1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Connecting PDA (Pocket PC) to VPN (WRV54G)

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by HercNav, Apr 2, 2006.

  1. HercNav

    HercNav LI Guru Member

    As always, tech support sucks! Call the software developer, they pass you off on the manufacturer; call the manufacturer, they say call the software developer.... In every case, they say contact your network administrator. These are for personal use, so that's me.

    Normally, I wouldn't care, but retailers are advertising, "VPN service is provided using IPsec. IPsec clients are included in most current desktop and notebook OSes, as well as in Palm OS and Windows Mobile 2003 for Pocket PC; third-party IPsec clients should be available for most older devices" I own both the WRV54G and a Pocket PC, so I'm going to hold them to it....

    What are the appropriate settings on the WRV54G? Also, using the default Pocket PC software, what setting (if any) will connect my PDA (SX66) to my WRV54G?

    If there's just no way to do this with the default Pocket PC software, what third-party software (again, if any) will accomplish this and/or is recommended by this forum?

    The options on my Pocket PC specify a Domain, Username and Password, and if I use IPSEC/L2TP, a pre-shared key. I've tried using the same username/password that I created in VPN Client Access (for QuickVPN) and the domain that I specified in Basic Setup, but that still doesn't work (tells me to, "Verify your username and password, and try again.")

    Any word of Linksys QuickVPN Mobile?....
  2. TazUk

    TazUk Network Guru Member

    A lot depends on which carrier your using and whether they're running NAT, if they are it won't work.
  3. tvos

    tvos Network Guru Member


    I own the wrv54g and at the time the i-700 samsung. I purchased the SD 256mb wifi adapater which turned out to be buggy. I sent the wifi adapter back for 1gb sd card.

    Depending on your model of the pocket pc, you should be able to register the mac address, give the ppc a static ip and the ssid.

    Make sure you check with the vendor first to see if the wifi adapter is compatible.

  4. HercNav

    HercNav LI Guru Member

    Actually, I'm trying to connect the VPN over Cingular's GPRS.... Any thoughts about that?
  5. HercNav

    HercNav LI Guru Member

    Wi-fi is built in to the SX66. It works great to connect to the internet, but I haven't successfully used it as a means to connect to my VPN yet. It would be SO much nicer if I could use Cingular's GPRS, rather than be tied to a hot spot or someone else's access point, so that's my goal. I can troubleshoot both devices from the comfort of my own home that way. If it doesn't work, I'll run down to the nearest hot spot, give it a go, and report back....
  6. HercNav

    HercNav LI Guru Member

    Okay then, hypothetically, if I were connecting to the internet through Cingular's GPRS, and they weren't running NAT (whatever that is), what setting would I use to connect to my WRV54G? Would I set up a tunnel, gateway, etc.? If that were the case, I can guess that my Remote Secure Workgroup and Remote Secure Gateway would be set to "Any" right? How does my PDA's prompt for Username/Password play in this process? Do I actually need to setup that account in VPN Client Access? What Encryption/Authentication should I choose (DES/MD5)?

    My PDA offers the option to use a "certificate on this device" instead of a pre-shared key. What does that mean, and is it an option using the WRV65G?
  7. johnnyi

    johnnyi Network Guru Member

  8. HercNav

    HercNav LI Guru Member

    I downloaded both, and it looks like Bluefire VPN is the better match (it's also less expensive). The setup looks pretty straight-forward: Tunnel Gateway IP Address, SHA1/MD5, 3DES, PFS, Diffie Hellman Group (1024 bits), User's Identity (Device IP Address), and Shared Secret. I was dissappointed that it doesn't use FQDN, but that's not huge.

    I've tried DynDNS software on my PPC 2003, but it doesn't seem to update the address of the PDA's equivalent online name.

    It lists a Compression Algorithm, but I don't know enough about that to select other than "None." "Deflate" and "LZS" are the other two options. There are other options that I'm not familiar with, but selecting them seems altogether wrong: "Nortel Contivity Client Mode" and "Use XAuth." I assume it's not important to specify a Key Lifetime, as it's not an option in this software.

    After setting it up the best I know how, I can't get it to get passed IKE Phase 1. I expect the WRV54G is at fault. So, now I'm wondering if anyone has any advice as to how to set up the WRV54G.
  9. TazUk

    TazUk Network Guru Member

    I expect it's the lack of NAT-T support on the WRV54G that's the fault :x I'll give it a bash on my Treo 650 and see if I can get it going :)
  10. HercNav

    HercNav LI Guru Member

    Wouldn't setting the Remote Secure Gateway/Group to "Any" solve the problem with NAT-T? That is IF the WRV54G supported such a feature. Refer to my thread on "Any" as Remote Secure Gateway/Group:

    I'm currently not having any luck with the demos. I did find that the standard Windows Mobile 2003 defaults to one type of encryption/data rate for Pre-shared Key and another for RSA and Certificate. It's the latter that is compatible with the encryption within the WRV54G (go figure!) If anyone knows a quick way to produce and implement a certificate between the devices, I'd love to know. I've been through some tutorials on how to work with OpenSSL, but it's way over my head....
  11. TazUk

    TazUk Network Guru Member

    Nope, more info on NAT-T, (NAT Traversal), here :-


    I've tried the Bluefire VPN client on my Treo but there doesn't seem to be a way of changing the IPSec paramiters. You basically have an option of setting the VPN gateway IP and pre-shared key and that's about it :roll:
  12. HercNav

    HercNav LI Guru Member

    While editing a connection, click "Advanced" at the bottom left
  13. TazUk

    TazUk Network Guru Member

    There isn't one on the Palm version ;)
  14. HercNav

    HercNav LI Guru Member

    I have yet to find Client software for Pocket PC that is IPSec. It's all IPSec/L2TP, requiring a username/password. Here's a little info about Cingular GPRS:

    APN wap.cingular (login WAP@CINGULARGPRS.COM) puts your phone behind a NAT firewall and routes all traffic through a WAP gateway. This is supported with MediaNET and MediaWORKS plans. Does not allow tethering of a laptop or PDA for internet access.

    APN isp.cingular (login ISP@CINGULARGPRS.COM) puts your phone on a public (though not static) IP address and no WAP gateway. This is supported with a "PDA" or "data" plan -- *not* the same as any Media* package. Does allow tethering of a laptop or PDA for internet access.

    APN isp.cingular (login ISPDA@CINGULARGPRS.COM) is a "data accelerated" option, and works with the same plans as ISP@. It compresses some content (esp web traffic) for "enhanced" performance. Doesn't cost anything extra.

    All passwords are the same, just leave your default alone (CINGULAR1). Check your connection speed here:

    Get DynDNS for PDAs here:

    The search continues....
  15. HercNav

    HercNav LI Guru Member

    Okay, folks. The developers at BluefireSecurity.com are telling me that they are working on at least two projects before they start thinking about accommodating Linksys VPNs. It sounds like the only thing that will motivate them, is to make them aware of a significant demand for PDA Client software for Linksys VPNs. If you would like to help me and those like me, email these guys and tell them you are aware that no one has client software for the Linksys line of VPNs on PDAs, but that it looks like their existing software is the closest match that you've seen....

  16. HercNav

    HercNav LI Guru Member

    I successfully tethered my laptop to my PDA's GPRS using the USB cradle. The connnection is slow, but now I can surf the internet from just about any highway/interstate (where there are obviously no hot spots).

    I think anyone that is interested in connecting their laptop to their PDA's GPRS should first visit this site. The following describes a connection to a HTC Blue Angel (SX66, MDA III, PDA2K)


    Although they mention "Modem Link", I was able to use my PPC2003 default, "Wireless Modem."

    I stated that wap.cingular does not allow you to tether your laptop, but it is the Access Point Name that I used to connect my laptop to the internet (through my pda phone). In fact, it is the only APN, of the three listed, that I have successfully used to connect.

    Using wap.cingular, I had 50k @ 33kbit/sec

    I have found that QuickVPN hangs on "Verifying Network." Most likely, due to the NAT that wap.cingular uses. So that leaves me where I began: "How do I use my GPRS to connect to my VPN at home?"
  17. DocLarge

    DocLarge Super Moderator Staff Member Member

    Sooner Al (MVP) told me the problem I'm having with my connection may have something to do with netbios. As I've said before, I can "always" connect to my network through my pptp server (I can see the connection under "remote clients") but I can't connect to any resources. He suggested setting up a wins server in addtion to what I already have. I'm going to try that today.

    I think I mentioned this before, but in order to connect with gprs, the only way I know of right now is through a microsoft vpn server configuration. Al also put together an "Openvpn" pocketpc script that he was successful with:


    He also mentions about how he connected with pptp (I'm still trying myself):


  18. HercNav

    HercNav LI Guru Member

    Okay, Cingular maintains that there are no ports being blocked in either isp.cingular or wap.cingular. They also helped me though using both in order to tether my laptop to GPRS on my PDA phone (wireless modem). However, when I try to connect to QuickVPN, it still hangs on "Verifying Network...." Cingular says that this may be due to some timing issues (in other words, from the connection being so slow). They suggested getting an external antannae or maybe moving closer to a window. Any ideas out there?

    Also, Cingular has a wireless modem dialer that they don't mention unless you dig. Here is the site:

    I was able to connect to my wireless modem with the standard Windows XP Wizard as well....

Share This Page