Having got my upgrade to NSBS 6.5 SP2 and BM3.8 SP2 completed - and
iManager 2 working, I want to set up C2S VPN.

Current situation:

Vigor 2600 with X.Y.Z.206 at WAN interface and 192.168.A.B on LAN
interface with NAT enabled.

This is connected to my BM Server Public interface on 192.168.A.C.

This has BM3.8 SP2 providing packet filtering and HTTP proxy only and the
private NIC 192.168.M.N.

This is working fine - including the filters.

Router Capacities:

Will act as a VPN Server for IKE (but preshared secret only) - but also as
VPN pass through if this capacity is disabled. I have 8 public IP
Addresses X.Y.X.200 - X.Y.Z.207 - but .200 is reserved for the network,
..206 assigned to router and .207 for broadcast. So .201 - .205 is what is
really available if needed. There is a capacity to set up a WAN IP alias
to bypass the NAT - but whenever I have tried this it breaks the filters
(but this maybe because I don't altogether understand it.)

Note that if necessary I could set up a third NIC as I have a spare.


I can see how to set up the router as a VPN server as per Craig's Linksys
example - but is it possible to bypass/passthru the router and use BM
directly as the VPN server? If so, how do I need to deploy IP addresses?
Do I set the address to X.Y.Z.206? What additional static routes do I
need? What about NAT?

Craig's book is excellent - but as he points out cannot deal with every
set up. Help from Craig or those with a Vigor 2600 setup which is working
will be much appreciated.

Colin Quine