cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7564
Views
20
Helpful
14
Replies

RV 120W Firewall Port Forwarding GRE Protocol 47

aosolutionsinc
Level 1
Level 1

I have a RV 120W VPN (firmware 1.0.1.3) Firewall and I am trying to access my Server 2008 R2 via VPN. I do not see where I can create a custom service for GRE protocol 47. I am getting VPN error 806 staing that I need to open GRE port for pass through. The previous router RVS4000 only had PPTP forwarding to the server IP address. Can someone please assist. Thanks in advanced.

14 Replies 14

andrew.prince
Level 10
Level 10

GRE is a protocol.

below is the data specification

Network

• Dynamic Host Configuration Protocol (DHCP) server, DHCP relay agent
• Point-to-Point Protocol over Ethernet (PPPoE), Point-to-Point Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP)
• DNS Proxy
• IGMP Proxy and multicast forwarding
• Dynamic Domain Name System (DynDNS, TZO)
• Network Address Translation (NAT), Port Address Translation (PAT), Network Address Port Translation (NAPT), Session Initiation Protocol Application Layer Gateway (SIP ALG), NAT traversal, one-to-one NAT
• Multiple DHCP pools
• Port Management
_________________________________________________________________

VPN

• 10 QuickVPN tunnels for remote client access
• 10 IPsec site-to-site tunnels for branch office connectivity
• Triple Data Encryption Standard (3DES), Advanced Encryption Standard (AES) encryption
• Message Digest Algorithm 5 (MD5)/Secure Hash Algorithm (SHA1) authentication
• Dead Peer Detection (DPD)
• IPsec NAT traversal
• VPN pass-through of PPTP, L2TP, IPsec

http://www.cisco.com/en/US/prod/collateral/routers/ps9923/ps10852/DS_C78-590161-00.html


HTH>

Thanks Andrew for responding. I am aware that GRE is a Protocol. I am able to forward Protocol 47 (GRE) in other routers but I cannot find how to do this in RV120W.

Readinf the URL - I do not belive that it supports the forwarding of pure GRE.  However it does support:-

VPN

• 10 QuickVPN tunnels for remote client access
• 10 IPsec site-to-site tunnels for branch office connectivity
• Triple Data Encryption Standard (3DES), Advanced Encryption Standard (AES) encryption
• Message Digest Algorithm 5 (MD5)/Secure Hash Algorithm (SHA1) authentication
• Dead Peer Detection (DPD)
• IPsec NAT traversal
VPN pass-through of PPTP, L2TP, IPsec

HTH>

Again Andrew thanks but all you did is copy and paste text not once but twice. The question is pretty clear. I have read the product specs and they do not help. Anyone else have any experience with the RV 120W? Please if all you can offer is copy and paste please do not respond were as it is completely useless.

If you have read the product specs - then you should have noticed that it does not support native Protocol Forwarding -

but does support PPTP/L2TP "Pass-Thru"

Did you ever figure this out by chance? I'm facing the same issue.

Thanks!

After hunting around for weeks I found this post http://forums.techarena.in/small-business-server/334071.htm

A guy called Leythos says "Forward TCP 47 to the server - while GRE is not a port, the Linksys
units use a port forward of 47 to make it work. In some instances you
may need to update the firmware."

I know GRE is a protocol & not a port but it works.

Andrew the product spec does not state "native port forwarding" not supported. But you have posted 3 times with thin air answers. Again Andrew thanks for your efforts. To anyone any ideas?

Have you actually tried to take advantage of the fact the device RV120W actually terminates VPN tunnels itself?  Rather than

creating a tunnel to devices beyond the RV120w?

Thank you!

I can confirm that adding a Port Forwarding Rule with the following configuration allowed me to connect the local Windows VPN client to a remote server:

Service: ANY

Action: Always Allow

Select Schedule: Not set

Source Users: Any

From: Not set

To: Not set

Destionation IP:

Forward To Port: Specify Port

Port Number: 47

Log: Never

Again,

Thank you!

Hi,
I've read this post (and some others related to port forward issue with RV120W). We have 2 locations (site A and site B) connected with a Site to Site VPN (PPTP) running under Windows Server 2008 R2 with TMG 2010. This Site to Site VPN worked very well until we replaced our old router with a RV120W at site B. Since this moment, our engineers are not able to make the site to site VPN work. The TMG box are located just behind the router.

We have followed some threads about Port Forwarding but it did not solve our issue (others port forwarding rules for RDP for example work). Our RV120W is running the last stable firmware (1.0.2.6) provided by Cisco.

The last post on this topic seems to be interesting but I think we cannot anymore create this kind of rule with the 1.0.2.6 firmware (the port fowarding rule needs a service to be specified).

Anyone can help us?

Thanks for your time guys

jaipalnair
Level 1
Level 1

Hi,

You can create custom services in RV120W through ->Firewall->Advanced Settings -> Custom services->

thanks,

jaipal

Thanks jaipalnair for answering so fast.

Yeah, we noticed the "Custom Services" menu and tried to create the GRE protocol (We selected "Other" for the type because GRE is not TCP/UDP/ICMP...). Then we added a firewall rule to forward Service PPTP and Custom Service GRE to our TMG.

But even with this, Site A is not able to mount the VPN neither as site B.

Do we have to open additional ports on this router? As I said in my first post, before changing the router at site B, everything was working fine. We suspect some strange behaviors with this router (for example, if we try to create a port forwarding rule from the "Port forwarding" menu, it simply does not work. We have to go through the Access rules in order to create port forwarding rules... strange...)

Ok, so here is our solution:

We replaced the Cisco RV120W by a Netopia and now everything works fine

Thanks Cisco!

Review Cisco Networking for a $25 gift card