1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Microsoft VPN Client Connectivity behind Linsys Routers

Discussion in 'Other Firmware Projects' started by hitekcomputing, Mar 18, 2006.

  1. hitekcomputing

    hitekcomputing Network Guru Member

    Hello, I have a Windows 2003 Small Business server. The VPN works great except if a client is trying to connect from behind a Linksys router. If the client computer is connected directly to a broadband connection it works great, but as soon as there is a Linksys router in between the broadband connection and the client computer that is where the trouble starts. What happens is that the VPN connection will connect to the server and will get an IP address assigned to it, but there is no connectivity between the client computer and the host network. The server cannot be pinged, and not data is transfered back and forth. I have tried the connection from behind D-Link and Netgear routers and it works great. I had a chat discussion with a Linksys rep last week and he suggested changing the MTU on the client router from 1500 to 1400. I tried that and it did not make any difference. I also have ensured that the VPN passthrough is enabled, as it is by default in the Linksys routers. So not I'm not sure that the MTU is an issue. Has anyone run into the same issues that I'm running into? Thanks in advance!!

    Ryan
     
  2. Toxic

    Toxic Administrator Staff Member

    what protocols are you using with vpn? perhaps you need to forward the ports for whatever protocol is being used. it does sound like something is being blocked.
     
  3. hitekcomputing

    hitekcomputing Network Guru Member

    Just TCP/IP. As I mentioned it works awsome with other brands of routers, its just the linksys routers that are causeing the problem. On ther server side, I have all the necessary port forwarded to the server. The client side should not have to have any ports forwarded to any specific computers.
     
  4. dvaskelis

    dvaskelis Network Guru Member

    In general, I've had issues with older firmware on my Linksys WRT54GS and certain VPNs, but they got fixed a while back. I'm not sure if the fix came from Linksys or HyperWRT though.

    With NAT, lots of routers have issues with certain types of VPNs, including some VPNs that just can't work behind a NAT router.
     
  5. hitekcomputing

    hitekcomputing Network Guru Member

    Yeah, I've updated the routers that casue this problem to the latest firmware from Linksys. I wonder if there is something on the server that I need to adjust to resolve this.
     
  6. dvaskelis

    dvaskelis Network Guru Member

    There was a pretty good article here and here about common things you can do.
     
  7. Toxic

    Toxic Administrator Staff Member

    port forward

    1723 for pptp
    1701 for l2tp

    ipsec uses the following.

    50
    For both inbound and outbound filters. Should be set to allow Encapsulating Security Protocol (ESP) traffic to be forwarded.
    51
    For both inbound and outbound filters. Should be set to allow Authentication Header (AH) traffic to be forwarded.
    UDP 500:
    For both inbound and outbound filters. Should be set to allow ISAKMP traffic to be forwarded.

    port forwarding these and see if vpn works then. if it does the the device is not doing VPN passthrough
     
  8. hitekcomputing

    hitekcomputing Network Guru Member

    Are you saying to forward these port on the client end router or on the server end?
     

Share This Page