Cable Forum - View Single Post

otpayne · 07-04-2005, 15:18

Hi,

First post so be gentle.

We have NTL business broadband installed at one of our sites and are using this for VPN tunnels back to head office. We asked for fixed IP addresses to enable this, however NTL seem to have a different idea of a fixed IP address to the rest of the planet. Basically the IP is leased to a mac address, this has caused us no end of problems. However the basic problem seems to be that because of this NTL uses some for of transparent proxy for the IP address.

Now we coome to the problem. When the tunnel is created on our firewall it checks the source IP address of the package and tests it agianst the endpoint of the ip tunnel. Because our device is relatively intelligent it detects the ip address of the proxy as the end point of the tunnel and fails to create the tunnel as the proxied ip address and source ip are different. After hours of talking to the trained chimps at NTL who have kindly every time told us that thye have proved connectivity and that the call is ended. We have not managed to get any further with NTL and therefore cannot use tunnels. Why can't NTL assign fixed IP's like everyone else and why the hell do they proxy on business essential accounts when they know that people will be tunnelling etc on these types of accounts. Does anyone have any advice on how to get around this or if they have managed to get this turned off for their business broadband accounts?

07-04-2005, 15:18	#1
otpayne Inactive Join Date: Apr 2005 Location: Cardiff Posts: 4	VPN tunnel creation Hi, First post so be gentle. We have NTL business broadband installed at one of our sites and are using this for VPN tunnels back to head office. We asked for fixed IP addresses to enable this, however NTL seem to have a different idea of a fixed IP address to the rest of the planet. Basically the IP is leased to a mac address, this has caused us no end of problems. However the basic problem seems to be that because of this NTL uses some for of transparent proxy for the IP address. Now we coome to the problem. When the tunnel is created on our firewall it checks the source IP address of the package and tests it agianst the endpoint of the ip tunnel. Because our device is relatively intelligent it detects the ip address of the proxy as the end point of the tunnel and fails to create the tunnel as the proxied ip address and source ip are different. After hours of talking to the trained chimps at NTL who have kindly every time told us that thye have proved connectivity and that the call is ended. We have not managed to get any further with NTL and therefore cannot use tunnels. Why can't NTL assign fixed IP's like everyone else and why the hell do they proxy on business essential accounts when they know that people will be tunnelling etc on these types of accounts. Does anyone have any advice on how to get around this or if they have managed to get this turned off for their business broadband accounts?