This post is written in English on purpose, because the thing I’m going to write is a document I could have needed myself but didn’t find anything remotely helpful. English, so that anyone can (hopefully) read it.
The cause I’m writing this is, that I’m pretty angry about all the resources I found in the net about this topic: Everyone has an opinion, everybody suggests something, but it seems to work nowhere. And if someone really says “hey, here it works”, than he forgets to tell the rest of the world how it works exactly. Grrrrrrrr!! But now on to the article.

The Problem:
The Netgear 612V is a nice litte VOIP-router that can connect to your DSL/Cable-Modem and where you can plug in exactly 1 computer (or hub/switch) and up to two analogue phones. Now, if you want to use more than one computer, you need that said router. Netgear says that you have to plug the TA612V directly into the DSL-modem, so you have the connection as follows:
DSL-modem —> TA612V —> Switch/Router/Hub/whatever —> several computers
Got it? Right. This setup works quite flawlessly (at least here), with one exception. Cisco’s VPNClient application does not work behind the TA612V. Believe me, I tried everything concerning port-forwarding or searching the whole d**n web for a solution. But either is it impossible or I’m just too stupid for this. I Believe it ist the first possibility… No, really, I think that the TA612V has some ports you can’t change forwarded to itself that the VPNClient relies on.
And this is where the fun starts: To get the VPNClient working again, the following setup should work:
DSL-modem —> router —>TA612V and several computers hanging all at this same router
So, Netgear says “we don’t support the TA612V behind a router”. The net basically says “I don’t have a clue, but why don’t you try the following…” Waaaaahhh…

The solution:
Yes, I’m having a solution for this problem. And the best thing: I’M GONNA TELL IT TO YOU!!1!
After reading a lot of websites about sipgate, sip port forwarding and a lot of other related articles, nothing worked, and I found the solution merely by accident.
To get everything working, do the following:

  1. Check that your DSL/Cable-modem has access to the internet (yes, I know…).
  2. Connect the DSL-modem to the router’s (no, not the TA612V) DSL-Port and check that it can also connect to the internet.
  3. And now pay attention: Use a standard network cable (patch-cable) and connect the TA612Vs “Ethernet”-port to one of the ethernet-ports on the router.
  4. You should now be able to access the TA612Vs web-interface. Do this and disable the firewall (you use the firewall* in your router, don’t you?), set up the correct IP for the TA612V (NOTE THE IP NOW!) and configure it to your needs. I basically switched everything off (uPNP, remote access, firewall, etc…) except for the VOIP-features. Good idea to restart the TA612V now…
  5. Right now, the TA612V should not be able to connect to the phone line. You got a yellow blinking light, right? No, it won’t connect right now. Read on.
  6. Open your router’s configuration interface (no, again it’s not the TA612V). You have to do some port forwarding. Forward the following ports to the TA612Vs IP adress (the one you noted earlier):
    • 5060
    • 5004

    My router doesn’t ask if he should forward UDP or TCP (wonder what he’s forwarding anyhow…), but according to the net (*grrrrr*), these should be UDP ports.

  7. You DON’T have to set up a DMZ for your TA612V, it works without. The only thing I don’t know is, if the TA612V will get it’s auto updates via tftp. But according to the net (again: *grrrr*), the ports 69 and 2400 should do this. Haven’t tested this right now.
  8. And now, be prepared to do the magic: Unplug the patch cable from the TA612Vs “Ethernet”-labeled port and plug it into the port called “Internet”. Don’t unplug anything at your router. Wait some seconds and you should be connected!. The downside, you can’t access the web-interface of the TA612V anymore. You have to connect the patch-cable to the ethernet-port again to do this. This really scared me, but as long as it works, I don’t care why.
  9. Now go and try the VPN-Client at one of your computers. The fact that the PCs internet-connection now doesn’t go through the TA612V anymore, you can do everything you want with Cisco’s little tool.

So, I hope that this article finally is one of the more useful ones and you found the answer to what you were looking for. If this little howto was useful for you, please write a comment. Also, if I missed something, let me know. And now go and have some fun with your new setup. NOW!

*Note for firewall-users: My 3Com router has a mode called “SPI and Anti-DoS firewall protection”. If this firewall is turned on, my setup doesn’t work. But instead of shutting down the whole firewall (never ever do this!), I kinda work around this by disabling the “Enable UDP Session” box. That means, I basically have no firewall for UDP-connections anymore. That’s not a good thing, but maybe your router-firewall isn’t as aggressive as mine…