proper route command to do so.

If you scroll back on this board you'll see where I asked a
question about automatically assinging a static route for the VPN client,
and have got no answers yet. What I did was come up with a very crude and
down-and-dirty batch file that did this by using "findstr" and the "for /F"
parsing option to find the interface number from "route print"'s output,
then do the "route add" command.

Anyway, using the PPTP or L2TP server function is the easiest way to
make a VPN connection to the router.

-Richard