SA 540 Configuration w/CradlePoint MBR1200

Unanswered Question
Jul 12th, 2010

Currently, we have a business internet account (via AT&T) with a Netopia router bridged to a CradlePoint MBR1200 to provide for EVDO failover capability.  We are looking to open the CradlePoint up totally (i.e., no NAT, DHCP, Firewall) etc.., and have it connect directly to the WAN port of our Cisco SA 540.  The private IP of the MBR1200 is currently (which we would like to leave at).  Provided that the MBR1200 is serving basically as a switch from the Netopia/Internet, is it feasible to set the Cisco SA540's IP to, enable VPN, DHCP, NAT, provide for our LAN.  If so, what should our gateway and dns be set to (currently both are set to  If there's a better solution (given the hardware that we have), please share your thoughts.  Also, as we are running a Windows 2008 Server/AD, what would be the benefit of using RADIUS for VPN as opposed to just Active Directory combined with VPNSSL (local accounts).  I'm in a bit of a pickle, as I cannot test (24/7 uptime required) prior to implementation...and even then, I have only a two hour window to accomplish this task.  Any and all suggestions/hints/ideas are both welcome and appreciated.

Thanks,  mtr

p.s., FWIW, I have a block of public IP addresses for use as needed...thanks again.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jay.johnson1 Thu, 09/02/2010 - 21:27

Hi Keith...

I just happened to be looking for some help setting up a "site to site" vpn from my 871w to my cradlepoint mbr1200 and came across your post.  Firstoff, I'm no authority by any means but I was curious as to how you have things configure.

Is your netopia in a bridge mode and passing traffic to your mbr1200?  Also, how does your SA fit into the picture?  Are you going to keep the netopia bridged, followed by connecting the WAN of the SA to the Netopioa, followed by hanging the mbr1200 off one of the SA's LAN ports?

Just curious...



This Discussion