Linksys BEFVP41 VPN problems

[ScottCudmore]

Hi,
I just purchased the new Linksys VPN router. I want to be able to connect to my home network from a remote Windows 2000 machine. There are no stpes or docs on how do do this. Only Linksys to Linksys VPN. When I connect from a Windows VPN conenction, all I get is an error on the Linksys.

Does anyone have any ideas?

Scott

 

[elmo1]

Same for me......I think you need xp pro to access it...

 

[Guest_imported]

I am having the same problem. I ready to return the F$%#*&G thing.

 

[MattWray]

Doubtful that you need XP, 2k should be fine. What kind of address scheme do you have ie static or dynamic? If you have dynamic you may need help from your ISP, or I could be Way off.. Matt Wray
CCNA, MCP
mwray77518@yahoo.com

 

[Guest_imported]

My ip is dynamic from swbell, I'm curious as to what type of addressing scheme I should used, and what would be the best way for me to set up a host to gateway connection...

 

[MattWray]

If you have a static IP you can remotely connect via VPN or RAS. I have not setup RAS but I did just setup a VPN for our network. Very easy once you know how to do it! Matt Wray
CCNA, MCP
mwray77518@yahoo.com

 

[shemfoo]

once you have the VPN router configured according to the Linksys manual, you should be able to set the Win2k client up according to the documentation provided by Linksys, or search Microsoft's website. If you still can't find it, I can send my documentation to you.
Bear in mind if you have a dynamic address, you will need to know the IP that you have assigned and make changes to the client accordingly.

 

[MattWray]

That also depends on how the ISP is issuing IPs. They may have some sort of NAT running, in which case you will probably have to get some sort of support from them. Matt Wray
CCNA, MCP
mwray77518@yahoo.com

 

[alopera]

I currently connected two VPN routers and I am still testing. I'm trying to get through our company network and connect with my home PC. I have been able to connect and I was able to map the C drive on my home pc. I was wondering if that is all I will be able to do? Because I was not able to see my computer on the network neighborhood? Am I doing something wrong.. I called Linksys and they stated that they could not help me because I was already connected and that my problems were just networking between a windows 98 machine and and windows 2000. Any help would be great.

 

[MattWray]

I don't think you can browse with net neighborhood. Try using the comand line. \\computername\share. Matt Wray
CCNA, MCP
mwray77518@yahoo.com

 

[spaceman]

Ok Folks Lets start again. Using the BEFVP41, how does one setup the client side (Win2k or WinXP). Can the Windows VPN client just authenticate with the remote Linksys VPN? Or does it have to forward the packets to a single destination. The menu's appear to allow connection a client to a remote subnet or subnet to subnet.

Has anyone found detailed instructions ?

 

[MattWray]

I don't know a lot about that Linksys, but you should be able to make sure it allows traffic thru on port 1723. With Win2k VPN connection:
Network and Dial-up Connections-> Make new-> connect to private network-> follow the wizard thru the rest of the steps.
Let us know how it goes! Matt Wray
CCNA, MCP
mwray77518@yahoo.com

 

[spaceman]

Matt,

I did this with no luck already. Typically, the better VPN servers play nice with the Win2k/WinXP built in client. It's too bad that Linksys didn't include basic instructions to get a mobile user access to their networked computers and printers behind the VPN/Router.

Spaceman

 

[madnessxx]

NO the linksys BEFVP41 IS the vpn endpoint. And you wont use the create VPN connection wizard to connect to it (that is PPTP and L2PT. That won't obviously work since at NO time durring the linksys side of the setup are you asked for a username and password.

I am going to be playing around with the IPSec MMC and try to make this work. At least these wizards are talking about the same things as the linksys config page (preshare keys etc... VS username and password)

I have configured two of these boxes to talk to each other but the documentation does mention its ability to work with MS/Cisco and other IPSEC devices.

 

[MattWray]

Does it HAVE to be the endpoint? Why not have the VPN pass-thru and use your server for connecting, this is not supported by that Linksys? Matt Wray
CCNA, MCP
mwray77518@yahoo.com

 

[madnessxx]

Yes, other wise you would have paid double for exactly the same feature set of the BEFSR41. That is the whole point of the BEFVP41 to be the endpoint of up to 70 tunnels.

Im not trying to flame here just point out that alot of you are missing the point. This is the exact info linksys gave me when I called techsupport
1) how to it up so you can checkmark the l2tp,pptp box and MS VPN out.
2) 3rd party VPN solutions are not supported. It stated in the manual that it can do IPSec w/ Win2k, but they dont have docs on it.

 

[DougTheDawg]

I have been able to make a little more progress setting up the security policy, but I had to follow the microsoft instructions

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q252735

the big difference is specifying an ipsubnet, instead of the using the MyIPAddress option when setting up the filters in secpol.msc. This is different than the linksys how to page.

This change allows me to start a tracert from my outside Win2K box to an ip address inside the vpn box. However, the trace route only goes through about 3 of the steps, and then starts to time out, and never gets to the external address on the VPN side.

Does anybody have any ideas on other debug tactics to figure out why the tracert stops.

 

[tfccom]

Hi Everyone,

Just thought I would add my two cents and ask a question, too.

For ISP's using dynamic IP addresses for clients or DHCP, just use a service like deerfield.com's dns2go service. Just set up the dns2go client of ONE MACHINE on the network, and you will now have a fully usable DNS name to log into your VPN with (yourlan.dns2go.com)!

I posted a question asking if indeed the darn VP41 is a headend router, and I guess it is, but how can it be without a username or password; does the public key function as a username/password??? My remote Win 2K pro user tries to connect, but it just says "No response, redial in xx seconds)...HOW DO YOU SET THIS THING UPPPPPP?!?!?!?!?!?!?

Thanks,
Trevor Farren,
Lexicomm Communications Canada

 

[DougTheDawg]

Hello

Just for clarification I'am trying to connect from an external Win2K box, to the VPN box, not BEFVP41 to BEFVP41.

In my dealings with Linksys tech support, they say that you do not make a "network connection" using the dialer. Everything is handled through the IPSec and security policy configuration, and it is always on. I do not know enough about these two things to know if that is really all that is required.

It seems to me that regardless of whether you have a VPN box on Network B, you should be able to configure the security policy on a machine on Network A, which specifies how to get to an internal ip address on Network B, and then do a tracert "internal ip on Net A", and that should get you all the way to the external ip address of Net A.

Maybe it all has to be working properly before this kind of test will work.

Maybe this box really does not work as advertised, I think that Linksys needs to address this issue soon, there documentation does not seem to be complete.

 

[DougTheDawg]

My latest conversation with the tech support line says that the "create network connection" option should work fine.

I still get a no answere when I attempt to connect. I am going to attempt to forward ports 1723 and 47 from my DSL modem to the VPN router and see if this helps.

Has anyone else gone down this path already?