D-Link Forums

The Graveyard - Products No Longer Supported => Routers / COVR => DGL-4100 => Topic started by: rocketslug on December 11, 2008, 10:07:37 AM

Title: Nortel VPN Client - NO Go on DGL-4100
Post by: rocketslug on December 11, 2008, 10:07:37 AM: I love my DGL-4100. I can join any multiplayer game as if I was in the same room with the people! It is the ultimate wired gaming router.

But sometimes I need to work as well, and there is my mysterious problem.

I'm using Contivity VPN Client V04_65_340, Running as application, Logging is enabled. I have also tried newer editions. It unfortunately works on my other two much older routers (from two different manufacturers) but not on my new DGL-4100. All AGLs are enabled.

It doesn't even work if I set the PC I'm trying to VPN from as a DMZ!

Help?
Title: Re: Nortel VPN Client - NO Go on DGL-4100
Post by: RussellM on December 11, 2008, 01:27:26 PM: I've used this particular VPN client before, however not with a DGL model.

Just make sure you open/forward UDP ports 50,51 & 500 to the computer in question. If you're still having problems, post again and I'll try to research the issue further.

-Russ
Title: Re: Nortel VPN Client - NO Go on DGL-4100
Post by: rocketslug on December 13, 2008, 06:28:56 AM: Yeah, I think its weird it won't let it through. I'll try the port forwarding.
Title: Re: Nortel VPN Client - NO Go on DGL-4100
Post by: glengrp707 on December 14, 2008, 08:55:07 AM: Setup a Special Application (Advanced Tab) to allow UDP 500 (Trigger and Input).

Hope this helps....I have had Nortel VPN running on 4100 for awhile.

Good luck
Title: Re: Nortel VPN Client - NO Go on DGL-4100
Post by: funchords on December 14, 2008, 12:58:27 PM: Quote from: glengrp707 on December 14, 2008, 08:55:07 AM
Setup a Special Application (Advanced Tab) to allow UDP 500 (Trigger and Input).

Hope this helps....I have had Nortel VPN running on 4100 for awhile.

I like glengrp707's suggestion.

As another thing to try, if needed, SPI or the ALGs might also get in the way -- clues might be seen in the log, but even if they're not, try disabling SPI and/or all/some of the ALGs. I've seen some backward behavior in the ALGs across various versions (where disabling the ALGs allows that very application to work).
Title: Re: Nortel VPN Client - NO Go on DGL-4100
Post by: Fatman on December 15, 2008, 09:06:20 AM: the ALG will be your issue in my experience, disable that bad bad puppy and we will be on our way.

Also I would look into whether or not NAT-T is enabled at your workplace's side, it has been known to cause issues.
Title: Re: Nortel VPN Client - NO Go on DGL-4100
Post by: rocketslug on January 01, 2009, 07:27:11 PM: Sorry I haven't been on for a while to thank all of you. . haven't needed to work from home lately.

I tried the easy way first:

"Setup a Special Application (Advanced Tab) to allow UDP 500 (Trigger and Input)."

Success! ;D

I knew it was the 4100 blocking it. .. it had always been able to connect before.

Now I can connect wirelessly via my old Netgear router connected to my 4100. . and I've got two firewalls guarding all my wireless devices in the process.

Thanks again everyone!
Title: Re: Nortel VPN Client - NO Go on DGL-4100
Post by: Fatman on January 05, 2009, 08:53:01 AM: I hate to be the bah humbug troll this morning but...

Having 2 NAT devices gives you no greater protection, it does increase the complexity of your configuration and lead to potential routing and MTU issues. This would also make you ineligible for troubleshooting if you called in to Tech Support (to give you an idea how we view this issue). D-Link does not advise using 2 NAT devices on the same network, if you are just using the 2nd NAT device as a wireless AP with built in switch that is acceptable. If you have cables in both WAN ports that is not.