General VPN questions with BEFVP41 & BEFSX41

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by jsbieber, Jun 9, 2005.

  1. jsbieber

    jsbieber Network Guru Member

    I was wondering if anyone could answer my general questions about a particular setup.

    I have 2 sites, each with broadband access to the internet. Static IP addresses for each internet connection. At each site I have a LAN of anywhere from 5-10 PC's a piece. I want to create a persistent VPN connection that enables both Sites to see each other and in particular Site B to be able to talk to a server at Site A for a particular application. What would be the best way to go about this? I would also like standard internet access to function correctly at each site. From my limited research I was thinking of using either 2 BEFVP41 or BEFSX41 routers. One at each site. I was wandering which would be better to use, and what the difference between the two models are. Also, if possible I was wandering if someone could tell me if I would need additional software to make the VPN connection work. I see people talking about Sentinel SSH, and other programs like QuickVPN. What are these used for, and would it be needed in a setup as i described above? Thanks for any and all help!
  2. DocLarge

    DocLarge Super Moderator Staff Member Member


    my name is Doclarge and I'll be your pilot for today. At any given time, other proven "vpn fighter jocks" such as TazUK, and Kompressor (to name a few) might join this High Altitude Low Orbit session at a moments notice! :) :)

    Ideally, you may want to establish a vpn tunnel router-to-router connection. You can do this with any one of the mentioned routers (Befvp41, Befsx41, WRV54G). For an example of a router-to-router tunnel session, look at the below posts made by kompressor:

    Your router setup page may differ slightly but 90 percent of the information/configuration is the exact same.

    The difference between the three routers is so:

    Befvp41: 50 available vpn tunnels, requires third party vpn clients (i.e., ssh sentinel, greenbow vpn), hard wire router, capable of NAT-T (means you can connect from behind another router).

    Befsx41: 2 available vpn tunnels, also requires third party vpn clients, hard wire router also capable of NAT-T

    *WRV54G: 50 available tunnels, can use third party vpn clients, comes standard with 5 "quickvpn" clients, with purchase of 50 client user license you can have 50 users connect with quickvpn (for a total of 100 vpn users), wireless/hard wire router, not capable of NAT-T at this time (but hopefully in the near future).

    * WRV54G Extras:

    - in order to use third party vpn clients to connect to wrv54g, client computer must make a "direct connection" to a cable/dsl/adsl modem:


    - quickvpn works exclusively with the WRV54G and RV series routers
    - quickvpn (in my experience) will not work if you have another vpn client loaded on the same computer regardless of if you shut off its processes
    - refer to the "Quickvpn Setup Guide" for configuration and the "Reasons Quickvpn Won't Connect" post if you encounter problems.

    Should I be off in some of my commentary, there is a "plethora" (oooh, scrabble!! 10 pts please!!!) of people who will throw in some info.

    Does this clear up some of the confusion?

  3. jsbieber

    jsbieber Network Guru Member

    Great information, thanks! Well I guess my initial goal was to eliminate the need for third party software. So if I go the WRV54G route will all clients at Site B (maybe around 3-5) be able to talk to the clients and server at site A with just 2 tunnels available? If I put two WRV54G routers in, one at each site, will that still just be 2 tunnels total? Also, does the third party software work better than the quickvpn stuff? I need the connection to be persistent and reliable as possible. What are your recommendations. Basically the site setup is as follows.

    Site A:
    LAN already in place
    1 server
    3-5 clients that talk to the server for an inventory application
    All clients and server be able to talk to clients at Site B.
    Use its own broadband connection for internet (Hi bandwidth DSL, static public IP).

    Site B:
    LAN in place
    3-5 clients that will need to talk to server at Site A for same purpose as Site A's clients, and possibly be able to communicate to the other clients at Site A and vice/versa.
    Use its owns broadband connection for the internet (Hi bandwidth cable, static public IP).

    Again this is great information, thanks for everything so far. Hopefully with yours and others help I can get this going.

    Also another question to throw in the mix, can I replace each router on each end that now runs each sites LANs with the WRVRG54s (I doubt this b/c you said it doesn't do NAT, but just asking), and use the WRV54Gs as LAN routers and for the VPN stuff? If so, is this OK to do, or would it be better to piggy back the routers onto each other?

    If I did go 3rd party to avoid the no nat issue with the WRV54G what software would you recommend? Which is easiest, most stable, and allows best throughput, speed is definately a concern.
  4. TazUk

    TazUk Network Guru Member

    How many public IP's have you been assigned at each end? If it's only one then a two box solution isn't going to work. Linksys do make an ADSL VPN router, the WAG54G, but as it's not listed on their US site I can only assume it's not suitable for ADSL lines there. IIRC it works in Europe, Australia/New Zealand and Canada, so if your in one of those places you should be Ok :). If you are in the US you might want to look at the Zyxel range.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice