"Hubert Mayr" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Is my computer environment which I have wrong for VPN configuration? Need
I
> a DMZ?
The ideal situation would be if the USR Router can also server as a VPN
Server. If it cannot then you probably will need to create a new subnet.
This would be between the USR Router and the rest of your network, so it
would be similar to a DMZ but not exactly the same thing, it would just
simply be two private subnets on the same private LAN. There is no "NAT"
between these two subnets like there would be a DMZ, it would just be normal
Layer3 routing, that's why I don't consider it a DMZ
Yes, that means all your machines and clients would get re-addressed, unless
the USR Router can change the address set it uses on the internal side, if
it can then just change it instead (but some can't). The duel-nic VPN
machine would double as the VPN Server and the LAN Router and would site
right between the two subnets with your network on one side and the USR
Router on the otherside. Your machines would use it for their Default
Gateway and then it would use the USR Router as its Default Gateway.
Thereis a few things to deal with this properly, but if you're familiar with
general networking well enough you shouldn't have any problems.
But!...If it was me, I would either try to use the USR Router as the VPN Box
or replace it with one that has the ability to do so, then you aren't having
to redesign your whole netowrk for the sake of this.
--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
Similar Threads
Linear Mode
