Need help with NAT settings on ADSL Speedtouch with VPN Router

By mccroang ·
Hello Everyone. I am stuck trying to provision a Speedtouch 586 ADSL modem with Static Public IP Address to provide internet connectivity for my Nortel Contivity 1100 VPN Router. I have a static public IP address assigned in the ADSL modem and provisioned NAT from it to a 10.X.X.2 address. The 10.X.X.2 address is provisioned in my VPN Router as the public IP address. I am unable to ping the ADSL modem public IP address from my VPN router. Should the NAT entry in the ADSL modem pass all ports through to the VPN Router address? Do I need to do NAPT and only send the ports needed to the VPN Router public IP address?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

you have 2 subnets

by CG IT In reply to Need help with NAT settin ...

your ADSL modem is in reality a router. see :

adding in a second router creates 2 subnets. Therefore the Speed touch has a firewall and does NAT. So it's the gateway for all clients behind it [including additional routers. With that the Nortel WAN must be on the Speedtouch LAN [assuming that the Speedtouch connects directly to your ISP. It also must use the speed touch LAN address as it's default gateway. Clients behind the Nortel use it as their gateway. DNS for all is your ISPs DNS servers.

For VPN to work, you have to passthrough PPTP and/or L2TP from the Speedtouch to the Nortel which in turn either establishes the tunnel, authenticates uses and provides clients with LAN addressing OR forwards to a VPN server with establishes the tunnel, authenticates users and provides users with a LAN address.

Not sure why you have 2 routers in the mix but that's what needs to be done.

Collapse -

Maybe the same problem?

by mfpinhal In reply to Need help with NAT settin ...

Did you solve your problem?
I will be very welcome if you help me solve it...

So here it goes:

I have one Nortel Contivity 1100 that is supposed to be a VPN client/server and one other router that simply connects to the internet.

The only thing i want to do is to configurate the router that connects to internet (in my particular case one Thomson 536i v6) to be "VPN passthrough"/ipsec enabled.

All the configurations of IP and networks on the contivity and the router are ok.

The problem is that although the router as much as i've search for it has VPN passthrough enabled (
I couldnt make it work, having the indications that i just needed the UDP 500 and TCP 50 and 51 ports open....

Other informations:
Firewall was off, Contivity was configured with the gateway of the router (the Contivity was well configured..), there was no particular option for "enabling VPN passthrough" in the router's web interface, and I tried to give it a shot in the games/application rules pointing to the Contivity IP like:

PTCL PORT to (Trigger PTCL) (Port Destination)
TCP 50 50-50 TCP 50
TCP 51 51-51 TCP 51
UDP 500 500-500 UDP 500

(this rule associated to the contivity IP)

Any one has any idea?
Any recommendation of one router that will make this easy and simple to me?

Thanks, and sorry for some lack of information.

Related Discussions

Related Forums