I'm trying to set up a VPN connection. The remote site already has a DG834G for general use, but I don't want to use it's VPN capability, I want to separate a 'public' subnet for internet only, and 'private' subnet for VPN and internet (see here on superuser.com). I'm adding an FVG318 as the remote site's VPN router.
This diagram might help explain what I'm trying to achieve:
internet -- > [834] < -- home 'public' subnet -- > [318] < -- home 'private' subnet -- > | | | friend's PC work PC 1 work PC 2
It's not obvious from the 834 manual - is there a way to configure the 834 to do VPN passthrough, so the 318 gets all the VPN packets. Or will the 834 just passthrough all packets anyway if there are no VPN tunnels configured on it? Or perhaps the 834 isn't a good choice in this set up?
Thanks for any help.
Couldn't you just put the 318 on the dmz of the 834?
As proved by just trying it, the DG834 required no configuration of port forwarding, DMZ or UPNP. It appears as through it does VPN passthrough automatically.
After having pre-configured all the VPN stuff - IKE policies, VPN policies, etc., the LAN settings, and WAN settings, we hooked it up and it just worked.