The following is a re-edit of the Greenbow VPN connection instructions located in the WRV54G forum. This setup works with the WAG54G also (I'm using it right now). ------------------------------------------------------------------------------------- HEY LOOK!! A GREENBOW VPN SETUP GUIDE!!!!! Use version 2.50 (or latest version) of the greenbow client by the way. Also, third party vpn clients "will not" connect to a WRV54G if you are connecting from behind another WRV54G; you will have to make a "direct connection" (computer to modem) to connect. Linksys devices that do not have this NAT-T problem when "hosting" VPN tunnels are the WAG54G ADSL Gateway (sold over here in England and Europe) which supports 5 IPSEC tunnels, the BEFVP41, which supports 50 IPSEC tunnels, the BEFSX41, which supports 2 IPSEC tunnels, and (possibly) the new WRV200, which supports 5 IPSEC VPN Tunnels. If you want to make a secure vpn connection to a WRV54G, you'll need to use the Linksys Quickvpn client, or configure a WRV54G to WRV54G dedicated tunnel. Below is a "step-by-step" baseline example to get started. Phase I (Greenbow VPN Client): 1) Tunnel: The name you use should be the same on the router you're connecting to 2) Interface: leave it as an asterik. 3) Remote gateway: This is the WAN address (ISP provided ip address) of the router you're trying to connect to obviously. 4) Pre-shared key: Use a hexadecimal string beginning with 0x (i.e. 0x123456789 with most other routers); if you are connecting to a WRV54G, upper or lowercase words seem to work better (meagainstwhomever). 5) Certificate: N/A 6) Encryption: Use 3DES 7) Authentication: SHA (the equivalent on the WRV54G is SHA1) 8) Key Group: Set this to DH1024 9) Save and apply settings. Phase II (Greenbow VPN Client): 1) Tunnel Name: Same as Phase I 2) Vpn client address:This is "your" WAN ip address (provided to you by your ISP) if you are connecting directly to a modem; use the local LAN IP if you are behind a router that supports NAT-T (again, the WRV54G, right now, does not support this feature; use quickvpn instead). 3) Address Type: Use "Subnet" address. Input the Remote LAN's local IP settings (i.e.) Local IP: 192.168.1.5 Subnet: 255.255.255.0 4) Encryption: 3DES 5) Authentication: SHA 6) Mode: Tunnel 7) PFS: Ensure this box is checked 8) Group: The group should be dh1024 9) Save and apply settings Additionally, make sure you set the "maximal lifetime settings" for encryption and authentication to "3600." You can do this by clicking on the "parameters" link. Additionally, make sure you "always" remember to make sure the encryption and authentication times are the same. ON THE ROUTER IPSEC: Enabled PPTP: Enabled L2TP: Disabled Tunnel Name: Same as Greenbow VPN Tunnel: Enabled VPN Gateway: Disabled Local Secure Group: Your local router settings. Either host or subnet work (I prefer subnet) Remote Secure Group: This is the router/client at the distant end. Either input the local LAN settings of the â€œremoteâ€ router/client by choosing the â€œSubnetâ€ option or use â€œAnyâ€ to make your initial connection; Iâ€™d recommend using â€œAnyâ€ first (handles all incoming connections). Try using â€œSubnetâ€ to specify connections (Local LAN IP and Subnet) after you get the hang of it. â€œAnyâ€ isnâ€™t too secure but allows you to see the connection for the first time without breaking a sweat. Once you understand the configuration better, vary your configuration. Remote Secure Gateway: This is the WAN IP â€œorâ€ the FQDN of the router/client that is going to be connecting to your router. My personal success comes from using â€œAnyâ€ and â€œFQDN.â€ Use FQDN if you have registered a dynamic dns name (you can do this at wwwdyndns.org). Encryption and Authentication is 3DES and SHA1. Key Management: Auto(IKE) [Enabled] PFS: Enabled Pre Shared Key: Same as Greenbow Key Lifetime: Same as Greenbow Click â€œAdvanced VPN Tunnel Setup: Phase I: Mode: Main Encryption: 3DES Authentication: SHA1 Group: Same as Greenbow Key Lifetime: Same as Greenbow Phase II: Encryption: 3DES Authentication: SHA1 PFS: Enabled Group: Same as Greenbow Key Lifetime: Same as Greenbow Under â€œOther Options,â€ check the â€œNetbiosâ€ option and leave all others blank, unless required. ONCE YOU GET CONNECTED: Once youâ€™ve made the connection and you want to connect to a shared resource that you have rights to from a remote location, on the "client" computer, open up windows explorer and click on "tools," then â€œmap a network drive.â€ After clicking on that, choose a driver letter and type the ip address of a computer you have rights to on that network. You would type the following: \\192.168.1.10\sharename Where you see sharename would be where you would substitute the name of a folder you have share permissions to access (i.e., \\192.168.1.10\vpn). Before you click finish, click on â€œconnect as different userâ€ because in order to connect, that local machine needs to have a "username and password" created on it so it recognizes who you are. If you are part of a domain, make sure that your "domain user account" has been added to each computer you want to access remotely. When you click this link, youâ€™ll be asked to type in a username and password that has access rights. Click O.K., then click finish. The shared resource you have been given access to should pop up! If the account youâ€™re connecting to has the permissions set properly, youâ€™re all good now! VERY IMPORTANT: Make sure all of your greenbow settings match your router settings and that the remote ip settings are different from your own! Just in case anyone new to this forum doesn't understand the difference between PPTP server settings and Linksys Quickvpn, the settings listed above for greenbow connectivity are "specifically" intended for use with the built-in pptp server that comes with the WRV54G/RV0XX/BEFVP41 (50 available tunnels) and BEFSX41 (2 tunnels) routers. The difference is that with the WRV54G/RV0XX routers, the quickvpn client sets all of this up when it loads on the client computer. Additionally, quickvpn uses MD5 for authentication whereas greenbow gives you the option for SHA and MD5. Here are some brief examples to connect greenbow to your router: Config #1 Local Secure Group: Subnet Remote Secure Group: Any Remote Secure Gateway: Any Config #2 Local Secure Group: Host Remote Secure Group: Host Remote Secure Gateway: FQDN Config #3 Local Secure Group: Subnet Remote Secure Group: IP Address (Your Computer's Local IP) Remote Secure Gateway: IP Address (Your WAN Address) Using greenbow over a dialup connection is always a crapshoot, but it does work for some people, so it's not impossible.