cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
5281
Views
24
Helpful
5
Replies

Cisco RV042 can't create a simple VPN ???

SkipSkip75
Level 1
Level 1

Hello,

I'm confused because i'm trying to set up a simple VPN (client to Gateway), but i can't !

An SSL VPN or an IPSEC VPN, whatever...

The firmware of the RV042 is up to date, and i'm trying QuickVPN as a client vpn (also updated...)

My configuration details :

I'm in  : 192.168.2.14 /24

My RV042 : 192.168.2.250 /24

And the VPN intend to connect me to : 192.168.4.x

I'm for the while in test phases... that's why i'm using private IP...

Client To Gateway
Add a New Group VPN

TunnelGroup VPN
Group No.  1
Tunnel Name : TEST-VPN
Interface :
Enable :


Local Group Setup
Local Security Group Type :
IP Address : 192.168.4.0
Subnet Mask : 255.255.255.0


Remote Client Setup
Remote Client :
Domain Name : microsoft.com


IPSec Setup
Keying Mode : IKE with Preshared key
Phase 1 DH Group :
Phase 1 Encryption :
Phase 1 Authentication :
Phase 1 SA Life Time : 28800 seconds
Perfect Forward Secrecy :
Phase 2 DH Group :
Phase 2 Encryption :
Phase 2 Authentication :
Phase 2 SA Life Time : 3600 seconds
Preshared Key : 123456

so far, nothing complicated.. ok?

Then i create my user for the test :

VPN Client Access




Username :

New Password :

Confirm New Password :

Allow Password Change : YesNo

Active :







The user is created, and activated...

For the test, i've disabled the firewall (router + windows 7).

An dnow, when i lunch the client QuickVPN :

Sans titre.png

Then when i lunch it :

>>>> Connecting...

>>>> Activating Policy...

>>>> Verifying Network...

>>>> The remote Gateway is not responding. Do You want to wait ? [NO]

>>>> Disconecting from server....

So that means, after activating the policy, i'm logged into the router (Status user : active). But when he verify the network... i'm disconnected !!

There are the log of the RV042 :

Dec 18 12:57:50 2012VPN Logadded connection description (qknips1)
Dec 18 12:57:50 2012VPN Loglistening for IKE messages
Dec 18 12:57:50 2012VPN Logforgetting secrets
Dec 18 12:57:50 2012VPN Logloading secrets from '/etc/ipsec.d/ipsec.secrets'
Dec 18 12:57:57 2012VPN Log(qknips1): deleting connection

So i'm logged during 7 seconds... Why ?

Can anyone help me ??

When i try with the integrated Windows client VPN, logs are just more filled...^^

HELP ! \o/

Thanks (and sorry for my bad english^^)

1 Accepted Solution

Accepted Solutions

jonatrod
Level 7
Level 7

Good morning

Thanks for using our forum

Hi Skip my name is Johnnatan and I am part of the Small business Support community. IĀ“ve seen your post, and I can see you are using Windows 7 and you disable your firewall in order to test your connection. We have to modify some configuration in the computer and the router in order to resolve your problem.

Computer

As you are using Windows 7, you have to  turning on the Windows firewall and create 2 rules, also make sure the Ipsec communication is allowed, you can do this follow these steps:

http://www6.nohold.net/CiscoSB/Loginr.aspx?login=1&pid=2&app=search&vw=1&articleid=2922

Router:

Go firewall > Basic settings and

   Disable: Block WAN Request

   Enable:Remote Management

Go VPN > VPN Passthrough and make sure everything is enable.

I hope you find this answer useful, if it was satisfactory  for you, please mark the question as Answered. Please rate post you consider useful.

Greetings,

Johnnatan Rodriguez Miranda.

Cisco network support engineer.

ā€œPlease rate useful posts so other users can benefit from itā€ Greetings, Johnnatan Rodriguez Miranda. Cisco Network Support Engineer.

View solution in original post

5 Replies 5

jonatrod
Level 7
Level 7

Good morning

Thanks for using our forum

Hi Skip my name is Johnnatan and I am part of the Small business Support community. IĀ“ve seen your post, and I can see you are using Windows 7 and you disable your firewall in order to test your connection. We have to modify some configuration in the computer and the router in order to resolve your problem.

Computer

As you are using Windows 7, you have to  turning on the Windows firewall and create 2 rules, also make sure the Ipsec communication is allowed, you can do this follow these steps:

http://www6.nohold.net/CiscoSB/Loginr.aspx?login=1&pid=2&app=search&vw=1&articleid=2922

Router:

Go firewall > Basic settings and

   Disable: Block WAN Request

   Enable:Remote Management

Go VPN > VPN Passthrough and make sure everything is enable.

I hope you find this answer useful, if it was satisfactory  for you, please mark the question as Answered. Please rate post you consider useful.

Greetings,

Johnnatan Rodriguez Miranda.

Cisco network support engineer.

ā€œPlease rate useful posts so other users can benefit from itā€ Greetings, Johnnatan Rodriguez Miranda. Cisco Network Support Engineer.

Ok, thanks.

I tried this solution, and I finally had a succesfull connection !

But i'm still don't understanding why I failed without any firewall, but i've succeed with an activated firewall and 1 rule !!

No firewall means no blocking.. isn't right ?

Well... the SSL VPN is working, thanks !

But, and for the IPSec VPN ? Have you any tips for me ?

Which VPN client should i use ? The integrated microsoft vpn can work ? I read somewhere that it didn't support pre-shared keys !...

Thanks !

Hi Skip, IĀ“m glad you fixed your problem, about the Ipsec VPN, you can set up a ā€œClient to Gateway VPNā€ (and yes it supports pre-shared key), you can check this document it will help you to configure it

http://www6.nohold.net/CiscoSB/Loginr.aspx?login=1&pid=2&app=search&vw=1&articleid=624

Also if you want a configure a Microsoft VPN ( PPTP VPN), you can follow this instructions

http://www6.nohold.net/CiscoSB/Loginr.aspx?login=1&pid=2&app=search&vw=1&articleid=570

http://www6.nohold.net/CiscoSB/Loginr.aspx?login=1&pid=2&app=search&vw=1&articleid=2957

I recommend you use any of the VPN, since all work smoothly

Cisco has a very useful tool called GuideMe, is made for small business products, and your device is in this category, you can use this address for accessing the tool:  http://sbkb.cisco.com/CiscoSB/Loginr.aspx?alt1=&pid=4&eroute=Super , is very easy to use, just complete the 3  spaces on this way:

Select a category: (Select the device type on request), e.g. Routers

Enter model: (Type the model on request), e.g. RV042

Question: (Type what  you want to know  about the device), e.g. VPN

And it'll be showing all the information you need about what you wrote.

I hope you find this answer useful, if it was satisfactory for you, please mark the question as Answered. Please rate post you consider useful.

Greetings,

Johnnatan Rodriguez Miranda.

Cisco network support engineer.

ā€œPlease rate useful posts so other users can benefit from itā€ Greetings, Johnnatan Rodriguez Miranda. Cisco Network Support Engineer.

SkipSkip75
Level 1
Level 1

Hello,

When i try to connect with windows VPN integrated, it fail...

There are the logs of the router :

[EDITED]

What does all of this means ?^^

Thanks.

Ce message a ƩtƩ modifiƩ par: Skip

Hello Skip,

I am not sure what settings you have to set up in the client to gateway section for the built in IPsec client for windows but I do know if you use the PPTP server option in the router and create a VPN client on your windows it will connect with a PPTP connection. That has been the only connection I have been able to get working with the built in VPN client with windows. The problem is I don't know what settings to use for phase 1 and phase 2.

Also just a FYI, you don't have to set up client to gateway to set up QVPN.. all you have to do is create a username and password and your good to go. Since QVPN is a utility it use built in windows services.. so on Windows vista/7 when you disable your windows firewall it will turn off the IKE and IPsec services built in windows.

Hope this information helps!

Thanks,

Clayton Sill

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: