Linksys VPN routers... 8

[gacollier]

Has anyone used a Linksys RV082 for site-to-site VPN? I'm looking for a fairly robust, yet inexpensive site-to-site-to-site VPN solution. I'm thinking of using the RV082 at the main office, and Wireless-G WRV54G for (3) branch offices locations. Can anyone give me feedback on if this is the right type of equipment?

Thanks in advance.

 

[deeno]

Gaute,

What you describe is a common problem. In order for both clients to work from behind a NAT router, the router (the WRT54G in your case) must support NAT-T (NAT Traversal). I can't explain this so well, however another Tek-Tips user has explained it well in a post in a different topic. Go ahead and read the post from chicocouk at the following link:

http://www.tek-tips.com/viewthread.cfm?SQID=780505&SPID=463&newpid=463&page=1

I'm rather positive that the WRT54G does not support NAT-T, so I'd venture to guess that you'll have to use one client at a time.

One other option would be replacing the WRT54G with another router that supports being the VPN endpoint. In this scenario, you would configure the new router as the endpoint and you would not have to use client software on each machine behind the router. This would be a gateway-to-gateway configuration.

Anyway, I hope that helps. Sorry the news couldn't be better... be sure to drop a post if you have some questions about any of this...

deeno

 

[gacollier]

Thought I post back with my status on the RV082's connection issues...

I think things are finally stable. First off, I rolled all units back to firmware relase 1.0.7. Secondly I disabled SPI, DOS, and Block WAN Requests. Thirdly, I manually set MTU to 576. Over the next few day's I'll ratchet up MTU and let you know how things shake out.

 

[gautegutt]

Helpful friends,

I'm now trying to set up a BEFVP41 VPN router to connect to my group on a RV082. I think I have the same settings as the client and everything looks fine until it gets to an error saying:

Cannot respond to IPsec SA request because no connection is known for 192.168.33.0/24===xxx.xxx.xxx.xxx...xxx.xxx.xxx.xxx[user@company.com]==={192.168.150.0/24}

(I blanked out IP and the FQDN) Why is it doing this with the VPN router and not the clients ? Clients connect fine from the same location. As remote office has a dynamic IP I'd like to use the same group if possible....

thanks everyone
Gaute

 

[gentlemanRT]

Hello guys,
i have setup an RV082 useing Firmware 1.0.12. I have succesfuly configured the GroupVPN. I can establishe the VPN tunnel from an dial in connection to the rv082 when i creat an dummy tunnel with the ip of the dial-in connection.
Or without the dummy tunnel when i turn of the firewall.
When i do not use these workarounds the packet on port 500 to establishe the connection will be refused by the firewall. (Seen in the log file) does anyone have the same problem? does anyone fix it? i tryied to add the port in the Firewall Access rules but i can not add port 500 and 1701 there chause they are not in the drop down and i can not add them.
I hope so solve this problem soon thanks to you all!

 

[ithank]

very helful resource here,

I have a similar situation on RV082 ... RV082 at the main building, 4 remote sites on WRV54G, a dozen Cisco GroupVPN clients. All 4 gateway-to-gateway are running (very stable for weeks) except Cisco GroupVPN does not work recently (they were working fine and nothing has changed in term of router and workstation); at this point, when the Cisco GroupVPN connected - it shows activate policy, verifing network but hangs on 'remote gateway ....' (I can see the incoming connection (online status, timer) on the RV082 router that connection can establish, but, encryption process is the prob?)

Setting:
No Group VPN setting, just added user account on the 'VPN Client Access'.
Firmware is 1.1.6.3
2 incoming WAN
most of them are default setting

anyone, please help!

FYI,I am so curious to try out other 3nd party VPN clients as suggested within this thread, I thought I would see anyone may have learned what I am missing on the Cisco's client (strange is, it was working fine for daysssss )

 

[DaveVVV]

Does anyone know how to imput a staic route into an RV082 that will go through a VPN tunnle. I have VPN established between 2 RV082s and one network has multiple subnets and the other only has one. I would like to create static routes to the other subnets but can't figure out how to do it. In the static route page it allows me to select the wan, dmz or lan interfaces but not the ipsec0 (vpn) interface. It seems that the RV082 only allows for a single route to the remote network that you imput when you create the vpn. If you display the route table you can see that the remote network you create is there and the interface it is going through is ipsec0. Any ideas? How about doing this through CLI, anyone know how to access CLI on the RV082?

Thanks

Dave

 

[MattWray]

There is no CLI on the RV082. Their routing capabilities leave something to be desired to say the least. If you need real routing, you will have to add a real router in that network, IMO.

Thanks,

Matt Wray

GFH

http://www.sss-steel.com

 

[dxon80]

Boy am I having trouble with the RV082. I've set it up like Deeno said for both tunnel status and group vpn. I have a D-Link DI-624 wireless at home and want to connect thru it to the office. Being a non techno geek I thought VPN's were VPN's but the D-Link is a pass through. Right now I just want to connect from home to work. Just plumb won't work. What I want is a VPN connection in both directions....main office LAN and remote LAN.

I then tried a laptop with a dial up connection at the office to connect to the network there with no results. I have tried Windoze XP's VPN client, the Linksys Quick VPN Client and the freeware version of Sentinal. I did not want to buy the Sentinal software just yet because I am unsure if it will work.

Obviously some setting are not right in the RV082...boy I thought this would be simple!

Am a I messed up!

Thanks for any opinions and help.

Bob

 

[DeGarmo]

DaveVVV,

I also hit a wall attempting to use BEFVP41's for a site to site IPSEC tunnel. Each remote secure group is a private subnet. I wanted my snmp traffic to traverse the IPSEC tunnel to a (semi) public network address(their isp blocks snmp but otherwise its a public address). I found no way to configure the router to direct the traffic into the tunnel. I attempted to enter in static routes but it would just dump the request out the WAN interface (note when entering the static route, all you can reference is WAN or LAN, in a CISCO 3000 series, you can reference the tunnel itself as a gateway) I used a sniffer connected to a hub to verify this. I am currently seeking solutions for this (vpn 3005 fits the need, just a bit pricey) How I would love to find a Linksys priced solution.

 

[dxon80]

I have contacted Linksys so many times that it is crazy, they are very inept at handling this problem. They always want you to repeat something someone told you to do before. I have beta firmware installed as well as the beta version of Linksys Quick VPN. The quick VPN worked 1 time, but for whatever reason, it refuses to work now, and, nothing was changed. Their product is broken and they really need to fix it...I am going to try and return it but I believe too much time has expired. I am soured and will not use Linksys again or reccommend them to anyone.

Frustrated Bob

 

[BackwoodsDave]

Hey, I also have a WRV54G. After upgrading the firmware (I d-loaded it last October '04), just to get VPN to work, I finally got it to work (somewhat).

My friend was able to get the Quick VPN to connect to my VPN router and thus see everything on my network. He was not behind a NAT firewall.

Now I am at a motel in another state and I have a non-routeable IP address from the motel (192.xxx). Quick VPN is not working. Do I have to have a publicly visible IP address in order to VPN into my WRV54G?

Is there any other router out there that just supports the regular built-in Windows VPN client?

Thanks!

Dave