Help needed!
I am setting up a new BM3.7 SP2 FP3 server on NW6SP3 with TCP6.07j
I can not get Client to Site VPN to work completely.
I can ping the private IP and login if I have a Static NAT map> on the Public interface.
If I remove the static map I cannot ping or login to the BM private IP
my internal servers ip.
I am working on SLP for name resolution, but am testing with IP
Here is our configuration:
HTTP proxy is enabled.
FTP and TELNET are working with exceptions and dynamic NAT on the
Our BM interfaces are as follows:

x.x.237.35/ for Public via Cisco 1601 & T1. is our Private LAN. is our DMZ with a Static NAT on Public
interface for Webserver at x.x.237.36(secondary address)-->
VPN tunnel is at

I have always authenticated OK.
I can always ping 2 internal computers that have their default gateway
to the BM private address, after VPN authentication.
The internal server has a default route to the BM private address.
The BM has a default route to the internet router.

One test system is a laptop with W2K, 4.83SP2 client , and VPN client
3.7 Update 3, that I test with from home, and at work between the BM
internet router with a x.x.237.37 public IP address, and static route
the BM x.x.237.37 next hop x.x.237.37. At home I connect via Cable
and a
Linksys BEFSR41 router using DHCP and NAT. I have used
and networks at home. I found that versions 1.40.2, 1.44.2, and

1.45.6 of the firmware do not allow VPN login to work, but back
revving to
version 1.39 of the firmware does.
I also test from home with a W98 system with 3.32.SP2 client and VPN
update 3. Only IP is boung to all BM interfaces, with IPX bound only
Private interface to allow time and NDS syncronization. Results are
same with all test systems and locations.

I hope this gives enough information to see were the problem my exist.

Thanks in advance for the help with this.

Brent H.
TNG, Inc.