WRVS4400N VPN Help
Hello,
I'm new here and this is my first post so be gentle!
I have a Cisco WRVS4400N running firmware version 2.0.1.3. I am trying to get an office hooked up so they can have access to some of their files at their remote office. They have 1 computer at the remote office that they want to have hooked up into the VPN to access those files from that location.
I have setup the VPN client account but I am stumped where to go from there. Do I need to create a new tunnel? I am basically lost at this point. Any help by some of you smart gentlemen or women would be GREATLY appreciated.
Sean
These products are being handled by the Cisco Small Business Support Community. (URL: https://supportforums.cisco.com/community/netpro/small-business)
Similar Messages
-
WRVS4400N [VPN log]: shutting down
Ive setup a few WRVS4400N over the past 6 months, and have been receiving the below message from some of them every couple of hours.
What does the message indicate? Any action to take?
Thanks
+++++++++++++++++++++++++++++++
Sep 18 07:03:35 - [VPN Log]: shutting down
Sep 18 07:03:35 - IPSEC EVENT: KLIPS device ipsec0 shut down.
Sep 18 07:03:37 - [VPN Log]: Starting Pluto (Openswan Version cvs2006Jan12_11:29:56 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OE@ECqImzhFD)
Sep 18 07:03:37 - [VPN Log]: @(#) built on May 10 2011:17:24:48:
Sep 18 07:03:37 - [VPN Log]: Setting NAT-Traversal port-4500 floating to on
Sep 18 07:03:37 - [VPN Log]: port floating activation criteria nat_t1/port_fload1
Sep 18 07:03:37 - [VPN Log]: including NAT-Traversal patch (Version 0.6c)
Sep 18 07:03:37 - [VPN Log]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret0)
Sep 18 07:03:37 - [VPN Log]: starting up 1 cryptographic helpers
Sep 18 07:03:37 - [VPN Log]: started helper pid 739 (fd:5)
Sep 18 07:03:37 - [VPN Log]: Using KLIPS IPsec interface code on 2.4.27-star
Sep 18 07:03:37 - [VPN Log]: Changing to directory '/etc/ipsec.d/cacerts'
Sep 18 07:03:37 - [VPN Log]: Changing to directory '/etc/ipsec.d/aacerts'
Sep 18 07:03:37 - [VPN Log]: Changing to directory '/etc/ipsec.d/ocspcerts'
Sep 18 07:03:37 - [VPN Log]: Changing to directory '/etc/ipsec.d/crls'
Sep 18 07:03:37 - [VPN Log]: Warning: empty directory
+++++++++++++++++++++++++++++++And im also getting this for an RVS4000
Sep 25 18:27:42 - Receive NTP Reply from ntp-1.mcs.anl.gov
Sep 25 18:27:46 - [VPN Log]: shutting down
Sep 25 18:27:47 - IPSEC EVENT: KLIPS device ipsec0 shut down.
Sep 25 18:27:48 - [VPN Log]: Starting Pluto (Openswan Version cvs2006Jan12_11:29:56 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OE@ECqImzhFD)
Sep 25 18:27:48 - [VPN Log]: @(#) built on May 12 2011:16:06:15:
Sep 25 18:27:48 - [VPN Log]: Setting NAT-Traversal port-4500 floating to on
Sep 25 18:27:48 - [VPN Log]: port floating activation criteria nat_t1/port_fload1
Sep 25 18:27:48 - [VPN Log]: including NAT-Traversal patch (Version 0.6c)
Sep 25 18:27:48 - [VPN Log]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret0)
Sep 25 18:27:48 - [VPN Log]: starting up 1 cryptographic helpers
Sep 25 18:27:48 - [VPN Log]: started helper pidW48 (fd:5)
Sep 25 18:27:48 - [VPN Log]: Using KLIPS IPsec interface code on 2.4.27-star
Sep 25 18:27:48 - [VPN Log]: Changing to directory '/etc/ipsec.d/cacerts'
Sep 25 18:27:48 - [VPN Log]: Changing to directory '/etc/ipsec.d/aacerts'
Sep 25 18:27:48 - [VPN Log]: Changing to directory '/etc/ipsec.d/ocspcerts'
Sep 25 18:27:48 - [VPN Log]: Changing to directory '/etc/ipsec.d/crls'
Sep 25 18:27:48 - [VPN Log]: Warning: empty directory -
Trying to Connect an Avaya 5610 VPN phone to a Cisco WRVS4400N VPN Router
I am trying to connect a VOIP VPN phone to a network that is hosted by a Cisco WRVS4400N Router running Firmware version 2.0.0.8
I do not need a tunnel as I want to be able to connect this phone from any remote location. But I need to be able to setup IPSec I believe.
The phone uss IKE parameters of DH2-3DES-ANY and IPSec Parameters od NOPFS-ANY-ANY.
Does the VPN Client Accounts support the above parameters?
I have tried setting the IKE to DH2-3DES-SHA1, and it did not work, and I tried DH?-ANY-ANY and IPSec of DH?-Null-ANY.
I see where people have got this phone to work with Netgear FVS314, and I figured this one sets up about the same as the Netgear.
Anyone ever do this with this router and phone? I would rather get this done witha $300 router versus an $1800 one.The VPN Wizard, I believe is in the PDM menu... not sure since I don't use it.
SSH.....
ssh 0.0.0.0 0.0.0.0 outside
ssh 0.0.0.0 0.0.0.0 inside
Hope this helps,
JD -
ASA 5505 VPN HELP!!!
I have two ASA 5505's. One is currently setup as my firewall connected to the Cox Cable modem and wireless AP. I have another ASA that I would like to use, I have an idea that I could set that one up as a VPN unit, but not sure how I could do that. If that is not an option, can you provide the command line instructions on how to setup the VPN via the console cable. I am kinda new and I am slowing trying to become more knowledgeable about this. Any help would be greatly appreciated.
Thanks,
Jon
My current Config:
ASA Version 8.2(3)wn coldstart' comm
!d
hostname Wood-ASA1-if
%ASA-5-111008:
domain-name lv.cox.net the 'inspect ip-optio
enable password 8Ry2YjIyt7RRXU24 encrypted8cb69fe 20cfb60adisk0:/asa823.bin
passwd 2KFQnbNIdI.2KYOU encrypteded the 'service-policy global_pol
namesobal'
!a
interface Ethernet0/0in ^
switchport access vlan 2%ASA-5-
command.ser 'Con
!S
interface Ethernet0/1ig' executed the 'pro
!t
interface Ethernet0/2mand.tics access-lirv
interface Ethernet0/3 securi
rd DfltAccess
!l
interface Etherne
interface Vlan1ecuted the 'pro
nameif inside' command.omma
security-level 100
%ASA-5-111008: Use
ip address 192.168.1.1 255.255.255.01008: User 'Config' executed the 'no
!t
interface Vlan2 the '
%ASA-5-1
nameif outsidefig' executed t
security-level 0-5-111008: User '
ip address dhcp setrouteination address http http
boot system disk0:/asa823-k8.bing' executed the 'class-map inspe
boot config disk0:/asa823.binom/its/service/oddce/services
ftp mode passivemand. User 'Conf
dns server-group DefaultDNS User 'Config' execut
%ASA-
domain-name lv.cox.netexecuted the 'destinati
object-group icmp-type ICMP-INBOUNDation linkup linkdown coldstart' co
description Permit necessary inbound ICMP trafficand.'policy-map type
%ASA-5-111008: User 'Config'
icmp-object echo-replyon transport-method htt
icmp-object unreachable
s_map' command.t
icmp-object t
%ASA-
logging buffered warningsecuted the 'subscribe-to-
logging asdm notificationsxecuted t
%ASA-5-111008: U
mtu inside 1500cuted the 'poli
mtu outside 1500ct
riodic month
icmp unreachable rate-limit 1 burst-size 1-111008: User 'Config' executed the 'subsc
asdm image disk0:/asdm-625.bino5-111008: User 'Config' execu
no asdm history enablemmand.outside' command
arp timeout 14400monthly' command.
nat-control
%ASA-5-111
global (outside) 1 interfacenfig' executed the 'subscrib
nat (inside) 1 0.0.0.0 0.0.0.0andasa# threat-detec
d.n
%ASA
access-group INBOUND in interface outside08: Us
riodic daily' command.e
timeout xlate 3:
aaa authentication ssh console LOCALe Ethernet0/5, changed state to admi
http server enableas
%ASA-5-111008:
http 192.168.1.0 255.255.255.0 inside' executed the
%ASA-4-411003: Interfa
no snmp-server locationstate to administra con
no snmp-server contact
telnet timeout 5# nat-contr
%ASA
ssh 0.0.0.0 0.0.0.0 insideec
%ASA-4-411001: Line pro
ssh 0.0.0.0 0.0.0.0 outside/3, changed state to upomma
ssh timeout 5SA-5-111
%ASA
console timeout 0onfig' executed t
dhcpd dns 8.8.8.8 8.8.4.4ne protocol on Interface
dhcpd auto_config outside to ups_map' com
%ASA-5-1
!0
dhcpd address 192.168.1.2-192.168.1.33 insideommand
enableR: % I
Password:SA-5-1110
Wood-A
dhcpd dns 8.8.8.8 8.8.4.4 interface inside: Uname: enable_15 From: 1 To:pect netbios
dhcpd enable insidescoas
%ASA-5-111008
!U
threat-detection basic-threat%ASA-5-111008: User 'enable_1
threat-detection statistics acce
.0.0.0 0.0.0.
parametersprompt host
message-length maximum client auto1008: User 'enable_15' executed the
message-length maximum 512A-5-111008: User 'Config' ex
policy-map type inspect dns prsent_dns_map 0/0' command. executed the 'inspe
no shut
parametersA-5
Wood-AS
message-length maximum 512 Interface Ethernet0/0, chan
policy-map global_policyg' executed the 'inspect
class inspection_defaultA-5-111008: User 'Con
ini
inspect dns preset_dns_map
%ASA-5-111008: User 'enable
inspect ftpthe 'no shutd
inspect h323 h225111008: User 'Confi
inspect h323 rasstination address
inspect rsh1001: Line pr
inspect ip-options
service-policy global_policy global
prompt hostname context
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DD
CEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:c3a35118ab34143a5e73e414ead343c1for sure you can do this with the ASA , see the following configuration example :
http://www.cisco.com/en/US/partner/products/ps6120/products_configuration_example09186a0080950890.shtml
cheers. -
Cisco ASA 5505 VPN Help Needed
Hi all.
I am trying to connect to a VPN set up at a remote customer site. However it seems that connections cannot be established from inside my office network. I have tried from other sites and connections can be established. For obvious reasons, this is not a practical solution.
I have run network monitoring within the ASDM at the time of various connection attempts and keep get the following message:
194.75.53.148
regular translation creation failed for protocol 47 src inside:192.168.0.81 dst outside:194.75.53.148
My configuration is below:
ciscoasa# show run
: Saved
ASA Version 7.2(4)
hostname ciscoasa
domain-name xxx.local
enable password SpSqlpxlX4bU60eP encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Vlan1
nameif inside
security-level 100
ip address 192.168.0.254 255.255.255.0
interface Vlan2
nameif outside
security-level 0
pppoe client vpdn group XXXX
ip address xxx.xxx.xxx.xxx 255.255.255.255 pppoe setroute
interface Vlan3
no forward interface Vlan1
nameif dmz
security-level 50
ip address xxx.xxx.xxx.xxx 255.255.255.0
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
dns server-group DefaultDNS
domain-name xxx.local
object-group service DM_INLINE_TCP_1 tcp
port-object eq https
port-object eq smtp
object-group service DM_INLINE_TCP_2 tcp
port-object eq www
port-object eq https
access-list outside_access_in extended permit tcp any host abc.abc.com object-group DM_INLINE_TCP_2
access-list outside_access_in extended permit tcp any host abc.abc.com eq https
access-list outside_access_in extended permit tcp any host abc.abc.com object-group DM_INLINE_TCP_1
access-list outside_access_in extended permit tcp any host abc.abc.com eq https
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu dmz 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-524.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp abc https abc https netmask 255.255.255.255
static (inside,outside) tcp abc https abc https netmask 255.255.255.255
static (inside,outside) tcp abc smtp abc smtp netmask 255.255.255.255
static (inside,outside) tcp abc https abc https netmask 255.255.255.255
static (inside,outside) tcp abc https abc https netmask 255.255.255.255
access-group outside_access_in in interface outside
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
http server enable
http 192.168.0.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet 192.168.0.0 255.255.255.0 inside
telnet timeout 5
ssh 192.168.0.85 255.255.255.255 inside
ssh timeout 5
console timeout 0
vpdn group abc request dialout pppoe
vpdn group abc localname 02024658215@abc
vpdn group abc ppp authentication pap
vpdn username 02024658215@abc password ********* store-local
dhcpd auto_config outside
username manager password KDNz8d1FwKy7dzg2 encrypted privilege 15
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
service-policy global_policy global
prompt hostname context
Cryptochecksum:27b2bfc3a2fa63ce614199070bd1195f
: end
If I drill down into the error further it says that the ASA is not permitted to let traffic destined for a network or broadcast address through. The traffic is coming back to 192.168.0.81 which is neither of these.
Maybe I am overlooking something simple but any help or guidance would be much appreciated.
Thanks in advance.
Ben Peacock.Hi,
Try adding the following configuration
policy-map global_policy
class inspection_default
inspect pptp
And then try again.
I'm not 100% would you need to perhaps allow GRE through the firewall even after that. (Protocol 47)
- Jouni -
Confused how to set-up a PC & laptop with Cisco WRVS4400N VPN for home use
Just bought a new PC and laptop and was recommended by (CDW) to use a Cisco WRVS4400N to set up the VPN.
For home use, only the PC and laptop, both running Windows 7. I use Comcast as my ISP.
The mountains of docs confuses me to no end, can anyone simplify this for me. I look at all the details and do not know where to start.
In short,
(1) configure router to recognize my PC and Comcast, and I guess the laptop.
(2) configure laptop to go wireless and communicate with PC.
Any assistance would be much appreciated.
Thanks,
TerryFor a very small office and a minimum of admin and tech know how, one approach i'd suggest is to not worry about user id collisions at all. any time anyone wants to use a mac you just set them up as a user, using consistent names/passwords.
Have a "Work" volume on each mac that has "ignore ownership on this volume" ticked. that way UID collisions aren't important.
You can make a Desktop folder on the Work volume and make a SYMBOLIC LINK from every user's home that replaces their desktop with the desktop folder on the Work volume.
Make it known that the user's home is for personal stuff ONLY, and the Work volume (inc the desktop) is where work in progress lives.
At a later date with some confidence in your network and your admin skills you could impose consistent UIDs using an OD master -
Hi,
This is my first post. I just purchased a RV110W to get basic vpn access to my small office for me an employees when not onsite. We have a Comcast business gateway and a static IP.
So far I have configured the Comcast gateway and Cisco RV110W correctly to alllow internet to work in the office and VPN connections to be established with the RV110W while offsite. The Comcast gateway is in a "bridge mode" just providing internet to the Cisco box.
My trouble is nobody can see, ping, or connect to anything on the office LAN while a VPN connection is active offsite. This is the case with PPTP and QuickVPN. Again, the VPN connection works, says it is connected but I can't browse anything on the office LAN while offsite and on VPN.
I am sure there is something obvious I am doing wrong, which is why I am turning here.
Any help or advise would be greatly appreciated.
Geoffgot the same issue with 2 RV110W.
We can stablish connection via QuickVPN and w8VPN client, acces to remote administration panel, but cant see anything nor ping to the rest of machines in the LAN.
Any idea? -
PIX 501 VPN HELP NO NETWORK ACCESS!
I need some help please..
I am trying to connect Windows 7 VPN to L2TP access on the PIX 501. I know that PIX 501 doesn't allow MSCHAP v2. The VPN connects fine but when trying to access the local network and shared drives remote desktop I am not able to connect. I already I have the IPV4 / IPV6 IP Settings on the VPN for use default gateway on remote network unchecked. Can you please help me configure this correctly if I am configuring incorrectly.
PIX Version 6.3(4)
interface ethernet0 auto
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd ANRIhDDsTteQmCkO encrypted
hostname pixfirewall
domain-name controller.hopto.org
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
access-list out2in permit tcp any interface outside eq www
access-list out2in permit tcp any interface outside eq https
access-list out2in permit tcp any interface outside eq 3074
access-list out2in permit udp any interface outside eq 88
access-list out2in permit udp any interface outside eq 3074
access-list out2in permit udp any interface outside eq domain
access-list out2in permit tcp any interface outside eq domain
access-list out2in permit udp any interface outside eq 1701
access-list nonat permit ip 192.168.1.0 255.255.255.0 172.17.130.0 255.255.255.192
access-list vpn-cryptomap permit ip any 172.17.130.0 255.255.255.0
pager lines 24
logging on
logging timestamp
logging standby
logging buffered informational
logging trap informational
mtu outside 1500
mtu inside 1500
ip address outside dhcp setroute
ip address inside 192.168.1.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
ip local pool l2tp-pool 172.17.130.1-172.17.130.254
pdm logging informational 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 192.168.1.0 255.255.255.0 0 0
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) tcp interface www 192.168.1.33 www netmask 255.255.255.255 0 0
static (inside,outside) tcp interface https 192.168.1.2 https netmask 255.255.255.255 0 0
static (inside,outside) tcp interface domain 192.168.1.30 domain netmask 255.255.255.255 0 0
static (inside,outside) udp interface domain 192.168.1.30 domain netmask 255.255.255.255 0 0
static (inside,outside) tcp interface 3074 192.168.1.30 3074 netmask 255.255.255.255 0 0
static (inside,outside) udp interface 3074 192.168.1.30 3074 netmask 255.255.255.255 0 0
static (inside,outside) udp interface 88 192.168.1.30 88 netmask 255.255.255.255 0 0
access-group out2in in interface outside
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
sysopt connection permit-l2tp
crypto ipsec transform-set cisco-l2tp esp-3des esp-sha-hmac
crypto ipsec transform-set cisco-l2tp mode transport
crypto dynamic-map l2tp 30 set transform-set cisco-l2tp
crypto map dmu 30 ipsec-isakmp dynamic l2tp
crypto map dmu interface outside
isakmp enable outside
isakmp key ******** address 0.0.0.0 netmask 0.0.0.0
isakmp identity address
isakmp nat-traversal 20
isakmp policy 5 authentication pre-share
isakmp policy 5 encryption 3des
isakmp policy 5 hash sha
isakmp policy 5 group 2
isakmp policy 5 lifetime 28800
telnet timeout 5
ssh 192.168.1.0 255.255.255.0 inside
ssh timeout 15
console timeout 0
vpdn group 2 accept dialin l2tp
vpdn group 2 ppp authentication pap
vpdn group 2 client configuration address local l2tp-pool
vpdn group 2 client authentication local
vpdn group 2 l2tp tunnel hello 60
vpdn username Brandon password *********
vpdn enable outside
dhcpd address 192.168.1.2-192.168.1.33 inside
dhcpd dns 4.2.2.1 4.2.2.2
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside
username Brandon password PX78ZeD.LCbQntqy encrypted privilege 15
terminal width 80
Cryptochecksum:6e43dff6ef4837997276c092f9204707
: end
Thanks,
BrandonYes, you can modify it.
By the way, here is a good link about MS:
Troubleshooting Microsoft Network Neighborhood After Establishing a VPN Tunnel With the Cisco VPN Client
HTH.
Portu. -
WRVS4400N VPN out of the box?
Hi
I'm looking at purchasing a WRVS4400N and I just wondered if it comes with everything needed to setup VPN (terminated on the router) 'out of the box'? Or do you need to purchase extra software or certificates?
Many thanks
DanCorrect, there isn't any addition software to purchase or certificate to buy.
Jason Bryant
Cisco Support Engineer -
Mac at home, Windows at work, need VPN help
I need some help with connecting to my work using VPN. I have Windows on my computer at work and I recently bought a MacBook. I want to connect using a VPN client (I don't particularly care which, just something) to my work, and then use Apple Remote Desktop to do work on the computer.
I don't know what the authentication # is, but I do have the IP address to connect to.
Can anyone help? I have my work VPN destination IP address and user name and password. Do I need anything else? What do I do?
Thanks!You're going to have to find out what kind of VPN server they have at work. Most businesses these days use an SSL VPN, and if it is provided by Checkpoint or Cisco, there are OS X clients available or their Java clients work with OS X. Other SSL VPNs (especially the cheaper appliances) do not support OS X as they use ActiveX clients.
If there's a PPTP or IPSEC VPN, then you can configure OS X to use that, but it's not a trivial task (ergo, the move to SSL VPNs).
Once you are connected, then you can access your work computer with a remote desktop client as suggested in an earlier post. But you first need to ask the IT people at work about the VPN so you know which way you need to connect. -
Are WRVS4400N VPN routers STABLE?
Greetings:
Months/years ago, I had read of multiple problems with these VPN routers causing dropped connections or hung router.
I would like to know the current status of these routers. Are they reliable, etc.
BACKGROUND INFO:
I wish to use two WRVS4400N routers to maintain a permanent VPN tunnel between two subnets.
USAGE: Site #1: Windows-2003 server, 3 workstations, 3 network LaserJets printers..
Site #2: 1 workstations, 2 networked LaserJet printers.
[i.e. very light usage]
ISP: Road Runner cable modems (10mbps down, 1mbps up) IPv4
SECURITY NEEDS: minimal (i.e. no confidental data)
DHCP: I would like disable WRVS4400N router's DHCP and use Windows-2003's DHCP at site #1.
PROBLEM: Site #1 has no technicans. So, if the VPN goes down, I get to drive 45 miles.
memo: the wireless ethernet is nice icing, but I can live with-out it.
[I know I am giving you more info than needed, but....]
So:
(1) Are the WRVS4400N routers stable enough for this?
If NOT, do you have any recommendations for VPN routers (in this same price range).
(2) What is the most stable firmware revision?
(3) Will disabling the internal DHCP server at site #1 cause me any problems?Hi there! When creating a VPN, the first thing that you need to consider is your Public or WAN IP. It is recommended that your WAN IP is Static or Fixed. Most common issues in VPN is not considering the WAN IP because if it's Dynamic, it might have changed for a given period of time. However, it could be resolved by using DDNS. As long as your router is working as a Gateway and you have the real public IP, I don't think by disabling DHCP server on the device will interrupt your VPN connection. It is important that your server is configured properly and make sure you're able to get DHCP from that server locally and at the same time your internet is working ok.
-
WRVS4400N VPN Tunnels work once then a no go
I have created two tunnels that I use with my WRVS4400N. I am using the IPSecuritas client and it works perfectly when I first connect to the router. However after the initial connection and lets say I disconnect or shutdown for the day. The next morning or evening when I need to get the vpn connection up again I can no longer connect. Specifically the negotiation works fine and I get a connected status but the route to the vpn side internal network does not work. In order to fix this I ssh into the network then log onto the router disable the ipsec tunnel click save. Then I enable the tunnel and click save and the connection starts working again. This is highly annoying and killing our business. Clearly this is a problem with the router. Any ideas on what to do to resolve this?
try enabling MTU to 1300 and see if your VPN connection will be stable
-
RV110w wont connect with dsl modem for VPN - HELP!
Hello,
I have bought a RV110w and also a D-Link 320B modem (replacing my standard Sky broadband router) and I am having difficulty setting them up. The D-Link modem works when connected directly with my laptop via ethernet but when connected into the WAN port on the RV110w none of the computers on my network have internet access. The RV110w dashboard says that the WAN connection is "UP" and gives an IP address?? Any help with this would be much appreciated.
After the above issue has been solved I would then like to use the RV110w VPN facility which I have been unable to set up correcty using QuickVPN. The laptop that I want as a VPN client is running Windows 8.
I have been trying to sort this for two weeks with no luck!!!
Matt.Hi Matthew, thank you for using our forum, my name is Luis I am part of the Small business Support community. I apologize for your inconvenience; I have a couple of questions, what firmware are you running? The last firmware is 1.2.0.9 and you could download it here, are the computer connected to the RV110W receiving DHCP?
I want to have this information in order to provide better assistance.
Also I will share an article for QuickVPN, here you will find the configuration for your QuickVPN
https://supportforums.cisco.com/docs/DOC-29399
I hope you find this answer useful
Greetings,
Luis Arias.
Cisco Network Support Engineer. -
Troubleshoot VPN, Help me, Please
I had VPN site to site between HCM and Singapo
HCM : Fortigate 80C
Singapo : Cisco 2900
Before,no problems.
Today, I can't ping from ip private of Singapo ( 192.168.4.0/24 ) to ip private of HCM (192.168.1.0/25). ->>> 0/5
But, If I ping from HCM - > Singapo, after that Singapo ping HCM was succeed.
I had file config of Cisco and Fotigaer.
Can u help me :(
Thanks a lotHi Mr. JinSin,
That is great, basically an issue with Phase 2, just a little explanation on that, you might already know about it:
Perfect Forward Secrecy (PFS) to generate and use a unique session key for each encrypted exchange.
The unique session key protects the exchange from subsequent decryption, even if the entire exchange was recorded and the attacker has obtained the preshared and/or private keys used by the endpoint devices
Select the required Diffie-Hellman key derivation algorithm from the Modulus Group list box.
Security Manager supports Diffie-Hellman group 1, group 2, group 5, and group 7 key derivation algorithms. Each group has a different size modulus:
•Group 1 (the default): 768-bit modulus.
•Group 2: 1024-bit modulus.
•Group 5: 1536-bit modulus.
•Group 7: Use when the elliptical curve field size is 163 characters
Please don't forget to rate and mark as correct the helpful post!
If you have another issue let me know!
David Castro
Regards, -
I have just received a Cisco WRVS4400N v2.0.0.7 Router & trying to configure it like this:
2 VLANs & 2 wireless SSIDs
VLAN1 default (Port 1 on Router)
VLAN2 for Office (Port 2 on Router) &
VLAN3 for Client/Guest (Port 3 on Router) no access to VLAN2
I would also like one of the wireless SSIDs to be on the same network as VLAN2 & have access to VLAN2
Also want VLAN2 to be network 192.168.2.0
I have accomblished all except I cannot get either wireless SSID to commnicate with VLAN2
VLAN DHCP creates scopes of 192.168.3.0 & 5.0 (I need to 192.168.2.0 to match my current office network)
I know I can change the router network to 192.168.2.0 but that would mean I would have my Office network on VLAN1 (Port 1 of Router), I thought
Port 1 was for the default VLAN used for Admin stuff.
Can anyone give me some suggestions on this?
Thanks for your help in advance.
WayneHi HC-Ralph and welcome to the Cisco Home Community!
The WRVS4400N is now being handled by the Cisco Small Business Support Community.
For discussions about this product, please go here.
OnnagokorO
Maybe you are looking for
-
Pointer disappears after sleep...
The pointer disappears, sometimes when G4 is woken up. If I wait a minute or so it reappears. Is this a mouse issue, or PRAM?......appreciate any suggestions
-
Macbook pro 2010 model has pixelated display?
after I activate my macbook, it shows the lock screen, but there as well are other windows that is open but are all scattered along the display. why is this? i need help!!
-
A couple hours ago I received an alert from MalwareAntimalware telling me it had stopped a 'potentially dangerous program frm installing itself' on my Skype account. It gave me further information regarding program number, Type, Port, and Process. I
-
Hi, I have been using the BT Home Hub 2.0 for approx 1.5 years, wirelessly connected to my Mac. I have now bought a network adaptor for my PC which is upstairs. the adaptor was installed easily and connected straight away to the hub and shows excelle
-
Problem: you either have javascript turned off or an old version of Macromedia's Flash Player
have a problem with flash player when i log into my websites http://www.technologyprof.com/ and http://www.5od-fekra.com/ with mozilla firefox a pop-up shows you either have javascript turned off or an old version of Macromedia's Flash Player. Get th