cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7352
Views
5
Helpful
20
Replies

RV042 Client setup

geoffrey5239
Level 1
Level 1

I am having trouble setting up a Cisco RV042 router which I want to use because of its dual WAN feature to replace a DLink-615.

I use the router to connect from Israel to a VPN provider in the UK.

The settings that presently work on the Dlink that I need to replicate for the RV042 are as follows:

Connection Type - PPTP with Dynamic IP

Obtain DNS server address automatically

Username,Password and VPN server address

Encryption MPPE 128 bit

Authentification algorithm – MS-CHAP-V2

The RV042 has firmware V4.2.2.08 and the settings I have used so far are as follows:

WAN1 connection type  PPTP

WAN IP address to the UK VPN server address .

I have left the subnet Mask as 255.255.255.0 and the default Gateway Address as 0.0.0.0

My VPN username and password

The DHCP setup is set to enable DHCP Server

I set the DNS Server (required) 1: to 8.8.8.8 and leave everything else blank

This does not connect

Is it possible to setup the RV042 to work in the way the Dlink-615 works?

1 Accepted Solution

Accepted Solutions

Geoffrey,

The RV042 does not support IPSec/L2TP. More importantly, it cannot function as a VPN client so there is no place to enter a username or password. It is strictly a VPN server for IPSec Gateway to Gateway, IPSec VPN client access and PPTP client access.

- Marty

View solution in original post

20 Replies 20

geoffrey5239
Level 1
Level 1

According to Cisco technical support what I want to do is impossible.  The problem seems to be that since I cannot do an encrypted PPTP connection with the RV042 even establishing a L2TP connection will not be possible.  For secure VPN operation this router seems to depend on being attached to a computer running encryption software rather than it working on its own.  Please tell me if I am wrong.

Hi Geoffrey, the router on the far end, is this a VPN server?

The PPTP WAN option on the router is expecting to authenticate ISP connection to provide internet connectivity, much like PPPoE.

I also wouldn't be surprised if you see log message from attempts to connect. "pptpd" would be considered a server error while "pppd" is client error message. The router is not designed to work as VPN client capacity. It is designed to be VPN server for IP client connection, PPTP client connection and IPSEC gateway to gateway connection.

If your goal is to interconnect 2 remote site, you may want to try IPSEC gateway to gateway VPN if the far end router supports this.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

Tom

Many thanks for your response.

The far end server does support either straight PPTP or IPSec/L2TP clients but I have been told that authentication and encryption are needed for the PPTP connection.

I am not clear whether this would also be needed for a IPSec/L2TP connection - can you please clarify re this.

Should I be able to use the RV042's built in  Gateway to do an IPSec/L2TP connection?

Geoffrey,

The RV042 does not have L2TP functionality, either for site to site or client VPN. For site to site VPN, IPSec is the only option. You should check if the other end supports IPSec tunnels.

- Marty

Marty

If the other end will support IPSec tunnels would I be able to use this using what is built into the RV042 without needing PPTP encryption ?

Geoffrey,

Yes, most site to site tunnels use IPSec as it has stronger security than PPTP.

- Marty

SamirD
Level 5
Level 5

The other thing you can do is just leave the Dlink in place and set the rv042 in the Dlink's DMZ.  This way, the dlink will handle the PPTP and just provide and IP address to the rv042.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Using the rv042 on its own I thought that I just needed to go to the VPN Gateway to Gateway menu and fill in only these fields?

So far this has not worked.

My far end server people have told me what is needed for most of the fields but I notice that there is nowhere where I fill in my user password.

This does not seem correct.

Am I missing something ?

Geoffrey,

For a site to site tunnel you should use a preshared key. It sounds like you are attempting to set the RV042 up as a VPN client. It should be set up as a Gateway to Gateway VPN tunnel, not Client to Gateway. Was the D-Link set up as a PPTP client? The RV042 does not have settings for that.

- Marty

Marty

I am setting the RV042 as a Gateway to Gateway VPN tunnel with a pre shared key.

The server people have only told me this:

Local net/mask: Remote IP: Remote local net/mask: 192.168.100.0/24

He has to enter somewhere his username and password. But where exactly

- I don't know, as I don't have that router handy.

However on the Gateway to Gateway screens  there seems to be no way of entering the password that the distant server needs.

Do I need to be filling in the VPN Client Access screen which does have password fields?

Geoffrey,

The VPN Client screens are for if you want to set up the RV042 as a server for clients to connect to from other locations. The remote router is set up for client connections only, not gateway to gateway.

On the gateway to gateway setup page, you will see all of the information that you need to match on the remote router. Some of the information that you will need to match EXACTLY on the remote router:

IPSec Setup

Keying Mode

Phase1 DH Group

Phase1 Encryption

Phase1 Authentication

Phase1 SA Life Time

seconds

Perfect Forward Secrecy

Phase2 DH Group

Phase2 Encryption

Phase2 Authentication

Phase2 SA Life Time

seconds

Preshared Key

- Marty

Marty

My server people say :

Unfortunately this router does not support the type of IPSec connection we are  supporting, which is IPSec/L2TP

Is this really true ?

If I am only able to fill in the IPSec screen there seems to be no way of entering my name and password.

Is this the problem ?

Geoffrey

Geoffrey,

The RV042 does not support IPSec/L2TP. More importantly, it cannot function as a VPN client so there is no place to enter a username or password. It is strictly a VPN server for IPSec Gateway to Gateway, IPSec VPN client access and PPTP client access.

- Marty

There's a couple of different ways to implement a VPN:  Site-to-Site, Client-to-Site, and a few others I can't think of immediately.

Anyways, the rv042 is deisnged for site-to-site and client to site on certain protocols.  The dlink is doing a client to site using pptp, which is not a supported implementation by the rv042.

A way around this issue is to use the dlink as a 'modem' to connect to the vpn via pptp and then connect the rv042 behind the dlink as your main router.

You mentioned you were replacing the dlink because of the dual wan feature of the rv042.  If you only have this one wan, and it's connected to your vpn via pptp, there's no reason to even have the rv042 as the dual wan will do nothing more than the dlink can.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: