DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Is SSL Tunnel possible here?
- legal
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 65
- Thank you received: 0
31 May 2011 15:04 #67984
by legal
Is SSL Tunnel possible here? was created by legal
Thinking of upgrading to a 2830 at main site to service incoming remote workers. At present this is configured via a 2820 which allows VPN passthough as the router sits externally to the network on a 2nd NIC which is the external side of Microsoft's ISA firewall. I like this feeling of security although I know many will say that the Draytek will provide this!
What I am now wanting is for the VPN access to be more "generic" ie using SSL and also to use one time passwords etc, but 2 issues:-
1. I assume that to use shared resources on a network you need to use SSL Tunnel rather than just webproxy?
2. I want to retain the existing "layered" approach - so can I get a 2830 to create a SSL tunnel, and then forward on that tunnel to the external NIC of the firewall server which guards the internal network? - I'm thinking this must be similar to the way passthrough on PPTP works in that you set up a Port Redirection so that the specified traffic gets redirected to teh correct private IP address (ie the external/2nd NIC)
Any thoughts, other than "just use the Draytek on the network"!!?
Thanks
What I am now wanting is for the VPN access to be more "generic" ie using SSL and also to use one time passwords etc, but 2 issues:-
1. I assume that to use shared resources on a network you need to use SSL Tunnel rather than just webproxy?
2. I want to retain the existing "layered" approach - so can I get a 2830 to create a SSL tunnel, and then forward on that tunnel to the external NIC of the firewall server which guards the internal network? - I'm thinking this must be similar to the way passthrough on PPTP works in that you set up a Port Redirection so that the specified traffic gets redirected to teh correct private IP address (ie the external/2nd NIC)
Any thoughts, other than "just use the Draytek on the network"!!?
Thanks
Please Log in or Create an account to join the conversation.
- nobody
- Offline
- Member
Less
More
- Posts: 115
- Thank you received: 0
31 May 2011 16:40 #67989
by nobody
Replied by nobody on topic Re: Is SSL Tunnel possible here?
If I understand you correct, you want to keep the extisting setup, but use SSL VPN as an addition to PPtP and maybe use the Draytek as an SSL web-proxy for accessing files ?
The ssl should work simply be redirecting the port you use for SSL VPN to the router.
The daytel SSL VPN works very nice even with a non standard port. So, if port 443 is already in use, you can use 8443 or whatever port, and in the smart-VPN client you enter it as servername:port.
If you want to use the 2930 as a web-proxy for SMB access:
This ist not possible, 2930 does not support this feature, buy a 2950/2955 instead. With the 2950 you can login using a webbrowser an access an SMB share behind the router.
(for non english or non taiwanese charachter sets there are a few problems: filenames are named strange if they contain umlauts)
The ssl should work simply be redirecting the port you use for SSL VPN to the router.
The daytel SSL VPN works very nice even with a non standard port. So, if port 443 is already in use, you can use 8443 or whatever port, and in the smart-VPN client you enter it as servername:port.
If you want to use the 2930 as a web-proxy for SMB access:
This ist not possible, 2930 does not support this feature, buy a 2950/2955 instead. With the 2950 you can login using a webbrowser an access an SMB share behind the router.
(for non english or non taiwanese charachter sets there are a few problems: filenames are named strange if they contain umlauts)
Please Log in or Create an account to join the conversation.
- legal
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 65
- Thank you received: 0
31 May 2011 16:44 #67990
by legal
Was actually the 2820 (not 2930) I was thinking off - does that make any difference?
Replied by legal on topic Re: Is SSL Tunnel possible here?
nobody wrote:
This ist not possible, 2930 does not support this feature, buy a 2950/2955 instead. With the 2950 you can login using a webbrowser an access an SMB share behind the router.
(for non english or non taiwanese charachter sets there are a few problems: filenames are named strange if they contain umlauts)
Was actually the 2820 (not 2930) I was thinking off - does that make any difference?
Please Log in or Create an account to join the conversation.
- nobody
- Offline
- Member
Less
More
- Posts: 115
- Thank you received: 0
31 May 2011 17:19 #67991
by nobody
Replied by nobody on topic Re: Is SSL Tunnel possible here?
I thought you want to replace the 2820 with a 2930 (2820 does not support SSL VPN) ?
Please Log in or Create an account to join the conversation.
- legal
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 65
- Thank you received: 0
31 May 2011 17:24 #67992
by legal
No, I want to replace it with the 2830 (the new adsl router which I believe does support SSL)
Replied by legal on topic Re: Is SSL Tunnel possible here?
I thought you want to replace the 2820 with a 2930 (2820 does not support SSL VPN) ?nobody wrote:
No, I want to replace it with the 2830 (the new adsl router which I believe does support SSL)
Please Log in or Create an account to join the conversation.
- nobody
- Offline
- Member
Less
More
- Posts: 115
- Thank you received: 0
31 May 2011 17:35 #67994
by nobody
Replied by nobody on topic Re: Is SSL Tunnel possible here?
AFAIK, the 2830 does not support SSL VPN.
only 2930, 295x, 3200
check the features:
http://www.draytek.com/user/PdInfoDetail.php?Id=126 #
or the live web demo:
http://www.draytek.com/.upload/Demo/Vigor2830/v3.3.6/
I find nothing about SSL VPN.
only 2930, 295x, 3200
check the features:
or the live web demo:
I find nothing about SSL VPN.
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek