cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1054
Views
0
Helpful
0
Replies

Cisco RV180 open VPN tunnel toward an OpenVPN server

yannick.arnault
Level 1
Level 1

Hi,

I recently get a Cisco RV180 and I don't understand how to setup a VPN tunnel where the RV180 is the VPN client and the remote VPN server is an OpenVPN server.

My concrete case is I have a VPN service at Usenetserver provider, and want to setup my RV180 so some of my local Network clients (Apple TV or BluRay player, so not possible to use any OpenVPN client on these "clients" devices) are connecting to internet through the VPN service @Usenetserver (to show up with a US public IP so all services would works on these devices) .

My understanding is I have to first create an IKE Policy, then a VPN policy (?) but I'm getting lost when trying to match the RV180 configuration screen and the information I have about the OpenVPN destination server. If I look at the .opvn file from the OpenVPN service here is what I can see (before the "--BEGIN CERTIFICATE--")

client
dev tun
proto udp
remote Mytarget-VPN-server.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
persist-remote-ip
#ca vpn.crt

tls-client
remote-cert-tls server
auth-user-pass
comp-lzo
verb 3

auth SHA256
cipher AES-256-CBC

<ca>

For Example I think I have to chose in the IKE policy "RSA-Signature" for the "Authentication Method" but how does it know what certificate to use (even if I have imported only one in the RV180 so far) ?

Also not sure about the choice for the Local and Remote Identifier Type that I should choose?

reading here from

http://sbkb.cisco.com/CiscoSB/GetArticle.aspx?docid=74d10d8ca7344c8fa1e4030d9d01668e_IKE_Policy_Settings_on_RV180_and_RV180W_VPN_Routers.xml&

the below

Step 6. From Local Identifier Type drop-down menu, choose the type of identity the profile has.

• Local WAN (Internet) IP — This option connects through the Internet.

• FQDN — This option is a Fully Qualified Domain Name such as www.example.com. Enter a domain name or an IP address in the Identifier field.

• User-FQDN — This option is an user email address such as user@email.com. Enter a domain name or an IP address in the Identifier field.

• DER ASN1 DN — This option is a distinguished name that uses DER ASN1 to transmit information. Enter a domain name or an IP address in the Identifier field.

I would think I have to go for "Local WAN 5Internet) IP" & "Remote WAN (Internet) IP" ?

And about the "Diffie-Hellman (DH) Group" I just have no clue...

Am I trying to do something that is not possible (meaning I should not have bought a Cisco RV180 ? ) Or just I don't understand how to do it?

Usenetserver support said they only support customer using DD-WRT or Tomato Router, so I'm wondering if they don't know how to assist with the Cisco or if it is just not compatible with their OpenVPN solution...

Help would be greatly appreciated !

0 Replies 0