Hi Bernard,

     The first step you will need to do is go under firewall and go under advance settings and click on custom service. You will create a TCP port for 3389, start port is 3389 and end port is 3389. Once you create your custom service then you will need to go to either access rule or port forwarding (weather you create it under access rule or port forwarding they get added to both sections). For this set up, we will go under port forwarding. Once you are under the port forwarding section then you will select your custom service you created from the drop down box (any custom service you create will be at the bottom of the list). Just make sure you action is set to always allow and your destination ip address is were you are wanting to RDP into and your internal port would need to be 3389.

Not sure if you are using port forward for RDP but just using it for part of the example.

Let me know if you have any questions. If all else fail you are welcome to call us at 866-606-1866 all the Cisco Small Business Center.

Clayton,

Thank you very much. It worked great right from the get go. And it's much faster than the RVS4000. I'm curious to hear the diagnosis of the port forwarding trouble that others have encountered.

Yes, I'm using Windows RDC.

Cheers,

Bernard

Clayton,

One wrinkle:

On the RV180, when I forward port 443 to our NAS server, in order to make available its browser-based file-server to offsite clients, my QuickVPN now fails to connect. Disabling port 443 forwarding restores QuckVPN functionality. What is the best workaround? This problem didn't happen with the old VRS4000.

Thanks,

Bernard

Bernard, set the QVPN port for 60443 and see if that helps.

-Tom
Please rate helpful posts

Tom,

I did try changing the drop-down port selection in the QuickVPN client from Auto to 60443, but it still will not connect when 443 is forwarded to the NAS on the RV180.

Question: I notice that Remote Management needs to be enabled to use port forwarding, and its default port is 443. Does this have any bearing on the problem?

Thanks,

Bernard

QuickVPN Client uses either port 443 or 60443. If you need to forward port 443 to a NAS server, you have to enable Remote Management at port 60443 so that all features (NAS, QuickVPN, and remote management) can work well together.

Tekliu,

I have done that, and the connection process now proceeds farther. It gets past Activating Policy... but hangs at Verifying Network... After that the "Info/The remote gateway is not responding. Do you want to wait?" dialog box pops up. And waiting doesn't help. I've tried both Auto and 60443 in the "Port for VPN" client dialog box. With 60443 only "Server's certificate doesn't exist on your local computer" pops up only once instead of twice.

Any further thoughts would be most welcome.

Thanks,

Bernard

I have done that, and the connection process now proceeds farther. It gets past Activating Policy... but hangs at Verifying Network... After that the "Info/The remote gateway is not responding. Do you want to wait?" dialog box pops up. And waiting doesn't help.

The pop-up "remote gateway is not responding" indicated that QuickVPN client cannot ping the LAN IP of RV180, which could be caused by the Windows firewall on the computer that QuickVPN clients running on. To verify this, you can do the following:

While the pop-up is on, try to access other computers in the LAN of RV180 using their LAN IP addresses. This is to test whether the tunnel is actually up or not. If the tunnel is up, you can actually leave the pop-up message there, and the tunnel will stay up. If the tunnel is not up, you would need to verify if the IKE/IPsec handshake has occurred perhaps with a packet capture. This task can be assisted by an engineer when you contact the small business support center.

One additional clue: Not surprisingly, with 60443, it behaves the same regardless of whether 443 is forwarded or not.

Here's the log file, which looks similar to those listed in earlier threads:

2012/09/02 16:43:22 [DEBUG]Input VPN Server Address = redacted

2012/09/02 16:43:23 [STATUS]Connecting to remote gateway with IP address: redacted

2012/09/02 16:43:23 [WARNING]Server's certificate doesn't exist on your local computer.

2012/09/02 16:43:26 [STATUS]Remote gateway was reached by https ...

2012/09/02 16:43:26 [STATUS]Provisioning...

2012/09/02 16:43:35 [STATUS]Success to connect.

2012/09/02 16:43:35 [STATUS]Tunnel is configured. Ping test is about to start.

2012/09/02 16:43:35 [STATUS]Verifying Network...

2012/09/02 16:43:41 [WARNING]Failed to ping remote VPN Router!

2012/09/02 16:43:43 [WARNING]Failed to ping remote VPN Router!

2012/09/02 16:43:46 [WARNING]Failed to ping remote VPN Router!

2012/09/02 16:43:49 [WARNING]Failed to ping remote VPN Router!

2012/09/02 16:43:52 [WARNING]Failed to ping remote VPN Router!

2012/09/02 16:43:54 [WARNING]Ping was blocked, which can be caused by an unexpected disconnect.

2012/09/02 16:44:11 [STATUS]Disconnecting...

2012/09/02 16:44:15 [STATUS]Success to disconnect.

2012/09/02 16:44:30 [STATUS]OS Version: Windows 7

I do have the newest version of QuickVPN. My RV180 firmware is 1.0.1.9

So I'm wondering, Why does it work on 443, except when that port is forwarded, but not on 60443?

Thanks again,

Bernard

>So I'm wondering, Why does it work on 443, except when that port is forwarded, but not on 60443?

If port 443 works for you before (without port forwarding to NAS), there is no reason that port 60443 (with forwarding 443 to NAS) would not work for you. You might want to contact the Support center for futher assistance.

Tekliu,

I tried leaving the pop-up open and accessing the LAN as you suggested, but no luck. I have RDC access into the system and can see in the RV180's IPsec Connection Status that there are no connections. I guess it's down to calling in a ticket.

Thanks,

Bernard

Yes, please give them a call. An engineer can try a QuickVPN connection from his/her computer to isolate any client-side issue.

Just a final note: I see in the thread https://supportforums.cisco.com/thread/2022966 that the last post shows a similar fact pattern as mine. The ONLY way he got QuickVPN to work is via 443. He closes with "Cisco needs to address the port confilict so 443 can be forwarded for other uses." Here we are nearly 2 years on, locked in battle with the same demon.