06-22-2020 04:00 PM
I've done quite a few site-to-site VPNs with Cisco Small Business Routers. But I've never done one from scratch for Client-to-Site. I'm converting the site from an old Netgear router with a Cisco RV340 Dual WAN VPN Router and have a few questions:
I've been reading the procedure at: https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5748-use-thegreenbow-vpn-client-to-connect-with-rv34x-series-rout.html and I've been reading about Creating User Groups at: https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5853-create-user-group-vpn-setup-rv340-router.html.
Where I don't quite get the gist of the approach there. Are the Users real individual users with certain characteristics? Or, are the Users just aliases? I don't see how real individual users would match up with the GreenBow client entries where there is no User .. ?
Also, the GreenBow / RV340 article doesn't match very well with the actual GreenBow client software I'm using. It's close but some things are quite different.
I'm doing this in a "lab" environment to make it easier but still haven't hit on the magic formula.
One other question is:
Since these are Client-to-Site setups where the clients are moving around and having various different IP addresses, what does one use for Local Identifier and Remote Identifier? If I choose for Local Identifier: Local WAN IP in Edit a New Tunnel, it doesn't fill in the space below for that. And what to use for Remote Identifier?
In the User Groups EzVPN/3rdParty
Step 7. Choose a profile from the Select a Profile drop-down list. The options may vary, depending on the profiles that have been configured on the VPN gateway.
Even though a profile has been set up, there ARE NO profiles in the drop down list! ??
So, that's a show-stopper.
I appreciate any help as this is the first-time thought this particular device and with client-to-site setup.
05-13-2021 10:23 PM
Hi Fmarshall
For vpn-server c2s config for Greenbow and Shrewsoft vpn clients using only IKEv1-IPsec, the below are the steps and the c2s-server config screenshots are given....you need to use the IDs used in the server on the client-side as well by interchanging....
Step-1:
In System-Mgmnt, create a user-group say named "testgroup1"
Step-2: Next in user-accounts section...create accounts (for the remote ipsec clients to login) in the user-group
Ste-3 Go to IPsec Profiles and create a algorithm profile for IKEv1
Step-4, got to client-to-site page and follow the attached screenshots...
Step-5: Configure the Greenbow IKEv1 client...
05-14-2021 12:24 AM
Hello Marshall,
Here is a more recent guide on how to configure the GreenBow client. https://www.youtube.com/watch?v=2OcCuCWBCoE
Regards,
Martin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide