WRT54g with VPN Firewall

Similar Messages

• WRT54G - Is there anyway to add a separate VPN/Firewall device to complement this product

  I have a WRT54G v.2 device and I hate to throw it out.  My dilemma is that I'm in need of a VPN/Firewall device as well.  So I would like to know if there is a device that I can purchase from Linksys that will provide the VPN/Firewall features as a complement to my existing WRT54G?  I'd appreciate any info someone might be able to provide.
  Regards.

  Hi,
  you have options between the RV series of VPN routers and the BEFSX41 and the BEFVP41.however you will have to change your network a bit.Your main router will have to be either of the VPN routers.The DHCP of the wrt will have to be disabled and you will also need to change the ip of the wrt from 192.168.1.1 to 1962.168.1.2
  The connection will be.modem to internet port of the VPN router and then from port 1 of the VPN router to port 1 on the wrt.Do not use the internet ports of the wrt.

• Problem with VPN Client and network access

  We are running VPN client 4.0.1 on our laptops, and there are a number of users who are getting documents they are using on the internal network (off VPN) corrupted. The initial cause seemed to be the stateful firewall, but I have that turned off, and we are still getting it.
  It only seems to be on the machines with VPN client installed, and it is only happening when the user is working on a file direct from the network drive. They are not connecting via the VPN client when the problem occurs.
  any suggestions?
  William.

  Did you get any joy with this ? We seem to be having the same issue.
  Thanks

• Adding NetGear Prosafe 8-port Gigabit VPN Firewall to existing TimeCapsule Network

  I need some help and direction with this one...
  What I currently have setup and what I am doing on a day to day is as follows;
  Cox Cable Broadband > ISP Cable Model > Time Capsule >Airport Express v1 + Airport Express v2 (Both extending wireless). I have a Dell/Windows Server setup as a Media Server and also have it setup to accept  VPN connection as well. I remote into my network quite a bit as well as VPN into it quite a bit, I RDP into the Dell Server as well as an iMAC and MacBook Pro from time to time. I have PS3, Xbox360, Apple TV 1stG and 2ndG, 2011iMac, 2011MacBookPro, iPAD3 and various other wireless clients. I would really like to add as much security as I possibly can and thought adding a Hardware firewall would be a good step.
  So I Purchased a NetGear ProSafe 8-port Gigabit VPN Firewall that I would install on my network and have everything behind that. The problem is I have no idea how to set it up for the best protection and performance. Only thing I found online is putting it behind my TC which would then leave my Wireless Clients outside the Firewall? I'm usually pretty good with this stuff, but this time I'm just completely confused and not even sure if I need this or if it's completely useles. I do like the TimeCapsule also running 2 Airport Express (v1 & v2) to extend my wireless network, but I'm not sure if it's as secure as it could be.
  If this was a good step buying a hardware firewall and from what I've read the model I bought (FVS318G) is pretty good, it's also solving a problem I have had with my network is needed Ethernet access. Time Capsule only has 3 ports so I figured this would also solve the lack of Ethernet ports as well.
  I'm thinking I would go from Modem > NetGear(DHCP Enabled) > Time Capsule (Somehow turn DHCP/Router off) > all my network clients.
  Can Anyone offer advice?? How I should configure this? Is it pointless? Return the Netgear Firewall? Buy a different hardware firewall???
  *BTW* I have software security covered, just want to add hardware as well.
  Any help/suggestions would be extremely helpful!
  Thank you!

  I am not sure who made the suggestion for the vpn router to be behind the TC.. they do that sometimes for connection to vpn for downloading TV shows etc.. but your proposed network layout is correct.
  I'm thinking I would go from Modem > NetGear(DHCP Enabled) > Time Capsule (Somehow turn DHCP/Router off) > all my network clients.
  All correct.. The Netgear has to be the one and only router.. otherwise the VPN will not give you access to the rest of the network behind the NAT.
  So easy peasy.. bridge the TC.. use the 5.6 utility if LIon.. you will need to download and install it..
  http://support.apple.com/kb/DL1482
  Lion v6 is a toy..
  Go to manual setup, internet tab. Connection sharing.. off, bridge mode. update the TC.. voila you are done.
  You should probably reboot the whole network. As the expresses will need to now get IP from the netgear not the TC. Tell us if you run into trouble, but everything should work, although it may require a reset and redo setup of the TC and express to get everything smooth again.
  Next issue.. hardware and software firewalls.. sometimes produces the great wall of china.. very secure... oh so secure nothing gets in.. or out. I do not know the Netgear.. but I would start with whatever the lowest preset is for the firewall. And see if you have issues.
  And of course then do the vpn setup.. which is a lot of fun.. (read strong sarcasm). But once you establish the tunnel should then give you access to the whole network.. you will not need to use RDP unless you need to actually take over a computer.
  VPN firewall is the RIGHT WAY.. albeit it can be painful in the initial stages.

• Results on Router WRT54GS with WRE54G

  Can somebody tell me good things about this two devices, WRT54GS with WRE54G,plus negative reports of it.

  WRT54GS is a speed booster router ... up to 35% performance enhanced Wireless-G Access Point...powerful SPI firewall... WRE54G .. Easy installation -- one-touch auto configuration Compatible with both Wireless-G and Wireless-B networking devices....

• Fed up with VPN connection failures

  Cant get a brand new laptop with built in wireless to get a VPN connection with a BEFW11s4 router. Internet is fine. An older laptop works fine. This new labtop even works beautifully with a wireless adapter,not the built in.
  Called Linksys tech support line and they wouldnt even check anything. Basically dismissed me and said its the computer (did I mention is brand new??)Now I read all the problems people are having with VPN and their routers and I cant believe they lied to me.
  (Mod note: Edited post. Non-technical content. Thanks!)
  Message Edited by JOHNDOE_06 on 08-12-2006 11:10 PM

  What do you use for the VPN connection? IPSEC? If you only are using the passthrough function on the router, it can only allow 1 IPSEC session at a time. If you are also using other VPN softwares for that, you may need to open up ports 1723 500 50 51 and 47. This is because your router firewall maybe the cause. Try that first on a static IP for that wireless card. Try to also check if the "wired " connection to your VPN works before going wireless, you would need to do this first regardless of any brand of router...ayt?!
  "The war between heaven and hell depends on the choices we make, and those choices require sacrifice. That's the test"

• IOS4 and VPN/Firewall routers

  Hello,
  I am trying to get VPN connection from iPhone and iPad(3G). I have tested Linksys (Cisco) RV042 -router. But I was told by Cisco that RV042 does not support connection from iPhone...
  So, I would like to ask which VPN/Firewall devices you have used succesfully with iPhone or iPad?
  Message was edited by: Sarnikorpi

  They will be like any other exam, three years valid towards any eligible path.

• QuickVPN at RV110W Wireless-N VPN Firewall

  Good day,
  I try enable VPN remote access from internet trougth RV110W Wireless-N VPN FIREWALL with any result. Please revise my error.
  Pertinent information RV110W:
  WAN Server Address = 200.124.243.172
  LAN Server Address = 192.168.8.111
  Routing Operating Mode = Gateway
  VPN Client Setting Table = Username Protocol QuickVPN
  cert.pem copied into VPN CLIENT Folder
  Log QuickVPN Client
  2013/06/30 20:52:45 [STATUS]OS Version: Unknown
  2013/06/30 20:52:45 [STATUS]One network interface detected with IP address 10.10.10.13
  2013/06/30 20:52:45 [STATUS]Connecting...
  2013/06/30 20:52:45 [DEBUG]Input VPN Server Address = 200.124.243.172
  2013/06/30 20:52:45 [STATUS]Connecting to remote gateway with IP address: 200.124.243.172
  2013/06/30 20:52:46 [STATUS]Remote gateway was reached by https ...
  2013/06/30 20:52:46 [STATUS]Provisioning...
  2013/06/30 20:52:49 [STATUS]Success to connect.
  2013/06/30 20:52:49 [STATUS]Tunnel is configured. Ping test is about to start.
  2013/06/30 20:52:49 [STATUS]Verifying Network...
  2013/06/30 20:52:55 [WARNING]Failed to ping remote VPN Router!
  2013/06/30 20:52:58 [WARNING]Failed to ping remote VPN Router!
  2013/06/30 20:53:01 [WARNING]Failed to ping remote VPN Router!
  2013/06/30 20:53:04 [WARNING]Failed to ping remote VPN Router!
  2013/06/30 20:53:07 [WARNING]Failed to ping remote VPN Router!
  The remote gateway in not responding. Do you want to wait?
  2013/06/30 20:53:10 [WARNING]Ping was blocked, which can be caused by an unexpected disconnect.
  2013/06/30 20:53:56 [STATUS]Disconnecting...
  2013/06/30 20:54:00 [STATUS]Success to disconnect.
  Thanks for your time,
  Juan L. Mera

  Solution: MTU to 1372 instead of default 1400

• Netgear FVS336G VPN Firewall and BT HH3

  I am trying to put the FVS336G into my home network directly after the HH3 and before a netgear 16port switch. The 200+ pages netgear ref manual is not paticularly helpful and from what I have read/+online I can only have one DHCP Server on the network, currently that is the HH3. Can I disable DHCP Server on the HH3 and I assume bridge it to the FVS336G? I would like the FVS336G to act as the DHCP Server in the network and use the HH3 just as an ADSL Modem. Or do I dispense with the HH3 and just get a cheap ADSL modem? I purchased the FVS336G so that I could secure my network down better and use the VPN/SSL tunnelling to allow me to access my NAS when I am away from home on business.
  Any advice on putting a physical VPN Firewall router into the network would be appreciated.

  PPPoA is used for ADSL connections, and PPPoE is used for Infinity connections.
  If you used a separate ADSL modem to do the authentication, then authentication would not be needed on the Netgear, as the PPP session would already be up, however it would be a waste of money if you moved to Infinity.
  Meanwhile, you can still use the Netgear as an additional wireless access point if you want.
  There are some useful help pages here, for BT Broadband customers only, on my personal website.
  BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones.

• What am I missing with VPN enforcement?

  I'm making sense of how to implement the VPN Enforcement feature and would like to hear from others who have set it up.
  The way I understand it to work is this...
  User connects to the internet (eg with a laptop using a 3G card). Once it detects the internet connection, it switches to the Location specified in the "Switch To" setting on the VPN Enforcement page.
  And I have it prompting to connect to the VPN client at this point.
  What is puzzling me is... what's the point?
  It doesn't seem to make a difference whether the user connects to the VPN or not. The Location in the Switch To setting can have certain restrictions but once connected to the VPN, the Location doesn't change. So, before or after connection to the VPN the same restrictions are in place.
  Perhaps I'm missing something in the way this is meant to work.
  How has anyone else set this up?
  Ideally what I want to happen is....
  User connects to the internet - so has enough restrictions (or un-restrictions) to allow this. This would include connecting at an airport or hotel where you connect via a web page. Usually this would be with a 3G modem
  then the user is forced to connect to their VPN (in our case we have a dongle and log in. So, I can cause the login screen to appear on VPN switching)
  Only allow internet access as long as the VPN is connected. And block access if it is not.
  Any thoughts are happily received, thanks
  Alison

  Here is a brief description of what needs to be done in order for VPN Enforcement to work.
  1) The "Unknown" location should have a "stateful" firewall assigned. This allows the endpoint to see all APs and also authenticate to them.
  2) The VPN Location should have an "all closed" firewall. This location will be used to switch to once the endpoint gains internet connection (the ZSC checks this automatically). You have to setup a single ACL rule
  that points to the IP address of your VPN concentrator (so now the only accessible service/device is the VPN)
  3) In the "VPN Enforcement" settings, enter the IP address of the VPN concentrator, the trigger location (at a minimum this is the Unknown), and "Switch to" locations (this is the location you set up in step 2)
  5) Again, in "VPN Enforcement" configure the settings needed to make your VPN client to connect "automagically" to the VPN concentrator (client path, and optionally any arguments).
  Please note that internet connectivity triggers the enforcement. If someone connects to an AP or wired network that requires authentication (such as you see at a coffee house or hotel), then the Internet connectivity fails.
  Hope this clarifies,
  Daniel
  >>>
  From: AWhitwood<[email protected]>
  To:novell.support.zenworks.endpoint-security-management
  Date: 7/8/2009 10:06 PM
  Subject: Re: What am I missing with VPN enforcement?
  Excellent - thanks Indy
  That is pretty much the same as what I'm setting up. Would you mind
  expanding on how you've set this up....I've put your original comments
  in blue
  1) Users log in and change their location to 'Wired/Wireless/3G'.
  I know our users won't manually switch Locations themselves.
  I've got this set up to detect the Unknown location which is anything
  that is away from the office wired network.
  2) Once they have connected to a secure wifi hotspot or their vodafone
  3g dongle is connected the location automatically switches to 'Secure
  VPN'.
  Once they are on the internet, ourLcoation does switch from
  "Unknown" to "Away from the Office" (or "VPN" in your system). Can I
  ask you what your Firewall settings are on your VPN location? Are there
  any restrictions? eg I had it All Blocked but of course it stopped it
  connecting the VPN client so I've now got it set to All Stateful.
  3) After a few seconds the Cisco VPN Client automatically loads and the
  user has to connect via that to get internet connectivity otherwise they
  get nothing.
  I have this too - the client VPN launches and the user is prompted
  to login. But what if they don't? what stops the internet working for
  them if they didn't log in? When you say "otherwise they get nothing" -
  what is it that prevents them getting to the internet if they have not
  connected to the VPN. This is exactly what I'm trying to set up so I'm
  very happy to hear that you've done it. What is puzzling me is how to
  have it blocking internet access unless it is through the VPN.
  I think its purpose is to make sure all internet traffic goes through
  your VPN and firewalls, settings, etc etc...
  Exactly what I want ! Thanks - I've just got to figure out how to
  do it.
  Hope that helps,
  That helped a lot.
  Alison
  AWhitwood
  AWhitwood's Profile: http://forums.novell.com/member.php?userid=4390
  View this thread: http://forums.novell.com/showthread.php?t=379389

• Connecting 3 RVS 4000 with VPN

  Hello,
  i want to connect in a triangle 3 RVS 4000 Router with VPN
  i have configured 3 routers, which are able to connect to the Internet. Each of them are configured as a gateway.
  i have created 2 tunnel on each router. But the vpn connection can't be established,
  here is the configuration of  router1 the other are configured in the same way, only the remote group setup is different
  Do i have to open also some ports for the VPN , if yes which one and were
  Thanks fpr your help and response
  HP.Meyer

  Hello,
  Are you trying to ping the IP address of the clients behind the routers or the computer name? You will need to use the IP addresses only unless you add the names to the LMHOSTS file in your PCs. Also, if there is any antivirus or third party firewall software running on those clients it will block the PC from replying to pings from an untrusted subnet. For example you ping from R1 with 192.168.100.1 to a PC behind R2 that has 192.168.101.x. Because the antivirus or firewall software on the PC sees that the ping request is coming from a different subnet it will block the response. You will need to either disable any security software or add the untrusted subnet to the trusted list in that software. Sometimes it is best to test by pinging something that does not have any software, such as a printer or print server.
  Please keep us updated.

• RV120W Wireless-N VPN Firewall - DHCP Reservation

  Hello there,
  I have couple of sites with RV120W Wireless-N VPN Firewall, i need to reserve the clients' Printers ip address but I don't see the option. could anybody show how to reserve ip clients?.. or is this feature no longer avialiable ?
  Thanks                    

  Hi Eduardo, this feature should be located -
  Networking
  >
  LAN (Local Network)
  >
  Static DHCP (LAN)
  -Tom
  Please mark answered for helpful posts

• Trouble with VPN on HH5

  hello,
  i very recently changed provider to bt about 2 days ago and while i have been connecting all of my devices back up i hit trouble with my VPN server.
  i have made my own firewall rule to allow 500 and 4500 to the VPN server so that i can connect externaly but the connection keeps on timing out. 
  i can connect internaly with no problems but when i try externaly it always fails.
  what could be causing this as i really need this working.

  carbonjoker wrote:
  hello,
  i very recently changed provider to bt about 2 days ago and while i have been connecting all of my devices back up i hit trouble with my VPN server.
  i have made my own firewall rule to allow 500 and 4500 to the VPN server so that i can connect externaly but the connection keeps on timing out. 
  i can connect internaly with no problems but when i try externaly it always fails.
  what could be causing this as i really need this working.
  You will see that a number of people in this forum have been reporting problems with VPN and the HH5; there is also a firmware problem with some HH3. It is possible that you too have have come up against these difficulties.
  However, I see that you are a new customer of BT and there are a couple of problems that BT puts in the way of customers of which you may not be aware.
  Go to http://preferences.webaddresshelp.bt.com/selfcare/preferences.cgi and turn off BT address help; it is not compatible with VPN.
  Also check that your address is not being shared http://btsupport.custhelp.com/app/answers/detail/a_id/44044/c/6433
  Michael

• Mixed results with VPN

  My client currently has a VPN setup on an ASA 5510, it has worked successfully from various parts of the world using a variety of different OS's:
  For example current tested OS's: Windows XP, Windows 7, Windows 8.1, MAC OS X
  Locations: 3 Different locations in Canada, 1 US location, 1 Germany Location
  Aside from the MAC system all clients are running 5.0.07.0440
  Recently a location that has 2 clients located in Oregon, US has had an issue with the connection. This issue occurs from both the office and hotel for the onsite consultant as well as an additional client in the office. The Cisco VPN client connects but is unable to establish an RDP connection. In my browsing online I found a variety of similar issues but none where it was only just a couple of clients that encountered the issue.
  Further to this; the person onsite is able to RDP into a different location they have setup at their home office (RDP Direct no VPN).
  The following is a listing of some of the troubleshooting steps we employed to attempt to reslove the issue:
  - Ran a route print from the client end, all routing information for the VPN populated with no issue
  - Tested out the ports via Gibson Research port was showing "port 500" stealthed but I think that was a non issue as I have the same results on my end and have no issues connecting
  - Ensured that the correct ports were port forwarded on the client end router/modem
  - Tested with Windows Firewall off
  - Attempted to ping various VPN IP's (none worked)
  Whatever is happenening is preventing LAN access after a VPN connection is establshed. If this was the case at multiple locations I would suspect a config issue on the ASA but as it is not an issue elswhere I am left scratching my head.
  Any thoughts would be appreciated.
  I can submit a config at somepoint if that becomes needed

  Hi,
  I would first monitor through ASDM if the central ASA sees the TCP SYN from the RDP Connection of the client.
  If it doesnt then you could perhaps configure a traffic capture on the ASA itself on the port connected towards the destination server to which the client wants to connect. This would tell if the server replies anything.
  You could for example check the IP address given to the VPN Client user and use that IP address in the capture configurations.
  A simple example configuration could be
  access-list VPN-RDP-CAP permit ip host host
  access-list VPN-RDP-CAP permit ip host host
  capture VPN-RDP-CAP type raw-data access-list VPN-RDP-CAP interface inside buffer 1000000 circular-buffer
  The above presumes the server is located behind "inside" interface.
  After this you could tes the connection and then use the following command to determine if any traffic has been catched by the capture
  show capture
  You could then use this command to view the capture on the CLI of the ASA
  show capture VPN-RDP-CAP
  You could also copy the capture file to some internal host and view the capture with Wireshark which would make it easier to go through the data
  copy /pcap capture:VPN-RDP-CAP tftp:///VPN-RDP-CAP.pcap
  You can remove the capture and its data with the command
  no capture VPN-RDP-CAP
  The created "access-list" needs to be removed separately.
  The above would be the first steps for me probably as I usually dont have access to either the client or the server machine but control the devices in between.
  Hope this helps
  - Jouni

• WRT54GS with Mac OS 10.6.8 and RCN cable modem not working

  Hello,
  I have a Linksys WRT54GS, version 6 with Mac OS X (version 10.6.8) hooked up to a Scientific Atlantic cable modem, with RCN as the ISP.
  Recently, RCN had some network issues, and so I had to power down and reset my modem. The modem is working fine now -- no problems at all when the Mac is connected direclty to the modem.
  The router's network is OK in that I can connect the Mac wirelessly to the network, but I can't connect to the internet through the router (through neither the wireless or wired connection).
  I have downloaded the latest firmware update for the router, following the Linksys site instructions, but this has not helped me solve the problem.
  Does anyone have any advice as to what I should do? I did call Linksys tech support on the advice of RCN, and they said that the router does appear to be working (power, WLAN, and Internet lights are on), but they would be charging me nearly the cost of a new router to fix the problem.
  Any advice would be appreciated!

  Since you upgraded the Router WRT54GS with the latest firmware so once reset the Router and power cycle the whole network… Then connect the Modem with Linksys Router on the Internet Port and then connect any one computer to any one of the Ethernet port on the Router [Numbered – 1, 2, 3 and 4]… Let me know the RCN connection is a DSL connection or cable connection…
  So if you have a DSL connection you can refer to this link:
  http://www6.nohold.net/Cisco2/ukp.aspx?pid=93&login=1&vw=1&app=search&articleid=4020&userrole=Linksy...
  So if you have a Cable Internet Connection you can refer to this link:
  http://www6.nohold.net/Cisco2/ukp.aspx?pid=93&vw=1&articleid=3686
  As far as the wireless is concern:
  # Open up the browser and on the address bar type 192.168.1.1 that will open up the Router setup page…
  # Then Click on wireless Tab create the Wireless Network Name SSID and select the channel to 6, 9, and 11… Click Save Settings...
  # Then Click on Wireless Security sub tab and select the security mode and provide the password as per the requirement… Click Save Settings...
  After doing the settings try to connect the preferred network on the wireless devices and check the connectivity….