>> Netopia >> Support >> International Broadband Equipment Support >> Eircom 3300 Series Support Page >> IEIR_082
IPSec Passthrough IEIR_082
This Technote refers to passing IPSec traffic through Netopia products; this does not address VPN tunnels which terminate at the router.
CAUTION: IPSec tunneling supports IP routing only. IPX, AppleTalk or any protocol other than IP will not be routed across an IPSec tunnel.
Firmware Reference v7.4 and later -- Netopia 3300 Series

Browse into the Netopia's web interface at http://192.168.1.254 (if using the default IP setting). If your network has a different IP addressing scheme, modify this accordingly.

Once logged in, click on the Expert Mode link in the left-hand side menu (if that link is visible). In the Expert Mode Confirmation screen click on Ok to continue. This menu bar will be visible at the top of your screen if you are in Expert Mode.

Before you start

Remember to click the button to save any entries. Hitting the back button without clicking will undo any changes.

Once you have completed your configuration, click on the symbol in your upper right hand corner to validate the changes. Then click on Save and Restart.

The Netopia Web GUI Home Page in Expert Mode (Firmware v7.2 and later)

Notice

This document is provided to you as an added service by Netopia Technical Support. Although the configurations described below have proven successful in many instances for doing Microsoft Networking across a WAN or VPN connection, we cannot guarantee success in all circumstances due to the many variables and unpredictable behavior common to Windows OS. If the following suggestions do not provide the results you desire, please contact your MIS Department, or Microsoft Technical Support directly as Netopia cannot further support the features of Windows OS.

Inbound Passthrough - - Netopia 3300 Series
  1. 7.1.2:  Inbound passthrough is supported using the Software Hosting passthrough feature. See 7.1.2 documentation for a description of this feature.


    Software Hosting: Access from Configuration --> Advanced

  2. 8.x:  Inbound passthrough is supported via Static Maps and Server Lists. Click on the link to see the Netopia instructions for these features.

Outbound Passthrough - - Netopia 3300 Series
    PLEASE NOTE: Under certain circumstances it may be necessary to disable this feature. An explanation follows below. To disable this feature the box should be unchecked.


    Enabling IPSec PassThrough: Access from Security --> IPSec

  1. 7.4 or greater Outbound IPSec is supported. Make sure the IPSec PassThrough box is checked in the web GUI as shown above.
    PLEASE NOTE: Under certain circumstances it may be necessary to disable this feature. An explanation follows below. To disable this feature the box should be unchecked.

Conclusion
Under certain circumstances it may be necessary to disable the IPSec ALG function:
  1. The IPSec client you are using asks to disable IPSec ALG's or IPSec Helper Applications.
  2. You want to use a NAT translation or NAT friendly mode on your IPSec client and want the Netopia device to have no effect on the packet.


Related Links
Getting Started; TCP/IP Properties
Installing a Feature Key for the 3300 Series

Copyright © 2003-2005 Netopia, Inc. All rights reserved.