10-19-2017 04:58 PM - edited 03-21-2019 10:57 AM
I need solution for this issue ASAP or the device is completely useless to me and I will have to return it, so far it seems like a great router, but without VPN from Windows 10 what's the point?
so here are the details, VERY similar if not identical to this: https://supportforums.cisco.com/t5/small-business-routers/pptp-not-recognzing-accounts-in-local-database-rv340/m-p/3052636#M33285 , somehow that's marked as solved without a solution.
Remote client: windows 10
Types of VPN i tried: PPTP and L2TP with pre-shared secret
for PPTP I've tried all sorts of various settings, but I want MS-Chap2 to work if at all possible. No settings allow the remote client to connect.
for L2TP windows has an error of EVENT ID 20227 : The error code returned on failure is 789. (RasClient), I do not see much in the router logs for this type of VPN
for PPTP I get logs in router so here they are:
pptp: Connection terminated.
pptp: Peer cisco failed CHAP authentication
pptp: RADIUS: Can't read config file /etc/radiusclient/radiusclient.conf
pptp: /etc/radiusclient/radiusclient.conf: no authserver specified
pptpd: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
pptp: Warning - secret file /etc/ppp/pap-secrets has world and/or group access
pptp: Connect: ppp0 <--> pptp (MY HOME IP)
I DO NOT HAVE RADIUS enabled/configured etc..
on routers with IOS/CLI the simple solution seems to be to not make LOCAL USERs passwords "secret", but on the RV340 I seem to be SOL.
Please advise, there seem to be hundreds of us with this issue.
Serial Number of router: PSZ21181E2E
Firmware Version: 1.0.00.33
thank you in advance for any help.
10-19-2017 06:16 PM
By the way, I tested it with using PAP and it worked fine so this really is a bug on the RV340, it seems to be in the latest firmware as well ( I know mine is outdated).
I believe this is the actual issue: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd97778/?referring_site=bugquickviewredir
but I have no idea how it was not fixed yet.
10-23-2017 02:17 AM
Hello everybody
Exactly same problem with my new RV340.
RV340 is a VPN-Gateway, but the core function not work ?!?!
Hope there is soon a Bugfix.
Kind Regards
Chris
10-23-2017 05:48 AM
how this gets past quality control/testing is beyond me. It's ridiculous.
Cisco: oh we allow local accounts on the device? cool feature, customers will like that
Cisco: lets offer really popular L2TP/PPTP VPN on this thing, customers will like that...
Cisco: I bet MOST of customers will buy this router for the ONLY REASON of using the VPN and having our great support/name branding so it sells easy to their clients. We did real good guys!!!
Dude shunned to basement long time ago: hey everyone... could ya you know... maybe TRY TO CONNECT so 100% of our customers that want to use this feature aren't screwed?
/end of my attempt at recreating history.
11-17-2017 08:03 AM
Greetings,
about how to configure PPTP on Windows 10, what you need to do is disable CHAP/CHAP2 negotiation on the PPTP security setting, so far, there is known-issue on RV340/RV345 and it's only using PAP (developers are actively working on this to improve it.).
the configuration must be like this:
right now, if you want to use CHAP2, then, you need to set a remote authentication method as RADIUS.
11-17-2017 08:07 AM
Thank you for the reply, you are absolutely correct, but..
This is a MAJOR selling point of this device, it has been broken for months if not years! It is not only unacceptable to sell a VPN router whose VPN feature is absolutely broken and yet somehow this got through QA testing, but it's shameful that this was not patched immediately.
Not only that, it seems there would be a very simple fix if the device had CLI as the password could be made not secret which supposedly fixes the problem on higher end devices with CLI that also suffered from this bug. If one command can fix it on CLI device, are we really looking at months worth of development for a firmware fix?
11-17-2017 08:11 AM
unfortunately, our Small Business devices are not like enterprise one and so far, there is not ETA about any patch/fix for this issue.
I wonder if we can submit a new Service Request (ticket) on our STAC support department so we can escalate your concern to the next level. if you agree, let me know and I will reach you via internal message.
11-17-2017 08:33 AM
11-17-2017 08:44 AM
Greetings,
if you are using OSX or iOS, then, you can try to use Cisco VPN Client on the RV340.
I've attached a quick manual.
test it and let me know.
11-17-2017 03:41 PM
03-26-2018 05:38 AM
im using a program called shimo for osx. PPTP used to work when i had my rv320, now with my RV345 it doesnt work at all.
L2TP, no work on osx or ios
ipsec no work on osx or ios, even when using a separate client software like shimo
i tried every setting combo possible, nothing works. please try yourself to connect an iphone to the router without using any certificates and just pre shared keys
the only thing that works is site to site vpn between two rv340's
04-13-2020 03:26 PM
Three years later and it's still not fixed. Yay Cisco you're really going the extra mile. I hope the Meraki MX platform works better.
04-14-2020 06:25 PM
Yep standard VPN support on this router is garbage, and previous supported RV series models were too slow when they did work--despite being stable. The RV130's recent r54 firmware finally produces usable VPN performance, but I had already phased most of them out at this point.
For any sites I manage with significant needs for these types of VPNs, I replaced the RV's with Ubiquiti Edgerouter entry models (X and Lite) which have worked stellar. The X platform (MediaTek) had occasional buggy firmware releases vs the Lite platform (Cavium), but have not been a problem for the last year or so. Expect to use a combination of GUI, Config Tree (router registry type structure) and CLI to make them work for VPN's but they are very fast and stable. The X runs extremely cool and its lower "on paper" specs for routing performance & RAM have not proven to be relevant in any application for my SMB sites.
I won't be taking these RV routers seriously anymore, as VPN performance (RV32x) & usability (RV34x) for these types of configs has been a train wreck on their modern supported models for years now. Cisco seems to be mainly interested in pushing buyers into their paid offerings for the RV34x, with these standard VPN features being spec sheet bs to try to get admins "in the door" and try to convert them. Hopefully Cisco will one day prove me wrong, but I'm not holding my breath at this point.
11-15-2020 01:01 PM
Hi everyone,
I had the same issues with my RV340, and I found a solution !
If you see your logs, this line need attention : "pptp: RADIUS: Can't read config file /etc/radiusclient/radiusclient.conf"
What ! Radius , I don't want use a Radius server ! ( this server permit to store ID of user and share it to this rooter)
Well ! How to change this ? Go to "User Accounts" > Service Auth Sequence and at PPTP line, change "Customize Primary" To Local DB !
That's all !
have fun with your RV rooter !
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide