1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

6 Step Approach to Quickvpn

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by DocLarge, Apr 17, 2005.

  1. DocLarge

    DocLarge Super Moderator Staff Member Member

    Peops,

    here's a brief 6 step approach I've used with a few people that seems to help get quickvpn working if you're stuck with the wrv54g until they put the NAT-T patches in a firware release:


    1) Disable pptp and L2tp on the wrv54g
    2) Disable all vpn port forwarding (500, 1701, 1723, 4500) to limit background process interference
    3) Disable all vpn settings (tunnel, gateway, IKE)
    4) Make sure quickvpn is the "only" client loaded on your machine (it won't work if another one is present
    5) Enable Ipsec on the WRV54G
    6) Check under services and make sure Ipsec is running

    > These are just the general ground rules to start out with. One last thing to consider is if you're getting "verifying network," check
    your mtu setting. At times, you have to lower it to avoid fragmentation of the data packets.

    As always, what's outlined is just a "baseline." As you start having
    success's, start varying your configuration. Check out this post to see the headway that's been made recently by Chris547 (using greenbow with quickvpn paramters to connect from behind a NAT router to another NAT router):

    http://www.linksysinfo.org/modules.php?name=Forums&file=viewtopic&t=3608

    Doc
     
  2. RockyRouter

    RockyRouter Network Guru Member

    Thanks Doc!
    Using your advice, I finally succeeded in reaching the RV082 on my home network, from my laptop at a local hotspot, via QuickVPN. The last obstacle was uninstalling the Netscreen VPN client that I sometimes used to connect to my work VPN. It had tied up the IPSec service and would not let it start. With it removed, the tunnel came up and I was able to access my mounted network drives as if I were at home.

    At the risk of asking a dumb question, I would like to use the VPN to secure my casual browsing and email while at a public unencrypted hotspot. Is there a way to force all of my internet traffic to traverse the secure VPN to my RV082, before hitting the open internet?
     
  3. DocLarge

    DocLarge Super Moderator Staff Member Member

    From my own perspective. when I finally got my tunnel up, I mapped a drive to my "documents and settings" and went to one of the profiles I used on the local computer. Through the vpn tunnel, I went to the administrator profile and clicked on the shortcut to internet explorer I'd created before leaving the house. It worked like a charm!! Bearing in mind, I did this from someone else's house.

    But wait, here's bright spot; quickvpn "does work" in a Wi-Fi environment. In Arizona, I was able to a wireless hotspot at a local bookstore (Borders) and connect to my home network using they're wireless network. If you do the same as I did above (create an IE shortcut on the desktop of a profile you use or just put it in a directory and connect to it via quickvpn) you should be able to.

    Let me know if I answered your question because I tend to get "caught up" at times :) :)

    Doc
     
  4. timomai

    timomai Network Guru Member

    Hello,
    Although i did all what you wrote (the 6 steps), my quickvpn (on win xp pro sp2) still does not connect to a wrv54g routeur :-(

    I have the "verifying network" for a few seconds and the it then"the remote gateway is not responding ..."

    At the beginning, I thought there was a problem with ipsec but after sniffing the network (on the remote computer where the quickvpn is), I think ipsec works well.

    Here is a paste of my log (ethereal), if someone does understand this and has a solution, it would be great ;-)

    IP_quickvpn and IP_wrv54g : the ip of the remote computer whtere quickvpn runs and the ip of the wrv54g routeur.




    4 5.334632 IP_quickvpn IP_wrv54g TCP 2183 > https [SYN] Seq=0 Ack=0 Win=65535 Len=0 MSS=1440 WS=2
    5 5.396336 IP_wrv54g IP_quickvpn TCP https > 2183 [SYN, ACK] Seq=0 Ack=1 Win=5600 Len=0 MSS=1400 WS=0
    6 5.402040 IP_quickvpn IP_wrv54g TCP 2183 > https [ACK] Seq=1 Ack=1 Win=256200 Len=0
    7 5.404081 IP_quickvpn IP_wrv54g SSLv2 Client Hello
    8 5.472403 IP_wrv54g IP_quickvpn TCP https > 2183 [ACK] Seq=1 Ack=149 Win=5600 Len=0
    9 5.481712 IP_wrv54g IP_quickvpn TLS Server Hello, Certificate, Server Hello Done
    10 5.496735 IP_quickvpn IP_wrv54g TLS Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
    11 5.601453 IP_wrv54g IP_quickvpn TCP https > 2183 [ACK] Seq=767 Ack=339 Win=5600 Len=0
    12 5.635947 IP_wrv54g IP_quickvpn TLS Change Cipher Spec, Encrypted Handshake Message
    13 5.651757 IP_quickvpn IP_wrv54g TLS Application Data, Application Data
    14 5.727939 IP_wrv54g IP_quickvpn TCP https > 2183 [ACK] Seq=818 Ack=613 Win=5600 Len=0
    15 9.508434 IP_wrv54g IP_quickvpn TLS Application Data, Application Data
    16 9.511221 IP_wrv54g IP_quickvpn TCP https > 2183 [FIN, ACK] Seq=1164 Ack=613 Win=5600 Len=0
    17 9.526101 IP_quickvpn IP_wrv54g TCP 2183 > https [ACK] Seq=613 Ack=1165 Win=255036 Len=0
    18 9.527112 IP_quickvpn IP_wrv54g TLS Encrypted Alert
    19 9.527898 IP_quickvpn IP_wrv54g TCP 2183 > https [FIN, ACK] Seq=642 Ack=1165 Win=255036 Len=0
    20 9.595085 IP_wrv54g IP_quickvpn TCP https > 2183 [RST] Seq=1165 Ack=3472550865 Win=0 Len=0
    21 9.598531 IP_wrv54g IP_quickvpn TCP https > 2183 [RST] Seq=1165 Ack=3472550865 Win=0 Len=0
    22 23.591940 IP_quickvpn IP_wrv54g ISAKMP Identity Protection (Main Mode)
    23 23.664425 IP_wrv54g IP_quickvpn ISAKMP Identity Protection (Main Mode)
    24 23.690135 IP_quickvpn IP_wrv54g ISAKMP Identity Protection (Main Mode)
    25 23.987935 IP_wrv54g IP_quickvpn ISAKMP Identity Protection (Main Mode)
    26 24.004438 IP_quickvpn IP_wrv54g ISAKMP Identity Protection (Main Mode)
    28 25.152451 IP_quickvpn IP_wrv54g ISAKMP Identity Protection (Main Mode)
    29 27.152921 IP_quickvpn IP_wrv54g ISAKMP Identity Protection (Main Mode)
    32 31.152194 IP_quickvpn IP_wrv54g ISAKMP Identity Protection (Main Mode)
    33 33.217266 IP_wrv54g IP_quickvpn ISAKMP Identity Protection (Main Mode)
    34 39.137349 IP_quickvpn IP_wrv54g ISAKMP Identity Protection (Main Mode)
    38 53.205107 IP_wrv54g IP_quickvpn ISAKMP Identity Protection (Main Mode)
    39 55.106616 IP_quickvpn IP_wrv54g ISAKMP Identity Protection (Main Mode)

    after few seconds I pressed the OK button on the window saying "the remote gateway does not respond..."

    104 87.092233 IP_quickvpn IP_wrv54g ISAKMP Informational


    btw I do not understand the"Encryptec alert"...
    thank you in advance
    Franck
     
  5. TazUk

    TazUk Network Guru Member

    Is XP's built in firewall enabled or disabled?
     
  6. timomai

    timomai Network Guru Member

    it is disabled. I've got an other firewall sygate pro enable. But when i turn sygate off, the vpn connection still does not work :-(

    Franck
     
  7. JayS

    JayS Network Guru Member

    i just updated my rv042 to 1.3.3 and finnaly get the client user list!

    BUT, where do i configure the settings for QuickVPN? It has no configuration options what so ever unless the version i got is bad?

    I thought i was getting a good deal buying this unit, it seems it is not nearly a piece of cake i thought it would be! From what i read using the Windows XP VPn client is not an option?
     
  8. DocLarge

    DocLarge Super Moderator Staff Member Member

Share This Page