cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
377
Views
5
Helpful
11
Replies

Issue with SSL

linksysinfo
Level 4
Level 4

Ok guys I have tried to get the SSL VPN tunnel working with Eric's router but the ActiveX cab file will not install.

I'm using Windows 7 x64bit.

Logged on with test user account

ssluser1

click on the SSL Tunnel icon and ActiveX  went to install.  I then go an error.

shown in the attachments.  anyone else had problems?

will try again alter tonight on my laptop. (32bit msie)

-

Regards Simon

http://www.linksysinfo.org

Regards Simon
1 Accepted Solution

Accepted Solutions
11 Replies 11

jay.johnson1
Level 1
Level 1

I got the exact same errors on 32bit windows so it's not just you

Jay

Certified: CCNA (R/S, Security, Voice), CCDA, CCNP (R/S)

Guys,

Please try again with following the instructions: Instruction to succesfully install SSL VPN client

Regards.

Ok i have now managed to connect using Windows 7 x64 and MSIE x64.

did have one issue shown in the last attached image.  the SSLVPN Tunel icon in the task bar has no program image..

Regards Simon

Simon,

did you connect from inside your network or from another point of access?  I'm still bumping into the issue of even connecting via remote management to my 220 much less even being able to connect to SSL.

I can make the connection, but the was internal to my own network.  I'm getting reading to try it again...

Jay

Certified: CCNA (R/S, Security, Voice), CCDA, CCNP (R/S)

Jay

mine was from my flat to the girlfriends where th RV220W is now residing so I now know it works.  the RV220W is also behind a adsl router with port forwarding set to 443 only

I'll set you up with a SSLVPN account on my RV220W and see if you can get it working there. i dont have any nas there yet for you to ping, but you should see the SSLVPN program load and see your remote IP address at least.

Regards Simon

Cool...

I'm set up an SSL vpn connection before, but it was with "SSL Explorer" and it was less confusing to tell the truth...

Is there any chance either you or Eric can post a quick guide to setting SSL VPN tunnels with the 220 to help?

Jay

Certified: CCNA (R/S, Security, Voice), CCDA, CCNP (R/S)

if i have some spare time over the next few days i shall try to do something but tbh the document supplied by don is sufficient though needs to be updated for different versions of browser.

https://supportforums.cisco.com/servlet/JiveServlet/download/14018-1-75564/SSLVPN_Installation.docx

Stay tuned.

Regards Simon

Jay,

Let me know if you're still having trouble w/ SSL installation. Dont forget to "route add" from your local PC to VLAN network behind the router.

Also were you able to do Remote Access? Ensure Remote Management is enable.

Right jay. lets see if I can remember how i done it. you need to test and setup this remotely.

  1. setup a user account ont he RV220W for SSLVPN access only. (user type SSL User)
  2. Goto VPN, SSL VPN Client, SSL VPN Client.
  3. Enter the Clinet IP address range you want to use. this CANNOT be one of the ranges used on DHCP etc. My LAN was 172.16.10.1/24 so i just moved to the next ip range and chose a range.172.16.11.20-172.16.11.25  without an admin guide i have no way of knowing how mant SSL Clients are supported. (RVL200 supports 5) I also enabled Split tunnel so only traffic for my lan goes via the SSL client and not all data from remote client to the net etc.
  4. No goto SSL VPN Client,  Configured Client Routes. this allows your SSL Clients access to other IP Ranges within your LAN.  so I added 172.16.10.1/255.255.255.0 (so SSL clients can get onto my internal LAN)
  5. Now save and go surf to the logon page of your remote rv220w.

Please note make sure you have cleared all content and any exiting ssl cab files etc from your PC before attempting to logon.  Maybe Cisco could come up with a small util to clear activex ssl client stuff before connecting to remote device?

  1. There are other settings for the Server side that can help. 
  2. enable activex web cache cleaner.  this should clean the cache when the web broser is closed.

x64bit users have to use a 64bit browser.  it works! both Eric and I ahev remoted onto my RV220W with 64bit browsers.

Regards Simon

Nice post.  I added 2 more screen shots.  The 1st is the Cisco-SSLVPN-Tunnel:Connection Status window.  The 2nd is a what the icon looks like minimized to the Notification area of my Windows 7 Ultimate 64-bit PC.  Also, I made sure that my RV220 was in the list of Trusted Sites in IE (Internet Options settings) and that I allowed unsigned ActiveX controls.  That said, I would like to see this ActiveX control being properly signed in future firmware revisions because I absolutely hate the idea of turning down paranoia (even on Trusted Sites) to allow the VirtualPassage driver to auto-install!

This is pathetic, now I'm replying to my own post!  I find that split-tunneling works fine with the SSL VPN setup.  You just need to make sure that the devices that you're pinging/connecting to on your home network are using the RV220W as their next-hop gateway for the VPN client's address.  For example, I have a router at 192.168.99.129.  I can ping it through the VPN, but only if the router is set up to route reply packets to the RV220W since it "owns" the VPN addresses, 10.254.44.65/27 in my case.  The first screenshot shows the routing table on my PC with the VPN client session established, clearly showing that the VPN client's IP address is the next hop for 192.168.99.128/25 (ie: subnet mask 255.255.255.128) and 192.168.2.0/24.  The 2nd screenshot shows me pinging my router inside the VPN.  Note the response time of ~40ms.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: