cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3366
Views
0
Helpful
8
Replies

RV320 VPN over USB1

mzeilenga
Level 1
Level 1

I setup the RV320 and am using the USB1 interface until I get my permanent WAN interface ordered.  I can get to the internet with no issues.  I setup EasyVPN and PPTP but cannot get access remotely into the VPN.  I setup an access rule to allow ALL traffic from USB1 into the network. I also created a user in the User management page. 

When trying to connect with the Cisco VPN Client I get the following in the router log file:

Aug 1 13:42:04 2013VPN Logpacket from 70.155.120.114:22520: [Tunnel Authorize Fail] no connection has been authorized with policy=PSK+AGGRESSIVE+XAUTHPSK+XAUTHSERVER
Aug 1 13:42:04 2013Connection AcceptedIN=ppp3000 OUT= MAC= SRC=70.155.120.114 DST=166.156.174.130 DMAC=45:00:03:7f:95:8c SMAC=00:00:6d:11:a0:b5 LEN=895 TOS=0x00 PREC=0x00 TTL=109 ID=38284 PROTO=UDP SPT=22520 DPT=500 LEN=875

When trying to connect via PPTP I get the following error at the client:

Error 678: The remote computer did not respond.

What am I missing?

Does the USB1 interface allow remote access?

Thanks

8 Replies 8

Hi,

check your VPN config. Looks like router and client policies don't match.

You dont need the ACL for this.

Regarding PPTP, I also can't make it work.

Regards

Michal

The only place I can find anything related to Aggressive Mode is under the Advanced Settings for IKE w/ Preshared Key.  This advanced settings button is on the Gateway to Gateway configuration page.  That's not what I want to configure.  The documentation seems to show that a button should also exist in the Client to Gateway screen but I don't see anything. 

How do you change the policies at the client?  Doesn't look like much to mess with to me in the Cisco Client software.

Hi Mark

Please refer the link below for RV320 admin guide.

http://www.cisco.com/en/US/docs/routers/csbr/rv320/administration/guide/en/rv32x_ag_en.pdf

Thanks

Michal

I've got the manual.  I'm upgrading firmware now.  It's been 45 minutes already and not done yet.  Me thinks there's a problem.   Do I just reboot or wait longer.

      

--

I finally rebooted and got reconnected.  It showed the firmware version but some of the GUI interface was showing correctly.  So I decided to reflash again, this time using USB instead of PC.  Went real fast this time.  Gave me a message to wait 45 seconds and if nothing happens hit login button.  Waited, hit login.  -Nothing.  I've tried to reset it to factory default.  Now I can ping 192.168.1.1 but can't get to the GUI.  Very frustrated now.  Wasted a whole day.  I guess I need to call Cisco now.

Firmware update doesn't take that long.

It is already done or it crashed and you'll have to recover.

mpyhala
Level 7
Level 7

Mark,

Who is the ISP for your USB modem? Some wireless ISPs are known to block VPN traffic.

- Marty

It's from Verizon.   We use them for other remote vpn's we send to customer sites for temporary remote support using cellular connections.

Cisco tried to help me recover the firmware and totally locked it up.   I'll be exchanging it for another.

mzeilenga
Level 1
Level 1

Just an update.   Finally on my 3rd RV320 I was able to get the current firmware loaded w/o the unit locking up.  I used XP instead of Win7 this time just in case that was the problem.

I did get the SSL VPN to function over the USB1 modem.  No luck still with EasyVPN or PPTP.

My SSL VPN drops me into VLAN4 with address of 192.168.4.x.  I can PCAnywhere to a PC on that VLAN and from there get to devices on VLAN3 (192.168.3.x) which is my mgmt VLAN by creating some access rules for that one PC we connect remotely into.

I've tried various rules to let me get directly to the mgmt VLAN direct from the remote PC but have not had any luck.  Any thoughts on what to try?  I have InterVLAN routing turned on for VLAN3 and VLAN4.  I need access to devices on both VLANs so it's not just a matter of changing the SSL remote users ip to 192.168.3.x.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: