cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
43118
Views
15
Helpful
87
Replies

Quick VPN client can not connect to RV042

arifwa2009
Level 1
Level 1

PID VID :           RV042 V03

LAN IPv4/ Subnet mask : 192.168.0.7/255.255.255.0

Working Mode :           Router

2012/04/09 11:55:40 [STATUS]OS Version: Windows 7

2012/04/09 11:55:40 [STATUS]Windows Firewall Domain Profile Settings: ON

2012/04/09 11:55:40 [STATUS]Windows Firewall Private Profile Settings: ON

2012/04/09 11:55:40 [STATUS]Windows Firewall Private Profile Settings: ON

2012/04/09 11:55:40 [STATUS]One network interface detected with IP address 192.168.1.141

2012/04/09 11:55:40 [STATUS]Connecting...

2012/04/09 11:55:40 [DEBUG]Input VPN Server Address = 1.2.3.4

2012/04/09 11:55:40 [STATUS]Connecting to remote gateway with IP address: 1.2.3.4

2012/04/09 11:55:42 [STATUS]Remote gateway was reached by https ...

2012/04/09 11:55:42 [STATUS]Provisioning...

2012/04/09 11:55:54 [STATUS]Success to connect.

2012/04/09 11:55:54 [STATUS]Tunnel is configured. Ping test is about to start.

2012/04/09 11:55:54 [STATUS]Verifying Network...

2012/04/09 11:56:00 [WARNING]Failed to ping remote VPN Router!

2012/04/09 11:56:03 [WARNING]Failed to ping remote VPN Router!

2012/04/09 11:56:06 [WARNING]Failed to ping remote VPN Router!

2012/04/09 11:56:09 [WARNING]Failed to ping remote VPN Router!

2012/04/09 11:56:12 [WARNING]Failed to ping remote VPN Router!

2012/04/09 11:56:16 [WARNING]Ping was blocked, which can be caused by an unexpec

ted disconnect.

2012/04/09 11:56:21 [STATUS]Disconnecting...

2012/04/09 11:56:26 [WARNING]Failed to disconnect.

PPTP working fine but not with Quick VPN .. test on some computer and internet access still can not get connect to router.

87 Replies 87

I've had similar problems and spent weeks reading all of these suggestions about Windows Firewall, ICMP encapsulation, etc etc.  Nothing worked for me with firewall settings, or restarting windows services related to IPSEC,encryption, etc etc.  Like you, PPTP was working fine but QuickVPN was not.

I've found that the solution to this is to ensure that your client computers are on both a different IP range and subnet mask.  So, for example at our office the Router assigns IP addresses 192.168.0.x with a subnet mask of 255.255.255.0.

On remote clients trying to connect with QuickVPN, I had to go into their routers AT HOME for their own internet connections and change their IP range to 192.168.1.x and their subnet mask to 255.255.255.128 (or something other than what we were using -- changing IP range alone did not stop the errors, I had to change their subnet mask too).

Their local router cannot be assigning the same IP addresses or using the same subnet mask as the RV042 is assigning at the office or else the conflict seems to screw up the QuickVPN connection.

As I think you also noted, this subnet issue seems to be particular to Windows 7.  I have one employee who comes in through the VPN who we had using the QuickVPN client for about 6 months now.  He was on a Windows XP machine and never had any problems. 

We swapped out his computer for a Windows 7 machine, and everything worked fine for about 3 weeks and then suddenly it stopped working out of the blue.  His router was already assigning a different IP range (192.168.1.x instead of 0.x), but his subnet mask was 255.255.255.0 just like our office.

After messing with it for 2 days, I remembered that we had another employee on Windows 7 and I had to change her subnet mask when we first set her up.  I did the same thing for this guy and it instantly fixed everything.

As far as what to do once connected -- we are using a mix of Windows XP and Windows 7 clients.  If you set up your remote people who are dialing in via the VPN as the same Workgroup name as everyone at the office, once the VPN connection is made you should be able to view all of the shared resources of the Workgroup as if the computer was connected to the LAN at the office (View Network Places).

I'm not sure if that's what you are trying to accomplish, but we basically needed a way to let people VPN in and use the file servers so that's what this accomplished.  You should be able to see all shared network resources as if you were on the LAN itself (files, printers, etc).

I am on the RV016, but I am betting yours works similarly to get fixed.

Hello Joshua:

That's music to my ears!  I am going to give it a try, as all what you have commented here sounds pretty reasonable.

But let me post again some of my facts in order to get the ideas straight:

1. When you configure the RVXXX to allow VPN traffic in, it suggests to change the LAN subnet to a 10.x.x.x one.  I accepted this suggestion and so, this complies with your

"I've found that the solution to this is to ensure that your client computers are on both a different IP range and subnet mask. So, for example at our office the Router assigns IP addresses 192.168.0.x with a subnet mask of 255.255.255.0."

comment. except for the subnet mask, which is something I am going to change.  Also, my local LAN has a 192.168.0.x assingment, which is compliant too.

2. When you connect with the Windows PPTP client, you know this will configure an interface with the assigned remote IP address, so this way you are able to see the remote peers.  In the case of the computer with which a can connect, what I don't see is where the assigned remote IP address is.  So I can't ping any of the remote peers.

I will come back again with comments on my results, I'm crossing fingers to succeed this time.

Thank you very much.

try updating the RV to its latest firmware..

you need to make sure your RV is your default gateway, connect a switch and plug all server and network devices to it..

example configuration:

RV ip address: 192.168.118.0/24, make sure all the resources behind the RV uses the same ip and subnet mask

:

printer > 192.168.118.10

server > 192.168.118.20

:

next is the remote user, make sure they are on a different ip scheme and subnet mask with RV

192.168.1.0 is the most common one.

:

Just to make sure I am understand correctly, you are trying to figure out the local IP address of the computer that is remotely connected (the IP address that was assigned to it by the router once it connected to the VPN)?

Actually, I don't think that I've ever figured that out.

Hello Wendell and Joshua:

1.- Now I am pretty sure that my problem is my Windows 7.  I've got Windows 7 Professional Service Pack 1.  I have tested with Windows XP machines and they hook up to the RV082 perfectly.  So I am going to let go the idea that it is the RV082.  Now I know it is not.

2.- Joshua, No.  I don't want to know exactly what the assigned IP address could be.  That is irrelevant.  I am trying to say that with the Windows 7 laptop (other than mine) with which I do get connected, I can't see any assigned IP address whatever it could be, from the remote LAN.  After the "Connected" window from QuickVPN appears, I try to PING the server I am interested to reach out, and I get no replies, even other resources up there

As for my own laptop, I was trying to test with a change in my local subnet mask, but at this moment my technicians at the other side just turned off the router, but I will try again tomorrow.

I'll let you know then.

Thanks again for your support.

wendellprincipe
Level 1
Level 1

Hi Javier,

The only device i cant ping is the router connected to my Rv042, evrything else working just fine.

We have this AS5350 connected to rv042 trying telnet from remote vpn, but not successful, i am still trying to figure out access list and iproute solution for this..

Also i have issues with xp, will connect after few times but with win7 just one try and connects immediately.

Sent from Cisco Technical Support iPhone App

Joshua:

I tried changing my home's own router's subnet mask to 255.255.255.128, in order to have it different from the remote RV082.

The result is the same.  The remote gateway is not responding.  I think this is something with Windows 7.  It definitely, somewhere, blocks the incoming ESP packets bearing the ICMP messages.  This is enough for me now.  I thank you all for your support.  Roger and out.

hi everyone,

i am just wondering how to telnet/ssh a router behind this RV042 using ACL... problem is that my remote pc is not having VPN network IP address..

it should be so easy but not able to work..

My RV is 192.168.118.1/24

the router behind this firewall has an ip address of 192.168.118.99/24

my vpn network is 192.168.118.0/24

access list 99

permit 192.168.118.0 0.0.0.255

i am strugling how to get this one work..

PLEASE everyone just stop trying to use QuickVPN.   IT DOES NOT WORK.

The routers are a great value without this "feature" so they should just pull the option.

clarification:  I should say that it does not work FULLY no matter how much you tinker with it (esp in a Windows environment).  It is not reliable or predictable enough for business use, and there are too many other options to bother with this headache.

About 5 years ago, I spent a couple months setting up and troubleshooting QuickVPN for one of my clients.  After long initial struggles, I got it working to an RV042 for several users, but I had to create custom lmhosts and hosts files so that the remote laptops could even find the servers.  Even after I had addressed all the problems, it still caused complaints because it didn't always work.

The solution?  I configured RAS VPN on one of their Server 2003 boxes and after very brief testing and troubleshooting it worked as intended and was very reliable.  Now they use Server 2008 for VPN, and RV082 for firewall/gateway.

Hey Javier,

I had this issue re-appear randomly on one of my Windows 7 machines today (that I thought I had fixed with subnet masks).

I ended up getting it to work by changing ALL of the applications in the QuickVPN folder to "Run as Administrator" under the compatibility tab.  Not just QuickVPN, there are about five other applications in there that it uses.  I changed all of those to Run as Admin and it instantly worked.

Maybe just a coincidence, but thought I would pass it on.

Hi Guys,

I have a similar issue and I am at my wits end with this. I am running windows 7 professional 64 bit, Windows 7 Home 64 bit and Windows Vista on three different client laptops. I have read a thousand posts on how to configure quick vpn client with the RV042 and I am still having connection issues. The Windows Vista machine connects fine but the windows 7 machines hang at Verifying network and then the error, "no response from the gateway". I am sure its not a port issue being blocked along the way as the vista machine would not connect. When I perform a packet trace from the vista machine and the windows 7 machine, I notice the vistat machine sends two ESP packets, receives a response from the RV042 and then connects. The windows 7 machines also send two ESP packets, however no response is received from the RV042. I thought maybe the RV042 needed to upgrade so I upgraded the firmware to

Firmware Version : v4.2.1.02 (Jan 18 2012 14:10:55)

but still I cannot connect.

the logs from Quick VPN Client are as follows. Which typicallyl means the reply ping from the remote LAN encapsulated in the ESP packet doesn't come through. It doesn't even show up on a protocol analyzer. Its like it never left the RV042 device.

2012/12/13 14:36:18 [STATUS]OS Version: Windows 7

2012/12/13 14:36:18 [STATUS]Windows Firewall Domain Profile Settings: ON

2012/12/13 14:36:18 [STATUS]Windows Firewall Private Profile Settings: ON

2012/12/13 14:36:18 [STATUS]Windows Firewall Private Profile Settings: ON

2012/12/13 14:36:18 [STATUS]One network interface detected with IP address 172.16.1.137

2012/12/13 14:36:18 [STATUS]Connecting...

2012/12/13 14:36:18 [DEBUG]Input VPN Server Address = 69.x.y.z

2012/12/13 14:36:18 [STATUS]Connecting to remote gateway with IP address: 69.x.y.z

2012/12/13 14:36:18 [WARNING]Server's certificate doesn't exist on your local computer.

2012/12/13 14:36:20 [STATUS]Remote gateway was reached by https ...

2012/12/13 14:36:20 [STATUS]Provisioning...

2012/12/13 14:36:30 [STATUS]Success to connect.

2012/12/13 14:36:30 [STATUS]Tunnel is configured. Ping test is about to start.

2012/12/13 14:36:30 [STATUS]Verifying Network...

2012/12/13 14:36:35 [WARNING]Failed to ping remote VPN Router!

2012/12/13 14:36:38 [WARNING]Failed to ping remote VPN Router!

2012/12/13 14:36:41 [WARNING]Failed to ping remote VPN Router!

2012/12/13 14:36:44 [WARNING]Failed to ping remote VPN Router!

2012/12/13 14:36:47 [WARNING]Failed to ping remote VPN Router!

2012/12/13 14:36:54 [WARNING]Ping was blocked, which can be caused by an unexpected disconnect.

2012/12/13 14:36:56 [STATUS]Disconnecting...

2012/12/13 14:37:00 [STATUS]Success to disconnect.

I truly frustrated with this device and hope there is fix by now. I am looking forward to any help you can provide.

Craig

This is a never-ending issue.  I've had my own struggle too.  Very sad certainly.

Look at my experience:

At home I have my Internet service through HFC.  When I'm home, I am not able to connect to my office's RV082 (which is the same as RV042 for practical purposes).

When I'm at my dad's home, I DO get connected, with the same configuration for QuickVPN.  This internet service is through ADSL.

What I've seen is that behind my home's HFC router-modem (which provides my TV service too), there is a 10.x.x.x subnet towards my ISP's next public IP out to the Internet.  While at my dad's home, the ADSL modem has a public IP gateway address behind.

At my office, the VPN subnet is a 10.x.x.x too.  So I guess with Windows 7 there must be something about this.  Because with an XP machine, I am able to connect from either place.  Even, I have changed the subnet class at my office's router, but have not had any success either.

I think Cisco should seriously look for true help with this issue with Microsoft.  While at Windows 7 Networking fora, they can only say "please consult your router's provider", and when you come to Cisco's fora, they say the very same thing about Windows 7.  So none of them gets really involved in finding out the real solution.

What I do meanwhile I am not able to connect through QuickVPN, I use PPTP.  Although this only gives me 5 concurrent connections.  Sadly enough, that's the only way I can connect from home with a Windows 7 machine.

I know your anger at this.

Sorry for not helping further.  This is all I can tell.

Regards.

I come from Holland originally and there we have a saying which translates to "Buy cheap is buy expensive". And that is true. The RV042 is cheap and you expect it to work with QuickVPN. Now I have multiple RV042's even though I should not need them but that is the only thing that works (RV042 to RV042). And I have different hardware versions as well.

So you are better of buying something good to start with. To be honest, I don't know what that would be though because even the professional vpn routers have security holes (I won't expand on this here). Security certificates on RV042 are nice but you don't need them, they don't stop anything.

If anyone has experience with good professional equipment, please let me know.

All I need is a vpn box that can be connected to by people in the field via a secure vpn client (meaning no certificate, no access).

I don't need office to office tunnels etc

Johan,

Instagate is a very good brand (sorry Cisco ), although, as you said, it's no cheap.  You should dive into their web site, try "Googleing" it.

I've used it with PPTP with a former employer, and is very stable and safe for most purposes.  I understand they've got their own vpn software, but at that company they never provided me with it as it was not necessary.

Have luck.

M Xmas to all.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: