Hi Beowulf,

Someone on the Apple support boards was having a similar problem. This is the solution they came up with:

The key piece of software is a program called IPSecuritas from www.lobotomo.com. This has the same function as VPN Client, but includes a lot more options and settings.

IPSecuritas client settings are as follows:

General:
Mode of operation: Host to Network
Remote IPSec Device: router.company.com (note, this gives the "external" WAN IP address of my router, as hosted by DynDNS)
Remote Network: 192.168.2.0/24 (this is the numbering system of the LAN behind my RV042)
Local address: (Blank)
Exchange mode: Aggressive
Proposal check: Strict

Phase 1: 28800 sec, Mod 768 (1), DES, MD5

Phase 2: 28800 sec, Mod 768 (1), DES, HMAC MD5

ID/Auth:
Local Identifier: DN, user@company.com (I don't think this needs to be a valid e-mail address as long as it is the same on both devices)
Remote Identifier: (same)
Preshared secret:  (choose any password)
Options: IpSec DOI, SIT_IDENTITY_ONLY, MIP6, Initial Contact, DHCP Pass-through, Establish IKE Immediately, Auto Start are all checked.

Also, on the IPSecuritas Preferences menu, I have checked 'Replace DNS Settings on IPSec Activation' with our domain name and the internal IP address of our DNS, 192.168.2.134.

On my RV042 router, I have Tunnel 1 enabled as a Client to Gateway on WAN1. (This is with the latest firmware from July 2005, ver. 1.3.7.2)

Local Security Gateway Type is Dynamic IP + E-mail Addr. (USER FQDN) Authentication.

Email address: user @ company.com, matching the IPSecuritas setup on the Powerbook.

Local security type also matches the client settings: Subnet; 192.168.2.0; 255.255.255.0

Remote client is also Gateway Type Dynamic IP + E-mail Addr. (USER FQDN) Authentication and the same user@company.com.

Keying mode IKE with Preshared key.
Phase 1 DH Group: Group1, encryption DES, Authentication MD5, SA Lifetime 28800sec.  Perfect Forward Security-yes.

Phase 2: Group1, DES, MD5, 28800 sec.

Preshared Key: (your passsword, same as you chose in IPSecuritas)

Advanced: Aggressive mode is enabled and locked.  Dead Peer Detection 10 sec.  All else un-checked.

VPN Pass Through: All enabled.

VPN Client Access: Don't waste time with this; it is for the Linksys QuickVPN utility from Windows only.

This is working great. I have access to my whole internal subnet, all ports, with functioning internal DNS even though I didn't put it in Network configuration for my "Traveling" location on the PowerBook.

One thing I should note, after you set all your preferences and hit the Start IPSec button in IPSecuritas, it takes ten or fifteen seconds for the green check mark to replace the red X. Be patient. Check the System log and the IPSecuritas log to see if things are happening.

I assume this will also work for the other Linksys products in this line, the RV0041, RV082 and RV016.

I hope that helps!

Yours,

TST

Great Info!! but it doesn't apply to the iPad connecting to a RV042.

not yet, but if the router firmware is prior to 4.0.x,

then you can connect via the PPTP server

I'd like to know if that's possible as well, anybody??

Well, it appears that the Cisco RV042 does NOT SUPPORT the *Cisco branded* IPSec VPN that iOS offers.  What???

The latest firmware (which removes telnet access that would have supposedly allowed us to enable IPSec) to the RV042, does at least enable the horribly buggy and insecure PPTP, but why would we want to keep using such a security risk?  Only a fool would run WEP or PPTP!  Any dedicated middle-school kid would have your entire network cracked during lunch.

Cisco, wherefore hast thou forsaken us?!?  This is incredibly frustrating.

Please correct me if by some miracle I am wrong, but I've beaten my head against the wall for weeks over this, and PPTP is the *only* VPN service I can get running on the RV042.