How do you access a specific Lan Port on a Cisco 837

FSL

Does anyone know if it is possible to access individual Lan Ports on a Cisco 837 ADSL Router.

The network set up is as follows:- ADSL – Cisco 837 router – Sonic Wall –Internal Network.

The Sonic wall handles VPN access for some of the internal network users to log onto the domain, using an internet connection, when away from the office.

Another requirement was for a subsidiary with multiple sites to be able to link the sites and the centre using a virtual tunnel. I was using OpenVpn for this as it offers the required level of security, and is easy to work with. The OpenVpn server was running on a PC at the centre. The clients, including one at centre then connected to this server.

All was fine until the Sonic Wall was installed and this flatly refuses to correctly pass the OpenVpn traffic. Sonic Wall are aware there is an issue but seem disinterested in resolving it.

One solution I thought of was to move the PC hosting OpenVpn to the WAN side of the Sonic Wall. That is connect it to one of the free Lan ports on the Cisco Router.

The Problem is I cannot see anywhere in the Cisco documentation how to directly address an individual Lan Port so I can forward the OpenVpn traffic to the Lan Port with the PC and the remainder to the Sonic Wall.

If I attach the PC to the Cisco and use the IP Nat Inside Source Static command to route the OpenVpn traffic from the WAN to the IP Address of the PC it doesn’t work. Logically it would seem that the destination address for the traffic should be the address of the specific Lan Port the PC is sitting on. But can and if so how do you set it.

loyatemu

there'll be a subnet between the Cisco and the Sonicwall - is this public or private address space and are there any spare addresses? Just give the PC an address from this range. You don't need to put an extra address on the router port, and I don't think you can on those boxes anyway - they're switchports.

Static M.e.

if it is possible to access individual Lan Ports

Yes. Do you have full access on your router?

One solution I thought of was to move the PC hosting OpenVpn to the WAN side of the Sonic Wall. That is connect it to one of the free Lan ports on the Cisco Router.

If Im reading this right you want to have the following setup

ADSL – Cisco 837 router – !! Open VPN PC !! - Sonic Wall –Internal Network.

This seems a bad idea to me from a Security point of view, you are placing your OpenVPN Server in your DMZ. First off it would want to be very secure and 2nd how do you plan on giving people access to your internal LAN once they get to your PC

Why cant you use the VPN software that comes with Sonic Wall? you already use it to allow access to remote users

Also can you not just open the OpenVPN ports on the Sonicwall and pass them through?

Maybe im missing something here (Xmas work party last night so running on fumes atm )

tech

Both the sonic and Cisco are capable of proviing you with secure VPN access to your network, so I reckon get rid of one of them, if you decide to get rid of the Cisco you can put this into Bridging mode or use a netopia in bridge mode to terminate the DSL connection

The sonicwall VPN is very good

Static M.e. wrote:

Yes. Do you have full access on your router?



If Im reading this right you want to have the following setup

ADSL – Cisco 837 router – !! Open VPN PC !! - Sonic Wall –Internal Network.

This seems a bad idea to me from a Security point of view, you are placing your OpenVPN Server in your DMZ. First off it would want to be very secure and 2nd how do you plan on giving people access to your internal LAN once they get to your PC

Why cant you use the VPN software that comes with Sonic Wall? you already use it to allow access to remote users

Also can you not just open the OpenVPN ports on the Sonicwall and pass them through?

Maybe im missing something here (Xmas work party last night so running on fumes atm )