cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7672
Views
0
Helpful
17
Replies

QVPN Works Only When.....

Alejandro Gallego
Cisco Employee
Cisco Employee

This is not a rare problem that only happens when we use a certain OS with a certain router on a certain day. It is no secret that QVPN can be problematic and inconsistent. This thread is meant for everyone to post both success and failure with the software. This thread is NOT meant as a place to rant about how much of a failure Cisco, QVPN or Router X is. This is meant to be constructive and to assist in finding common problems with particular scenarios.

BEFORE you post please read this post in its entirety so your voice can be heard. Cisco is not in the business in creating software that is incomplete or use its customers for testing incomplete code; even though it may appear to be the case with QVPN. That being said, this is how to post on this thread and how NOT to post.

A constructive post:

I have a WRVS4400N v2 router with FW 2.x.x; my internet connection is DSL and the modem is in "Bridge" mode. My public IP address is on my WRVS which is 34.x.x.x (Please do not post your full IP address). My local network (LAN) IP address is 172.16.x.x /24 and I am trying to connect from multiple locations. Being at a cafe, friend's house, and from work all with no success. From all locations the application hangs on "Preparing Network" and will time out. If I look on the router via remote management I see my user name as connected but the application timed out.

OS is Vista 32bit

A non-constructive port: (will be ignored)

This thing has never worked and I have tried everything. I have a WRVS router that never does what I tell it and port forward fails all the time. My computer is a PC and it works everywhere so I know its not my modem. Cisco needs to refund my money and I want a new Cisco 3950 and PiX firewall.......

(you get the picture)

Because QVPN creates an IPSec tunnel here are some pre-requisites which are not directly related to QVPN. Please make sure these conditions exist before posting your problem.

Remote and Local networks cannot be the same (ie. 192.168.1.0 and 192.168.1.0). It would be a good idea to set up your router with an IP address (local) to something like this: 192.168.247.0 /24. This is an address that is not very common and would assist eliminating known issues.

If you are running Vista make sure your Firewall is ON and QVPN is in the list of allowed programs (this has nothing to do with the application as this is typical OS behavior) if you have XP the firewall needs to be OFF or QVPN in the list of allowed programs.

For you W7 users follow the advice for Vista, if you have problems installing or running the client, right click the .exe file and run it under compatibility mode. Again this has nothing to do with the client as much as has to do with a brand new OS. The same problems existed when Vista first came out.

If you are really having problems please create a post or call Cisco Small Business Support at 1.866.606.1866 and start a case.

Again the purpose is to try to find common links in configurations which have no problem connecting and to those which are not able to connect using QVPN. This is a discussion where as a community we can work together and correct or find work arounds to QVPN problems.

Thank you,

Alejandro.

17 Replies 17

Laurent,

When things just stop working, it usually points to one of two things:

1. Your ISP has helped you stop getting traffic on the ports necessary for VPN connections

                          or

2. Your hardware has failed.

The best plan of action is to review the logs from your QVPN client software and post the last part of them here. Please remember to edit the public IP addressing out. These logs are often very useful when determining the problem with the client. Usually it can be attributed to a username and password or an internet connection being down, but if you have done the troubleshooting you say you have then I think we can rule out the small stuff.

If it turns out to be your isp, (click here to learn how to tell) then you have to tell them to unblock your ports.

If it is your hardware.... contact the Small Business Support Center near you ( here are the numbers) and see if you are entitled to an rma. If not, buy a new one.

Bill

Hi Bill,

thanks a lot for your answer.

It seems that my ISP has blocked port 500...

No one there can tell me why, but this doesn't matter, as we are going to move our office in two weeks, so there's gonna be a change of internet connection... and ISP.

We'll live with the temporary down VPN, and I'll post some feed-back here when I try the exact same settings on the new connection.

Regards

Our situation:

  • Using a SA 520...
  • We have the latest firmware 1.21
  • The latest QuickVPN 1.4
  • A ip address, for the device can be pinged, but I believe the ports are blocked
  • Can the device block the ports or require a list to be created?
  • We spent 2 1/2 hours on the phone with Cisco and ISP provider, we had a brief connection, but now nothing...
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers