Skip to main content

Netcomm NB8WVPN and the Netgear DG834

After the woes I've experienced with the DG834 I cast about looking for a replacement device. It needed to be a decent ADSL 2+ router (with built in modem) and support site-to-site VPN tunnels - none of this VPN pass through garbage. After looking around a bit, I found the NB8WVPN from Netcomm which promises all sorts of things about how wonderful it is etc etc. So I purchased two and set them up at one of my problem sites - both ends. Now each of these sites has an Alcatel-Lucent phone system that use a VOIP link to put calls through to each other. Naturally this VOIP link has to go across a VPN.

With the VPN established between the two sites, I had some connectivity between them - that is, I could ping and browse the network etc but the phone systems couldn't talk to one another. The initial part of the VOIP signalling goes through, but the call itself doesn't. Remarkably frustrating I must say. After alterations to the phone systems (and I must add: the VOIP worked perfectly over the Netgear VPN) we got partial signalling through.

Eventually I put the stable Netgear back in and here's where it gets tricky. When I created the VPN between the NB8WVPN and the DG834 I had to make it quite basic. No Perfect Security or anything like that. Also, in the Advanced settings on the NB8, I had to change the settings to SHA-1 from it's original setting. Once this was all done I got a VPN back up! Yay! Before I performed jumps of joy, I tested it with my trusty sidekick. He could call me (from the Netgear side) but couldn't hear me and I couldn't call him from the NB8 side. The support on this is very sketchy out there. I was surprised by how little there is about these routers out there. I eventually upgraded the firmware on the NB8 and it's nearly time to test.

The good thing out of all this is, that the VPN was able to carry data like pings (ICMP) NetBIOS queries and various TCP streams like HTTP. It just doesn't seem to like the VOIP signalling. Additionally I found it very useful to disable the QoS on the Netcomm's. I tested the VOIP signalling by using two Linux notebooks with extra NIC's bridged and running Wireshark to see what was happening. I now need to go back to site and test it all.

Comments

Popular posts from this blog

Plone - the open source Content Management System - a review

One of my clients, a non-profit, has a lot of files on it's clients. They need a way to digitally store these files, securely and with availability for certain people. They also need these files to expire and be deleted after a given length of time - usually about 7 years. These were the parameters I was given to search for a Document Management System (DMS) or more commonly a Content Management System (CMS). There are quite a lot of them, but most are designed for front facing information delivery - that is, to write something, put it up for review, have it reviewed and then published. We do not want this data published ever - and some CMS's make that a bit tricky to manage. So at the end of the day, I looked into several CMS systems that looked like they could be useful. The first one to be reviewed was OpenKM ( www.openkm.com ). It looked OK, was open source which is preferable and seemed to have solid security and publishing options. Backing up the database and upgradin

Musings on System Administration

I was reading an article discussing forensic preparation for computer systems. Some of the stuff in there I knew the general theory of, but not the specifics of how to perform. As I thought about it, it occurred to me that Systems Administration is such a vast field. There is no way I can know all of this stuff. I made a list of the software and operating systems I currently manage. They include: - Windows Server 2003, Standard and Enterprise - Exchange 2003 - Windows XP - Windows Vista - Windows 2000 - Ubuntu Linux - OpenSuSE Linux - Mac OSX (10.3 and 10.4) - Solaris 8 - SQL 2005 - Various specialised software for the transport industry I have specific knowledge on some of this, broad knowledge on all of it, and always think "There's so much I *don't* know". It gets a bit down heartening sometimes. For one thing - I have no clue about SQL 2005 and I need to make it work with another bit of software. All complicated and nothing straightforward. Irritating doesn&

elementary OS 5.1 Hera - a review and a revisit

 It's been ages since I used a desktop Linux distribution - being up to my ears in the horror of implementing ISO 27001 doesn't leave you much time to play around with computers - too busy writing policies, auditing and generally trying to improve security to a formally acceptable and risk managed level. I need a quick, small OS though to do the occasional network scan, view the contents of a dodgy file on and for general, low impact activities. I remembered reviewing elementary OS ( elementary.io ) some time ago ( see  https://www.ryv.id.au/2015/01/elementary-os-review.html ) from 2015 so I thought it was worth a revisit.  I downloaded the ISO from their website, forgoing to donation for the moment while I review it. If it turns out I'm going to keep using it, I'll send them some love. The ISO is 1.38GB in size and I booted it in a VMware Player instance. From go to whoa (I won't include the install photos here) it took about 10 minutes with a dual vCPU and 4GB of