Re: RV340 Cannot Create PPTP server within subnet - Page 2

Chet Prokop · ‎07-14-2017

Setting up customer RV340 - needs to use PPTP VPN with Win10 VPN service.

When configuring PPTP Server tab, set start and end IP addresses to a small range within an unused group of IPs in the scope of the working subnet. Regardless of where I try to set in 8 IPs, I get a subnet range error! See jpg

We've set up PPTP in RV320's with ease. Not sure what I'm missing here, but not able to set the IP range in the working LAN range used.

What am i missing?

Chet/Houston

Chet Prokop, PE, PhD
Cisco Select Partner
SMB - IT and Telecom Services
Houston, TX

marioesp · ‎11-17-2017

Greetings,

please refer my reply about you need to disable CHAP/CHAP2 and use PAP only.

Mario Espinoza
.:|:.:|:. Cisco Small Business TAC
Email: marioesp@cisco.com
Shift Hours: Monday - Friday from 9:30 AM – 7:00 PM (EST)

Most of our Product documentation and Solutions to commonly asked questions can be found at
http://www.cisco.com/go/smallbizsupport

Cisco Support Frontline Phone Number: +1 866-606-1866
Cisco Support Worldwide Contacts:
https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

meisterfloh · ‎06-08-2019

please show your vlan settings because pptp cannot be installed

kotakomputer · ‎10-12-2021

@Jorge Obregon Jorge can you show your VLAN Setting?

I just buy new RV340 and still can not use same range IP.

My VLAN is 10.10.1.0/24 and DHCP 10.10.1.100-199, but I error when I enter 10.10.1.200-225 for PPTP.

PPTP only works using different subnet like 10.10.2.0/24.

I have RV130W and RV180W working fine, but RV340 is very strange.

chrisw · ‎08-27-2017

I have the same problem with a Client to Site VPN.

Based on the reply you had I suspect they are checking other VPN's for the subnet which is rediculous.

In the case where you have a local Class C being routed back to a main office local subnet 192.168.1.0/24 and main office 192.168.2.0/24

It doesn't appear you can now have a VPN to the local subnet, eg PPTP resolving to an IP range of 192.168.1.200-192.168.1.210 as it overlaps the subnet in the other VPN, however they have nothing to do with each other and this works in every other setup I have ever encountered including the RV320

I upgraded because I was having too many issues with the RV320, now with site-site VPN dropping routes, no SSH support, can't even diagnose routing issues because the VPN's are not shown in the routing table, this RV340 is starting to look like even more of lemon. It does have nice speed.

Chris

Sebastian1 · ‎10-07-2017

Hello

This is the same with me.
Did someone fix it?

marioesp · ‎11-17-2017

Greetings,

about how to configure PPTP on Windows 10, what you need to do is disable CHAP/CHAP2 negotiation on the PPTP security setting, so far, there is known-issue on RV340/RV345 and it's only using PAP (developers are actively working on this to improve it.).

the configuration must be like this:

Mario Espinoza
.:|:.:|:. Cisco Small Business TAC
Email: marioesp@cisco.com
Shift Hours: Monday - Friday from 9:30 AM – 7:00 PM (EST)

Most of our Product documentation and Solutions to commonly asked questions can be found at
http://www.cisco.com/go/smallbizsupport

Cisco Support Frontline Phone Number: +1 866-606-1866
Cisco Support Worldwide Contacts:
https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

hodei.urra · ‎12-12-2017

Hi, it works for me. I have used cisco user and 2 new users too, all of them in admin group.

Use a pptp just with PAP, with no encryptation is a workaround, but cisco must solve this option because the router gives the option to 128 encriptation. I need to know if this issue will be solved in the next firmware, 1.0.01.18 or newer.

I have bought this router a day ago, and I am thinking to return it. I feel lied with this solution op PAP only, works better my old RV320.

And now, if I want to use the VPN, I must check the option "Use default gateway on remote network", that in the rv320 is not mandatory

"Use default gateway on remote network": all Internet traffic over the VPN,

Since1953 · ‎12-13-2017

I returned mine. Using a Luxul Epic 5. Much simpler to use, less features,
but has Router Limits built-in.

hodei.urra · ‎12-18-2017

I returned mine too

JohnBecich · ‎02-25-2019

This is an obvious BUG in the RV340's firmware, as PPTP server function worked in predecessor equipment RV320. Chet Prokop said so, and I believe him. Has Cisco fixed this bug yet?

cbjwthwm · ‎02-27-2019

I wouldn't waste your time thinking Cisco has any intention of fixing this PPTP server support. Ubiquiti Edgerouter Lite & X work well for this application, just except more pain programming it via a combination of GUI, config tree (like a registry editor for the router) and some command line operations.

Their PPTP performance is vastly superior to the RV320 anyway...I had to replace a functioning and stable RV320 at one site as it couldn't pass more than 2 Mb through the tunnel, and they have made no effort to improve that performance despite multiple firmware revisions and posts in these forums about the terrible throughput.

Bottom line, if PPTP is required or is important, forget modern Cisco products and use Ubiquiti. I prefer programming Cisco RV series routers, but the RV320 and beyond perform badly for PPTP--and in the case of the RV34x series they are effectively intentionally lobotomized.

yuibin · ‎04-23-2019

My LAN is 192.168.1.0/24 and PPTP Server IPs are set to 192.168.2.10-192.168.2.20. Just like everyone, I was not able to access 192.168.1.0/24 network, until I apply a fixed route from CMD:

route add 192.168.1.0 mask 255.255.255.0 192.168.2.1

I then create 2 .BAT files:

VPN-C.BAT:

rasdial MyOfficeVPN username password

route add 192.168.1.0 mask 255.255.255.0 192.168.2.1

VPN-D.BAT

route delete 192.168.1.0

rasdial MyOfficeVPN /disconnect

luisparadisi · ‎08-06-2021

Hello, I'm sorry to bother you, I have a damaged RV042G and I'm going to change it for an RV340,
did the pptp server work for you within the same network range?

nagrajk1969 · ‎10-13-2021

Hi

Even if using a ip-range from the same lan-subnet as ip-pool for vpn-clients is allowed on some platforms/vendors (and most of them are legacy/older routers), it does not necessarily means that its safe or secure or wont create problems subsequently in future

There are some valid reasons for not using same subnets as ip-pools in the vpn-server configs (primarily to avoid needing to enable Proxy-ARP which is a very dangerous setting to enable in any normal circumstances on a network). To have better understanding of the issues and why/what/how of NOT allowing the use of same subnets as ip-pools, refer to the discussion/points-raised in the link below. Maybe it maybe of some use to understand, or you could simply ignore and make your own informed decisions of network deployments

https://community.cisco.com/t5/vpn/ip-range-vpn-client-remote-access/m-p/4425731/highlight/true#M279109

thanks & best wishes always