02-18-2014 05:30 AM
I am having trouble setting up a Cisco RV042 router which I want to use because of its dual WAN feature to replace a DLink-615.
I use the router to connect from Israel to a VPN provider in the UK.
The settings that presently work on the Dlink that I need to replicate for the RV042 are as follows:
Connection Type - PPTP with Dynamic IP
Obtain DNS server address automatically
Username,Password and VPN server address
Encryption MPPE 128 bit
Authentification algorithm – MS-CHAP-V2
The RV042 has firmware V4.2.2.08 and the settings I have used so far are as follows:
WAN1 connection type PPTP
WAN IP address to the UK VPN server address .
I have left the subnet Mask as 255.255.255.0 and the default Gateway Address as 0.0.0.0
My VPN username and password
The DHCP setup is set to enable DHCP Server
I set the DNS Server (required) 1: to 8.8.8.8 and leave everything else blank
This does not connect
Is it possible to setup the RV042 to work in the way the Dlink-615 works?
Solved! Go to Solution.
02-22-2014 10:02 PM
Geoffrey,
The RV042 does not support IPSec/L2TP. More importantly, it cannot function as a VPN client so there is no place to enter a username or password. It is strictly a VPN server for IPSec Gateway to Gateway, IPSec VPN client access and PPTP client access.
- Marty
02-20-2014 05:46 AM
According to Cisco technical support what I want to do is impossible. The problem seems to be that since I cannot do an encrypted PPTP connection with the RV042 even establishing a L2TP connection will not be possible. For secure VPN operation this router seems to depend on being attached to a computer running encryption software rather than it working on its own. Please tell me if I am wrong.
02-20-2014 08:10 AM
Hi Geoffrey, the router on the far end, is this a VPN server?
The PPTP WAN option on the router is expecting to authenticate ISP connection to provide internet connectivity, much like PPPoE.
I also wouldn't be surprised if you see log message from attempts to connect. "pptpd" would be considered a server error while "pppd" is client error message. The router is not designed to work as VPN client capacity. It is designed to be VPN server for IP client connection, PPTP client connection and IPSEC gateway to gateway connection.
If your goal is to interconnect 2 remote site, you may want to try IPSEC gateway to gateway VPN if the far end router supports this.
-Tom
Please mark answered for helpful posts
02-20-2014 08:29 AM
Tom
Many thanks for your response.
The far end server does support either straight PPTP or IPSec/L2TP clients but I have been told that authentication and encryption are needed for the PPTP connection.
I am not clear whether this would also be needed for a IPSec/L2TP connection - can you please clarify re this.
Should I be able to use the RV042's built in Gateway to do an IPSec/L2TP connection?
02-20-2014 08:47 AM
Geoffrey,
The RV042 does not have L2TP functionality, either for site to site or client VPN. For site to site VPN, IPSec is the only option. You should check if the other end supports IPSec tunnels.
- Marty
02-20-2014 11:30 AM
Marty
If the other end will support IPSec tunnels would I be able to use this using what is built into the RV042 without needing PPTP encryption ?
02-20-2014 11:57 AM
Geoffrey,
Yes, most site to site tunnels use IPSec as it has stronger security than PPTP.
- Marty
02-20-2014 05:12 PM
The other thing you can do is just leave the Dlink in place and set the rv042 in the Dlink's DMZ. This way, the dlink will handle the PPTP and just provide and IP address to the rv042.
Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
02-20-2014 07:08 PM
Using the rv042 on its own I thought that I just needed to go to the VPN Gateway to Gateway menu and fill in only these fields?
So far this has not worked.
My far end server people have told me what is needed for most of the fields but I notice that there is nowhere where I fill in my user password.
This does not seem correct.
Am I missing something ?
02-20-2014 10:42 PM
Geoffrey,
For a site to site tunnel you should use a preshared key. It sounds like you are attempting to set the RV042 up as a VPN client. It should be set up as a Gateway to Gateway VPN tunnel, not Client to Gateway. Was the D-Link set up as a PPTP client? The RV042 does not have settings for that.
- Marty
02-20-2014 11:58 PM
Marty
I am setting the RV042 as a Gateway to Gateway VPN tunnel with a pre shared key.
The server people have only told me this:
Local net/mask:
He has to enter somewhere his username and password. But where exactly
- I don't know, as I don't have that router handy.
However on the Gateway to Gateway screens there seems to be no way of entering the password that the distant server needs.
Do I need to be filling in the VPN Client Access screen which does have password fields?
02-21-2014 09:03 AM
Geoffrey,
The VPN Client screens are for if you want to set up the RV042 as a server for clients to connect to from other locations. The remote router is set up for client connections only, not gateway to gateway.
On the gateway to gateway setup page, you will see all of the information that you need to match on the remote router. Some of the information that you will need to match EXACTLY on the remote router:
IPSec Setup
Keying Mode |
Phase1 DH Group | ||
Phase1 Encryption | ||
Phase1 Authentication | ||
Phase1 SA Life Time | seconds | |
Perfect Forward Secrecy |
Phase2 DH Group |
Phase2 Encryption | ||
Phase2 Authentication | ||
Phase2 SA Life Time | seconds | |
Preshared Key |
- Marty
02-22-2014 10:05 AM
Marty
My server people say :
Unfortunately this router does not support the type of IPSec connection we are supporting, which is IPSec/L2TP
Is this really true ?
If I am only able to fill in the IPSec screen there seems to be no way of entering my name and password.
Is this the problem ?
Geoffrey
02-22-2014 10:02 PM
Geoffrey,
The RV042 does not support IPSec/L2TP. More importantly, it cannot function as a VPN client so there is no place to enter a username or password. It is strictly a VPN server for IPSec Gateway to Gateway, IPSec VPN client access and PPTP client access.
- Marty
02-22-2014 07:30 PM
There's a couple of different ways to implement a VPN: Site-to-Site, Client-to-Site, and a few others I can't think of immediately.
Anyways, the rv042 is deisnged for site-to-site and client to site on certain protocols. The dlink is doing a client to site using pptp, which is not a supported implementation by the rv042.
A way around this issue is to use the dlink as a 'modem' to connect to the vpn via pptp and then connect the rv042 behind the dlink as your main router.
You mentioned you were replacing the dlink because of the dual wan feature of the rv042. If you only have this one wan, and it's connected to your vpn via pptp, there's no reason to even have the rv042 as the dual wan will do nothing more than the dlink can.
Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide