never been able to find a good ADSL router

Sounds mad but...

I need an ADSL router which can have NAT and the firewall switched off.
This is so I can connect two Netgear Prosafe routers to the static IP
addresses assigned by BT and use them for VPN tunnels.

Tried the Allied Telesyn 256 but this crashed when VPN traffic went through
it. And at £54 this was not expected.

The various white Netgears can not switch off the firewall - and can only do
DMZ which as it goes to a single host is not good enough.

Thought the D-Link 524-T would be good but the web interface has a couple of
glitches and so does not inspire faith.

Zyxel was a disaster - VPN side would not work and the logs were showing
that the settings for VPN were not being altered via the web interface.
Could try them for the initial connection but faith has bee lost.

Have used Billions in the past and though they work ok they have confusing
web interfaces. Bear in mind that I sometimes have to pass these routers
on to others who take them onsite to install.

Also, ideally, I need something which can be sourced from PC world business
because I have to order bunches at a time.



Netgear routers have been generally ok - apart from they usually need their
firmware upgrading. If Netgear could release a Prosafe which does UK PPPoA
then that would be good.

Will be sending the Allied Telesyn back but not sure if replacement will be
better.


All in all, the Netgears seem to have the best web interfaces - but do not
do a professional level PPPoA model.

Maybe I'll get a newer Billion and check them out.

Any thoughts?

Please bear in mind that I prefer to have a simple setup as I would like to
pass them to others for setting up. We also need to set up VPN tunnels on
all of our connections.


When we set up single static IP address connections I give the guys a
Netgear DG834, Netgear FVG318 and they can install both easily. We then
get the VPN configured and running fairly quickly.


kevin bailey

On 10 Mar, 09:53, kevin bailey <kbai...@freewayprojects.com> wrote:
> Sounds mad but...
>
> I need an ADSL router which can have NAT and the firewall switched off.
> This is so I can connect two Netgear Prosafe routers to the static IP
> addresses assigned by BT and use them for VPN tunnels.

Did BT supply you with a business hub (aka 2 wire HG2700)?

This will do exactly what you want. Put your static router IP and
subnet mask into the public network section, set the netgears to pick
up their WAN IP via DHCP then use the address allocation section in
the HG2700 to allocate relevant static IP addresses to the netgears.
Once they have their IPs you can then put each of them into DMZ (newer
HG2700s have the option of automatically opening firewall for each
device in the public network, you see this option when you enter the
router static IP address).

> Please bear in mind that I prefer to have a simple setup as I would like to
> pass them to others for setting up. We also need to set up VPN tunnels on
> all of our connections.

HG2700s are the standard BT router for business connections and
straightforward to set up, BT have a "network" helpdesk you can call
if you get stuck, just make sure your Netgears are set up to get their
IP on the WAN by DHCP and they should be able to get you going no
problem.

> When we set up single static IP address connections I give the guys a
> Netgear DG834, Netgear FVG318 and they can install both easily. We then
> get the VPN configured and running fairly quickly.

If you really want a simple router to do this then ask BT for a
voyager 220, but this shouldn't be necessary if you already have a
HG2700.

Regards

William MacLeod

kevin bailey wrote:
> Sounds mad but...
>
I have just put a Prosafe FVX538 behind a Draytek 2600 (current model is
the Draytek 2800) and it's working fine on one of our 5 assigned BT
addresses - the general setup was as follows:

Prosafe assigned IP address =192.168.101.10

On Draytek, one of our 5 IP addresses (81.x.x.85) was put in the DMZ
pointing to 192.168.101.10

The LAN side of the Prosafe had the router as 192.168.1.1 and a Win2K
server as 192.168.1.2.

I can't get to the Prosafe from my current location so the following is
a bit vague:

I had the Prosafe setup to 'know about' the 81.x.x.85 address, but
nothing would route until I ticked a box about about accepting alternate
addresses and added 192.168.101.10 to the list - once I had done that
everything sprang into life and it's been running fine 24/7 for about 3
weeks now.

Overall, any packets sent from the Win2K server are seen by the outside
world as coming from 81.x.x.85

If you want a better explanation of my exact settings email me or leave
a message here and I can check Monday.

HTH

L3K

On Mar 10, 9:53 am, kevin bailey <kbai...@freewayprojects.com> wrote:
> Sounds mad but...

No it doesn't - given your post in another thread about "setting a
router to LLU"!

> I need an ADSL router which can have NAT and the firewall switched off.
> This is so I can connect two Netgear Prosafe routers to the static IP
> addresses assigned by BT and use them for VPN tunnels.

<snip>

> Zyxel was a disaster - VPN side would not work and the logs were
> showing that the settings for VPN were not being altered via the web
> interface.

I'm confused - I thought you're using the Netgear to do the VPN
tunnel? In that case I would have thought the VPN settings on the
ZyXEL would be at best irrelevant, and at worst, a waste of money if
you've paid for a ZyXEL with VPN on when you don't need it.

> Could try them for the initial connection but faith has bee lost.

I've deployed many ZyXEL routers [P660H-61, P660H-D1, P660-R] on
circuits from BT, Easynet, Griffin and Legend, with varying numbers of
public IP addresses; the VPN tunnels are handled by Sonicwalls, again
of varying model. They always seem to Just Work, with the minimum of
fiddling. I guess you just had a bad experience with the ZyXEL. We
originally chose ZyXELs to handle the DSL side as they were the
cheapest ones we could find with Conexant DSL chipsets. We've stuck
with them as they never go wrong.

alexd

"kevin bailey" <(E-Mail Removed)> wrote in message
news:estv6b$fsi$1$(E-Mail Removed)...
> Sounds mad but...
>
> I need an ADSL router which can have NAT and the firewall switched off.
> This is so I can connect two Netgear Prosafe routers to the static IP
> addresses assigned by BT and use them for VPN tunnels.

can you not get BT to provide a router and / or some recommendations?
>
> Tried the Allied Telesyn 256 but this crashed when VPN traffic went
through
> it. And at £54 this was not expected.
>
> The various white Netgears can not switch off the firewall - and can only
do
> DMZ which as it goes to a single host is not good enough.
>
> Thought the D-Link 524-T would be good but the web interface has a couple
of
> glitches and so does not inspire faith.
>
> Zyxel was a disaster - VPN side would not work and the logs were showing
> that the settings for VPN were not being altered via the web interface.
> Could try them for the initial connection but faith has bee lost.
>
> Have used Billions in the past and though they work ok they have confusing
> web interfaces. Bear in mind that I sometimes have to pass these routers
> on to others who take them onsite to install.
>
> Also, ideally, I need something which can be sourced from PC world
business
> because I have to order bunches at a time.
>
this doesnt sound like a job for a cheap consumer router - and your Prosafes
have already cost a fair amount.

try a cisco 1801 - more expensive, but sounds like you have already wasted a
lot of time and effort on this.
dont bother with the wireless option.
http://www.cisco.com/en/US/products/ps6184/index.html


>
>
> Netgear routers have been generally ok - apart from they usually need
their
> firmware upgrading. If Netgear could release a Prosafe which does UK
PPPoA
> then that would be good.
>
> Will be sending the Allied Telesyn back but not sure if replacement will
be
> better.
>
>
> All in all, the Netgears seem to have the best web interfaces - but do not
> do a professional level PPPoA model.
>
> Maybe I'll get a newer Billion and check them out.
>
> Any thoughts?
>
> Please bear in mind that I prefer to have a simple setup as I would like
to
> pass them to others for setting up. We also need to set up VPN tunnels on
> all of our connections.
>
>
> When we set up single static IP address connections I give the guys a
> Netgear DG834, Netgear FVG318 and they can install both easily. We then
> get the VPN configured and running fairly quickly.
--
Regards

(E-Mail Removed) - replace xyz with ntl

On 10 Mar 2007, "ale.cx" <(E-Mail Removed)> wrote:

>No it doesn't - given your post in another thread about "setting a
>router to LLU"!

Just for fun, go back about a year for "discussion" on the subject :-
"BT router replacement required - and i'd still avoid BT like the plague"

On 10 Mar, 10:39, Linker3000 <linker3...@googleminushyphen-mail.com>
wrote:

> I have just put a Prosafe FVX538 behind a Draytek 2600 (current model is
> the Draytek 2800) and it's working fine on one of our 5 assigned BT
> addresses - the general setup was as follows:
>
> Prosafe assigned IP address =192.168.101.10
>
> On Draytek, one of our 5 IP addresses (81.x.x.85) was put in the DMZ
> pointing to 192.168.101.10

This is a odd way of doing things.... You have a routed subnet of
static IPs from BT and you appear to be double NAT'ing - a bad thing.

On a Draytek Vigor 2600 you should be using IP routing option and
putting one of your public static IPs on the LAN side of it (BT will
have told you which one to use on it). This then allows you to just
allocate another of your remaining static IPs directly to the WAN side
of the Prosafe and forget about DMZ etc.

Regards

William MacLeod

stephen wrote:

> "kevin bailey" <(E-Mail Removed)> wrote in message
> news:estv6b$fsi$1$(E-Mail Removed)...
>> Sounds mad but...
>>
>> I need an ADSL router which can have NAT and the firewall switched off.
>> This is so I can connect two Netgear Prosafe routers to the static IP
>> addresses assigned by BT and use them for VPN tunnels.
>
> can you not get BT to provide a router and / or some recommendations?
>>

They provided a Siemens but the static IP addresses never worked.

>
> try a cisco 1801 - more expensive, but sounds like you have already wasted
> a lot of time and effort on this.
> dont bother with the wireless option.
> http://www.cisco.com/en/US/products/ps6184/index.html
>

It might be an idea - I thought the Allied Telesyn would be more enterprise
level - but that one crashed when VPN's were being used.

Cheers,

Kevin

ale.cx wrote:

> On Mar 10, 9:53 am, kevin bailey <kbai...@freewayprojects.com> wrote:
>> Sounds mad but...
>
>
>> Zyxel was a disaster - VPN side would not work and the logs were
>> showing that the settings for VPN were not being altered via the web
>> interface.
>
> I'm confused - I thought you're using the Netgear to do the VPN
> tunnel? In that case I would have thought the VPN settings on the
> ZyXEL would be at best irrelevant, and at worst, a waste of money if
> you've paid for a ZyXEL with VPN on when you don't need it.

This is true - I tried to use a Zyxel to do ADSL and VPN on a remote site
and the VPN side never worked - so it gave me a bad taste for Zyxel.


>
>> Could try them for the initial connection but faith has bee lost.
>
> I've deployed many ZyXEL routers [P660H-61, P660H-D1, P660-R] on
> circuits from BT, Easynet, Griffin and Legend, with varying numbers of
> public IP addresses; the VPN tunnels are handled by Sonicwalls, again
> of varying model. They always seem to Just Work, with the minimum of
> fiddling. I guess you just had a bad experience with the ZyXEL. We
> originally chose ZyXELs to handle the DSL side as they were the
> cheapest ones we could find with Conexant DSL chipsets. We've stuck
> with them as they never go wrong.
>

Sounds like a good recommendation as you are setting up the same sort of
stuff as we are.

Thanks - much appreciated,

Kevin


> alexd

NoNeedToKnow wrote:

> On 10 Mar 2007, "ale.cx" <(E-Mail Removed)> wrote:
>
>>No it doesn't - given your post in another thread about "setting a
>>router to LLU"!
>
> Just for fun, go back about a year for "discussion" on the subject :-
> "BT router replacement required - and i'd still avoid BT like the plague"

Yep mad I know - but at least I got it sorted with some help from the NG.

All this stems from BT's inability to correctly set up their own router!

Kevin