Help needed!
I am setting up a new BM3.7 SP2 FP3 server on NW6SP3 with TCP6.07j
I can not get Client to Site VPN to work completely.
I can ping the private IP and login if I have a Static NAT map
172.16.1.162-->172.16.1.161 on the Public interface.
If I remove the static map I cannot ping or login to the BM private IP
or
my internal servers ip.
I am working on SLP for name resolution, but am testing with IP
addresses.
Here is our configuration:
HTTP proxy is enabled.
FTP and TELNET are working with exceptions and dynamic NAT on the
Public
interface.
Our BM interfaces are as follows:

x.x.237.35/255.255.255.224 for Public via Cisco 1601 & T1.

172.16.1.161/255.255.0.0 is our Private LAN.

192.168.1.161/255.255.255.0 is our DMZ with a Static NAT on Public
interface for Webserver at x.x.237.36(secondary address)-->192.16.1.1
VPN tunnel is at 192.168.222.1

I have always authenticated OK.
I can always ping 2 internal computers that have their default gateway
set
to the BM private address, after VPN authentication.
The internal server has a default route to the BM private address.
The BM has a default route to the internet router.

One test system is a laptop with W2K, 4.83SP2 client , and VPN client
for
3.7 Update 3, that I test with from home, and at work between the BM
and
internet router with a x.x.237.37 public IP address, and static route
on
the BM x.x.237.37 next hop x.x.237.37. At home I connect via Cable
and a
Linksys BEFSR41 router using DHCP and NAT. I have used 192.168.0.0
and
10.0.0.0 networks at home. I found that versions 1.40.2, 1.44.2, and

1.45.6 of the firmware do not allow VPN login to work, but back
revving to
version 1.39 of the firmware does.
I also test from home with a W98 system with 3.32.SP2 client and VPN
3.7
update 3. Only IP is boung to all BM interfaces, with IPX bound only
to
Private interface to allow time and NDS syncronization. Results are
the
same with all test systems and locations.

I hope this gives enough information to see were the problem my exist.

Thanks in advance for the help with this.

Brent H.
TNG, Inc.