Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Windows XP firewall blocks Linksys QuickVPN? 2

Status
Not open for further replies.
Mateo1041

Mateo1041

MIS
Aug 19, 2003
147
US
Hi everyone,

I just got our new RV082 Linksys Router set up and am able to connect using QuickVPN from outside the office (I'm at home right now).

But I first have to disable the Windows XP SP2 firewall or it is blocked by Windows. I can connect fine with the firewall down, but can't connect with it up.

I've tried adding the QuickVPN program as an exception as well as port 443, but to no avail. Am I missing something? Is there a way to get the Windows XP firewall to allow the QuickVPN program to connect?

Thanks for any help that can be offered.

- Matt.
 
Sort by date Sort by votes
Unfortunately, I have not found a way around this yet. I worked with Linksys Tech support for quite some time without a resolution. I intend to try again from the MS side, but haven't had time yet. If you enable logging for the XP firewall, you'll see dropped incoming packets on random TCP ports above 1024.

In the meantime, a workaround [that I don't really like very well], is to use a batch file to disable the firewall, start the vpn connection, then re-enable the firewall after the vpn is closed. It's very cludgy, but it's all I've got right now. The only good thing about it is that the user can run it over & over again, if they're not sure if the firewall was properly re-enabled without doing any harm. If they finish the batch file before closing the VPN connection, the VPN gets blocked & the user eventually figures out the problem. I have it as a batch file right on their desktop to make it as convienient as possible.
Code: 
echo off
netsh firewall set opmode disable
echo Firewall is temporarily disabled
"C:\Program Files\Linksys\Linksys VPN Client\VPNClient.exe"
echo Firewall will be re-enabled when you
pause
netsh firewall set opmode enable
 
Upvote 0 Downvote
Thanks for the feedback. Is there perhaps a different VPN client that will work the same way? Strange that the Windows firewall doesn't let you allow certain ports or communications like this. Out of curiosity, when did you contact Linksys? I wonder if they would have figured out a fix yet?
 
Upvote 0 Downvote
It was about a month ago that I went through this. I expect that the other clients (greenbow) that will work easily will have the same problem. Other than that, you could configure everything manually.
 
Upvote 0 Downvote
What about the Windows XP VPN client? I'm planning to try that out in the next couple days and it appears to function just like QuickVPN. I would think any Windows XP VPN client made by Microsoft would be very compatible with the Windows firewall.

We're using an RV082 Linksys router. Would our router be able to handle being the end point for any VPN client or would we need a server for that? The router does have tunneling settings. QuickVPN works because the router acts as an end point.

When you mention configuring manually, do you mean setting up a separate tunnel on the router?

Thanks again for the help!
 
Upvote 0 Downvote
I just contacted Linksys and found I need to unblock port 500 (IPsec) for the QuickVPN client to work properly with the Windows XP firewall. I had previously only allowed port 443, but it looks like I should allow port 500 instead.

I'll try this when I get home later tonight. Here is my discussion with Linksys chat support:

Linksys: Hi, my name is xxx. How may I help you?

You: Hi xxx. We have an RV082 router and are looking to get QuickVPN working.

You: It worked without the Windows XP firewall, but not with the firewall enabled. Any ideas why?

Linksys: This is because your xp firewall is blocking the ipsec ports that vpn is using.

You: How can I unblock those ports? I've tried unblocking port 443 and the QuickVPN program itself, but to no avail.

Linksys: If you want it fixed, you have to just add the port 500 for ipsec to this firewall and if you need assistance, please contact microsoft.

You: Ok, so port 500 is the port that needs to be unblocked, correct?

You: Thanks! I'll try that later when I'm at home.

Linksys: You are most welcome. Would
there be anything else I may be
of assistance to you and your linksys devices
momentarily?

You: That is all, thanks.
 
Upvote 0 Downvote
It doesn't look like Linksys has a clue about what is going on. Not to mention it defeats the purpose of a firewall if you can't have the Windows XP SP2 firewall up while making the QuickVPN connection. Here is a recent conversation with them over chat:

xxx: Hi, my name is xxx. How may I help you?

You: Hi Sernan. I'm looking to use our RV082 router for VPN. I can connect fine with the Windows XP SP2 firewall down, but not with it up. Any ideas?

You: I have already contacted Linksys before and they suggested opening port 500, but that did not work when I tried it.

xxx: Do you have any other firewall like Norton or related
security programs running on the machines?

You: No, only the Windows XP SP2 firewall.

xxx: It's turned off right now?

You: I do have eTrust Antivirus and Microsoft Anti-spyware installed, but the QuickVPN program works great with them up.

You: I'm not able to get an outside connection right now, but yes, it works fine when the Windows XP SP2 firewall is turned off. But it does not work with the firewall on, even with the port 500 exception for IP and UDP.

xxx: Can we disable it first.

You: I'm not able to connect because I'm in the office right now.

You: But it does work from home with the firewall off.

xxx: Did you check your Windows incoming connection settings. You Will need to set this up correctly to have it working. User name and password in particular?

You: How would I access these incoming connection settings? Sorry, not sure what you mean.

You: Yes, I did set these under the "Exceptions" tab under the Windows Firewall configuration window.

You: I added port 500 for both IP and UDP as well as added the QuickVPN program itself.

xxx: How about 443?

You: Yes, that is also added for the IP of 443.

You: Should any other ports be open as well?

xxx: Yes Matt, try to 1723 and 4500.

You: Ok, so I should be able to connect with the Windows firewall on if I add ports 443, 500, 1723, and 4500?

xxx: That is right Matt.

You: Ok, I'll try that when I get home today. Thank you.

xxx: You're welcome Matt.
 
Upvote 0 Downvote
Then after this chat I called them and they confirmed that it is definitely not possible to use QuickVPN with the Windows XP SP2 firewall up. How utterly stupid. He mentioned I can maybe try another VPN client such as Greenbow, but I'd have to create a custom tunnel first and still use the RV082 router as the end point.
 
Upvote 0 Downvote
Thanks for the link. This might be what we are looking for. We did get TheGreenBow VPN Client to work instead, but may still try this using QuickVPN software from Linksys.
 
Upvote 0 Downvote
The QuickVPN client works 'right out of the box' after you apply the MS hotfix.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
417
Joon Smith
Joon Smith
gpx123
  • Locked
  • Question
PPTP VPN no internet on 7 yes internet on XP
Replies
1
Views
145
rportillo07
rportillo07
sircles
  • Locked
  • Question
Windows 8 WiFi appears to fall over when dialling PPTP VPN
Replies
0
Views
124
sircles
sircles
mgph
  • Locked
  • Question
Setting up VPN using Linksys RVS4000
Replies
1
Views
154
jimbopalmer
jimbopalmer
Noway2
  • Locked
  • Question
Connect to Windows Domain after VPN
Replies
2
Views
173
PD1001
PD1001

Part and Inventory Search

Sponsor

Back
Top