1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Linksys RVS4000 - QuickVPN

Discussion in 'Networking Issues' started by falcon19850, Sep 29, 2007.

  1. falcon19850

    falcon19850 LI Guru Member

    Hi,
    I think this is a very common problem:
    I would like to dial in with QuickVPN to a RVS4000 Router from a Windows XP SP2 machine. When I click OK to establish a VPN connection, I have got to click no when the "no signature on clients machine..." message appears. After about one minute the message "Remote Gateway is not responding" shows up. When I click ok, this message comes again every two minutes.

    Beside above problem I could ping every IP on the Routers local network, beside that I can even mount a shared folder ("net use z: \\192.168.0.2\d"). But I could not establish an Remote Desktop session, nor could I access to the files on the mounted shared folder (explorer z: time out).

    I am shure that I have configured everything correct, because with an older Firmware I could connect and establish an Remote Desktop session with a server through the VPN. But the only problem was, that I could not transfer files through VPN, because of an incompatible NetBios Protocoll. That's why I had to do this Firmware upgrade.

    Hardware overview:
    Router:
    RVS4000 (Firmware 1.1.09; correctly configured???)
    Computer:
    Windows XP SP2 (every Firewall is switched off), latest QuickVPN Version

    Security log:
    May 25 14:08:14 - [VPN Log]: added connection description "webadmin_rw_rw"
    May 25 14:08:14 - [VPN Log]: listening for IKE messages
    May 25 14:08:14 - [VPN Log]: forgetting secrets
    May 25 14:08:14 - [VPN Log]: loading secrets from "/etc/ipsec.secrets"
    May 25 14:08:15 - [VPN Log]: "webadmin_rw_rw": route-client output: 0
    May 25 14:08:28 - [VPN Log]: packet from WAN_IP:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
    May 25 14:08:28 - [VPN Log]: packet from WAN_IP:500: ignoring Vendor ID payload [FRAGMENTATION]
    May 25 14:08:28 - [VPN Log]: packet from WAN_IP:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to6
    May 25 14:08:28 - [VPN Log]: packet from WAN_IP:500: ignoring Vendor ID payload [Vid-Initial-Contact]
    May 25 14:08:28 - [VPN Log]: "webadmin_rw_rw"[1] WAN_IP #17: responding to Main Mode from unknown peer WAN_IP
    May 25 14:08:28 - [VPN Log]: "webadmin_rw_rw"[1] WAN_IP #17: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
    May 25 14:08:28 - [VPN Log]: "webadmin_rw_rw"[1] WAN_IP #17: STATE_MAIN_R1: sent MR1, expecting MI2
    May 25 14:08:29 - [VPN Log]: "webadmin_rw_rw"[1] WAN_IP #17: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed
    May 25 14:08:29 - [VPN Log]: "webadmin_rw_rw"[1] WAN_IP #17: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
    May 25 14:08:29 - [VPN Log]: "webadmin_rw_rw"[1] WAN_IP #17: STATE_MAIN_R2: sent MR2, expecting MI3
    May 25 14:08:29 - [VPN Log]: "webadmin_rw_rw"[1] WAN_IP #17: Main mode peer ID is ID_FQDN: '@vaio'
    May 25 14:08:29 - [VPN Log]: "webadmin_rw_rw"[2] WAN_IP #17: deleting connection "webadmin_rw_rw" instance with peer WAN_IP {isakmp=/ipsec=}
    May 25 14:08:29 - [VPN Log]: "webadmin_rw_rw"[2] WAN_IP #17: I did not send a certificate because I do not have one.
    May 25 14:08:29 - [VPN Log]: "webadmin_rw_rw"[2] WAN_IP #17: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
    May 25 14:08:29 - [VPN Log]: "webadmin_rw_rw"[2] WAN_IP #17: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=KLEY_PRESHARED_KEY cipher=kley_3des_cbc_192 prf=kley_sha group=dp1024}
    May 25 14:08:29 - [VPN Log]: "webadmin_rw_rw"[2] WAN_IP #18: responding to Quick Mode {msgid:6f05ba42}
    May 25 14:08:29 - [VPN Log]: "webadmin_rw_rw"[2] WAN_IP #18: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
    May 25 14:08:29 - [VPN Log]: "webadmin_rw_rw"[2] WAN_IP #18: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
    May 25 14:08:29 - [VPN Log]: "webadmin_rw_rw"[2] WAN_IP #18: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
    May 25 14:08:29 - [VPN Log]: "webadmin_rw_rw"[2] WAN_IP #18: STATE_QUICK_R2: IPsec SA established {ESP=xb270a156 <0x69fcb7d0 xfrm=ES_0-HMAC_MD5 NATD WAN_IP:4500 DPD=ne}
    May 25 14:10:13 - [VPN Log]: "webadmin_rw_rw"[2] WAN_IP #17: received Delete SA payload: deleting ISAKMP State #17
    May 25 14:10:13 - [VPN Log]: packet from WAN_IP:4500: received and ignored informational message
    May 25 14:15:11 - [VPN Log]: packet from WAN_IP:4500: Informational Exchange is for an unknown (expired?) SA
    May 25 14:15:11 - [VPN Log]: "webadmin_rw_rw"[2] WAN_IP: terminating SAs using this connection
    May 25 14:15:11 - [VPN Log]: "webadmin_rw_rw" #18: deleting state (STATE_QUICK_R2)
    May 25 14:15:12 - [VPN Log]: "webadmin_rw_rw"[2] WAN_IP: deleting connection "webadmin_rw_rw" instance with peer WAN_IP {isakmp=/ipsec=}
    May 25 14:15:12 - [VPN Log]: "webadmin_rw_rw": deleting connection
    May 25 14:15:12 - [VPN Log]: ERROR: "webadmin_rw_rw": pfkey write() of SADB_X_DELFLOW message 106 for flow int.0@0.0.0.0 failed. Errno 14: Bad address
    May 25 14:15:12 - [VPN Log]: "webadmin_rw_rw": unroute-client output: 0
    May 25 14:15:13 - Configuration changed!

    Please can anyone help me, as I've seen this problem in other threads or in other forums, but I hardly could not find a solution for this problem.
    I am getting a bit desperate by now, because this problem starts in May and is still not solved by now...

    Thanks, Christoph
     
  2. System48

    System48 LI Guru Member

    It looks like the problem might be that you didn't create a certificate for the client computer. You'll need to connect to the router and go to "VPN" and then "VPN Client Accounts". On the lower part you'll need to "Generate" a certificate if it has never been done before, there would be a log at the bottom reading "Certificate Last Generated or Imported: ...". Then click "Export for Client", you'll then need to put the ".pem" file in the install directory of your QuickVPN.

    I hope that works, that's the only thing I could think of.
     
  3. sayyong

    sayyong LI Guru Member

    RVS4000 Quick VPN

    Hey, I have the same problem too... I've added the "Client Cert" to the QVPN directory folder and still got the Same problem...

    Any other 3rd party VPN client we can use? Cos I begining to lose confidence in Linksys "Software" and "FirmWare"...But hardware is okie for now.

    Sigh....
     

Share This Page