08-26-2012 02:47 AM
Hi,
Due to various reasons, I need to configure a new RV042 behind a SSG5 firewall. All VPN connections is client to gateway.
Firstly, i tried doing a direct connection(bypassing the firewall), the quickVpn status says connect but I can't even ping the rv. I suspect is due to client own ip is 192.168.1.x and the gateway ip is also 192.168.1.10. How do I resolve this such that users can connect anywhere without having to worry about clash of ip?
Any advice on how to place the rv behind a firewall specifically a SSG5?
08-26-2012 08:09 AM
Hi Vincent,
The Juniper device will have to support the appropriate VPN passthrough and likely need to have all applicable ports forwarding to the RV042.
Additionally, if that implementation is too sloppy, you may try to configure a DMZ client on the Juniper for the RV042 connection.
Also, if you have multiple IP block you may configure one to one NAT on the Juniper pointing to the RV042
I would recommend to give Juniper a call and ask them how to get the RV042 as a DMZ connection.
-Tom
Please rate helpful posts
08-26-2012 08:32 AM
Hi Thomas,
Thanks for the quick reply, unfortunately we no longer have support for the juniper. I see what I can do from here.
Any idea on how to resolve connecting clients with conflicting ip ranges with IPSec? I would need to connect more than 5 users so pptp would be unsuitable.
08-26-2012 08:36 AM
If it's possible, change the RV0XX subnet to something more obscure such as 10.150.1.1. Almost all manufactured routers are 192.168.1.x or 172.16.1.x.
Otherwise you would need a connection that supports assigning IP address from the router when connected (as you mentioned, PPTP does do that).
-Tom
Please rate helpful posts
08-27-2012 08:30 AM
Before I get to the juniper part, I'm getting frustrated getting the RV VPN to work. Now the connection is straight wan then the RV, yet I cannot connect using quickVPN.
The weird part is I managed to get the connection going for awhile then it just stopped working during connection with the quickVpn hanging at verifying network and i cannot figure why. Checking the logs on the client, it says cannot ping gateway internal ip. Checking the RV logs shows that there is activty and connections. Isn't it supposed to be straight forward?
I switched off the RV firewall to no avail. The client is also checked that only windows firewall is on and all the relaxant ports are open.
I would appreciate any help or advice.
08-27-2012 08:33 AM
Hi Vincent,
From where are you testing the connection? And, what connection type are you testing it from?
If you want, send me a message with your public WAN IP and create an user for me tom12345/tom12345 and I will test from my location.
-Tom
Please rate helpful posts
08-30-2012 12:09 PM
Vincent, thanks for the message. I have connected from my home location using a Window 7- 64 bit computer on Charter ISP. I'm currently connected for 8 minutes at the time I'm writing this.
In unusual cases, I've seen customer's outbound connection to be the actual problem. A lot of times using product like Verizon hotspot or tether to a phone, these connections fail, either due to not enough upload or because the connection will drop the ESP packets. I've also seen on VERY RARE instance, routers on a LAN connection have the same behavior, but if you connect directly to the modem, everything works great.
The QVPN can fail for a lot of reasons aside connection oriented reasons, such as security. On Window 7 and Vista, the Window firewall must be enabled. On XP, the firewall disabled.
3rd party security software also makes particular problems, such as Norton and MCAfee services, also things like Panda software. Right now I am running AVG and it does not interfere with my ability to connect.
You may consider to try to reboot your computer in safe mode with networking, as it should load only core system components.
I hope this may help you some.
-Tom
Please rate helpful posts
08-30-2012 09:31 PM
Hi Thomas,
Thanks for your help, somehow my connection seems to be working at the moment.
As im using the same laptop for testing, im sure its not a problem on the OS if i can connect sometimes.
If it's mobile tethering problem, it's going to be a problem as it's a popular way of connectivity here especially the users are on the go.
Any tools or advice or how can I track down the issue?
Thanks again for your help.
08-30-2012 09:40 PM
Vincent, it is good news to know if your computer can connect. It rules out the RV042 ISP connectivity. It rules out the RV042 ability to accept an inbound connection. It also rules out your computer's ability to connect since it works.
Saying this, I would assess what connections you are using. Typically, it is not supported if people are using air cards or tether technologies, satelite connection because they are unreliable in nature, but in addition, often uncontrollable as they are managed by 3rd party.
If you're tethering to a cell phone as an example, you may want to check the IP address your computer receives from this. It may be just an IP conflict. But ultimately it is hit or miss due to reliability if it is not conventional method of connectivity.
-Tom
Please rate helpful posts
09-03-2012 12:23 AM
Hi Thomas,
Thanks for the help so far, after more troubleshooting, i've changed the client to shrewsoft VPN client, and I can connect properly now.
The next problem is that I can ping my rv internal ip which is 192.168.21.88 but I can't ping any other devices on the network. I've used the rv diagnostics ping and it's returning fine.
The rv used as a VPN box seems to be quite a handful...
09-03-2012 09:32 AM
Hi Vincent, assuming all configuration is good to go it is usually a LAN based issue. The most common issues I see
-Tom
Please rate helpful posts
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide