LAN Routing
cancel
Showing results for 
Search instead for 
Did you mean: 

How to connect Windows XP to 3COM 3CREVF100-73 VPN

 
matverp
Occasional Visitor

How to connect Windows XP to 3COM 3CREVF100-73 VPN

Subject: Instructions on how to connect a Windows XP

notebook with the 3COM 3CREVF100-73 VPN firewall, using

the standard Windows VPN Client.



I m having trouble to configure the VPN server

functionality of the 3COM OfficeConnect VPN Firewall

(3CREVF100-73), to connect a Windows XP notebook to our

office network.



The firewall has been set up with a static IP, provided

by our ISP.

Communication seems ok since we already have configured

the firewall for access to our website, hosted on our

server on the private network.



On the other hand, we are having trouble setting up the

VPN server:

I ve followed the instruction in the manual (i.e.

example in section 14.4, see attachment) and I do not

get it to work.

The 3COM forum does not come up with any help either.

I just found the following article in the

Knowledgebase:



http://knowledge.3com.com/service/main.jsp?

t=documentTab&ft=searchTab&ps=documentPanels&locale=en_

US&_dyncharset=UTF-

8&curResURL=/service/main.jsp%3F_dyncharset%3DUTF-

8%26_dynSessConf%3D-

7988695252196567664%26t%3DsearchTab%26dosearch%3Dtrue%2

6locale%3Den_US%26_dyncharset%3DUTF-

8%26searchstring%3Dset%252bup%252bvpn%252bto%252bremote

%252bnotebook%26SearchButton%3DFind%26advopen%3Dfalse&c

ontextId=3430:288.462,42.189,566.587&docUrl=http://repo

rtkb.3com.com/eServer/html/published-

Public/2.0.86549731.3427936.html&docTitle=OfficeConnect

%20Internet%20Firewall%20-

%20Example%20Configuration%20of%20Remote%20PC%20connect

ing%20to%20a%20Firewall%20via%20VPN&highlightInfo=&docT

ype=HTML&docSize=9&isSrch=Yes&jumpToLink=288#GoTo288



This setup seems to use a special VPN client software

which was not delivered with the firewall. Besides, we

would like to use the more standard Windows XP VPN

client.



SUMMARY: we are in desperate need of practical

instructions on how to connect a Windows XP notebook

with the 3COM 3CREVF100-73, using the standard Windows

VPN Client?



1 REPLY
matverp
Occasional Visitor

Re: How to connect Windows XP to 3COM 3CREVF100-73 VPN

Since I haven't got any help from 3COM Support

regarding my request for instructions on this simple

matter, I had to go and figure out on my own.



Here is some more information about the progress I

made.



We set up the firewall with the public (WAN) management

IP being the static IP. After doing some more

research, I found that my main problem was in setting

up the correct type of VPN for my circumstances.



The procedure I followed was the following:

1) Create a new VPN Client Connection, using Start-

>Control Panel->Network Connections

2) Open the properties of the VPN Connection.

3) In the General tab, specify the static IP assigned

that had been assigned to the VPN firewall.

4) In the Options tab, leave the defaults.

5) In the Security tab, select "Typical"; "Require

secured password", "Require data encryption"

6) In the Networking tab, select "PPTP VPN"

7) In the Advanced tab, leave the defaults.



On the VPN firewall side:

1) In the firewall's ACL (Access Control List), allow

inbound traffic through PPTP port 1723 to your private

subnet. E.g.: Any (WAN) -->

192.168.1.0/255.255.255.0 (LAN)

2) Do the same for outbound traffic. E.g.

192.168.1.0/255.255.255.0 (LAN) --> Any (WAN)

3) Enable PPTP. My firewall allowed me to specify an

address pool for the active VPN connections, so I

selected an area outside my local DHCP, but on the same

subnet. E.g.: 192.168.1.20 to 192.168.1.30. I also

had to specify the DNS server, which would be the local

address assigned to the firewall (e.g. 192.168.1.1)



Finally, some additional information that I collected

on the way, for those that are not an expert in this

area like me.



My firewall also accepts IPSec and L2TP, which seemed

to me a more secure way to establish the VPN tunnel.

The Windows VPN client also accepts the "L2TP IPSec

VPN". I tried to configure it, but had no success.



After some research, I got the impression that IPSec

and L2TP only works in networks with Active Directory,

since it authenticates the remote party by using the

fully qualified domain name or by using the IP address.

In other words it is unpractical to implement

IPSec/L2TP if mobile remote user access is required,

unless the remote user belongs to a domain or is at a

fixed location with a fixed IP address.



Since I'm using a network with no Active Directory

(i.e. no domain server), it seems to me that for my

particular circumstances, the only practical option is

using PPTP. Is this correct?



If this is so, this would also mean that the internal

user database that can be set up in the 3COM Office

Connect VPN Firewall, would only work or make sense if

you are using PPTP. Wouldn't it?

I know for a fact that the user database works with

PPTP, but unfortunately there is no further information

on how to use this user database (or if it makes sense)

when configuring the firewall with IPSec/L2TP.



Thanks for collaborating!