1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New Linksys RV042 Firmware Released! v1.3.12.6-tm

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by Toxic, Jun 17, 2008.

  1. Toxic

    Toxic Administrator Staff Member

    Linksys have just released a new version of firmware for the RV042. This includes a new Trend Micro ProtectLink Gateway service (subject to license key) and has also included a few bug fixed. the changelog is listed below.

    more information on the download is availble here: RV042 Downloads

    RV042 Firmware v1.3.12.6-tm Release Note 6/11/2008

    Changes:

    1. Support Trend Micro ProtectLink Gateway service, which requires the purchase of a license key (i.e. LBATMPG05 or LBATMPG25).
    2. Fixed a UDP Port 0 DoS vulnerability issue.
    3. Upgraded the OpenSSL library from version 0.9.6d to 0.9.6e to address some vulnerability issues.
    4. When remote management and HTTPS are both enabled on the Firewall page, the HTTP-based remote management is no longer available. Users have to use https://<router wan="" ip="">:[port number] or https://<router wan="" ip=""> for remote management.</router></router>
    5. Support 50 QuickVPN users.
    Known Issues:

    1. QuickVPN Client v1.2.8 on Windows Vista cannot work properly when the Vista PC uses a wireless adapter to connect to the network. The issue will be fixed by a future release of QuickVPN Client.
    2. Windows Firewall needs to be enabled on Windows Vista in order for QuickVPN Client to function properly. This is due to the fact that IPSec service on Vista is disabled when Windows Firewall is disabled.
    3. QuickVPN Client v1.2.6 on Vista does not work properly when the Server Address is a DDNS domain name. This issue was fixed by QuickVPN Client v1.2.8.
    4. There is a known issue with Windows XP SP2 Firewall - ICMP packets are always dropped by the Firewall when the Firewall is enabled. The issue will cause the QuickVPN Client not being able to establish a tunnel with the remote QuickVPN Server successfully. Microsoft has released a patch to fix this issue. Once you install the patch, the issue should be resolved. http://support.microsoft.com/kb/889527/en-us

    ---------------------------------------------------------------------------------------
    RV042 Firmware v1.3.10 Release Note 10/23/2007 (beta testing)

    Issues Fixed:

    1. Fixed an IPSec NAT-T issue that the main mode initiator does not change UDP port to 4500 in the 5th packet as required by RFC 3947.
    2. Fixed a problem that users in the LAN cannot access a non-standard FTP service.
    3. Increase the maximum password length to 64 to match with the help page.
    4. Support the % sign in the router's password.
     
  2. fnarf

    fnarf LI Guru Member

    Additional new feature - Per WAN MTU

    MTU is now configured on the Setup tab instead of Firewall, and you can specify an MTU for each WAN conenction.
     
  3. Toxic

    Toxic Administrator Staff Member

    excellent!
     
  4. sterner

    sterner LI Guru Member

    Should we hope for similar updates on the rest of the RV lineup? Particularly the RV016. I am.
     
  5. Toxic

    Toxic Administrator Staff Member

    yes afaik the rv042 was the first release for other RVxxx series of routers. I have not been told any timeline but i would guess these should not be too long in coming.
     
  6. franki_hk

    franki_hk LI Guru Member

    I had two RV042 and both updated to the 1.3.12.6-tm firmware today. Seems it is Ok up to now. VPN between two routers is Ok.

    However, a very strange problem occurred at one router. The menu image of the "ProtectLink" item was corrupted. I have then tried to update the firmware to the router again but I got the same problem result. Please find the attached images for your information.

    Finally, I compared both "home.htm" of the routers and found the following result.

    Problem Router:
    line 281: <td background="images_rv042_00:16:b6:81:1f:6c/UI_06.gif"></td>

    Normal Router:
    line 281: <td background="images_rv042/UI_06.gif"></td>

    Seems the firmware update process has some problem on the some router.:frown:
     

    Attached Files:

  7. sashooo

    sashooo LI Guru Member

    Same here, I reflashed twice - no change. Maybe I should try downgrade, and then upgrade again.
     
  8. Toxic

    Toxic Administrator Staff Member

    is the link not working at all or is it just an image on the webgui that is missing.
     
  9. sashooo

    sashooo LI Guru Member

    Link is working ok, is it just an image on the webgui that is missing. I even didn't mention it before reading franki_hk's post.
     
  10. hyeap1

    hyeap1 LI Guru Member

    after i upgraded to the new firmwre, i am unable to do remote management using the external ip access...
     
  11. attention

    attention Network Guru Member

    SPAMMING and new errors

    This is just GREAT!

    Being spammed by our own router!

    What's next: forced pop-ups advertising even more junk?

    Instead of fixing the buggy site to site VPN connection (see all those frustrated posts) they now introduce spam and even more errors?

    The new error (or is it an enahcement?) is that all those sites under "Forbidden Domains" which were SUPPOSED to be blocked are announced (transmitted) right after boot.

    Put the RV behind another router and look at it's log.

    WAY TO GO Lynksis!
     
  12. Toxic

    Toxic Administrator Staff Member

    it is hard to please everyone.... btw Lynksis is spelt: Linksys
     
  13. Sfor

    Sfor Network Guru Member

    I see hard to believe the log of another router is storing the contents of the data trasmitted. So, it is much more likely, the RV042 is resolving IP adresses of the blocked sites using the DNS service, in order to get those IP blocked. The DNS queries can be logged by another router.

    So, it seems to be more logical, the RV042 is resolving IP adresses of the forbidden domains.
     
  14. attention

    attention Network Guru Member

    If that would be the case then ALL blocked domains would get resolved, however a few are left out (4 of 23).

    And also, this was not the case with the old firmware.
     
  15. attention

    attention Network Guru Member

    I don't have my hub (for wireshark) here but will check that soon.

    Three of the sites not being resolved are zonealarm.com, donhoover.net, exponential.com.
     
  16. Sfor

    Sfor Network Guru Member

    I had the opportunity to check the domain blocking feature in this firmware. But, I did not tested it feature in the older versions. Are there other differences related to the domain blocking?

    The feature seems to be working perfectly. Instead of just blocking the domain, the browser is redirected to a text page with the information of the forbidden domain access. The good side is the browser will not wait for the time out, in such a case. The older routers did not have such a feature. I just do not know if it was as good in the older RV042 firmware revisions.
     
  17. attention

    attention Network Guru Member

    The domain blocking feature in this firmware does work (as it did with the older FW, same behaviour).
    I just don't understand why they would announce most of them (but not all).
    As mentioned, I will check soon if it's just a DNS lookup.

    Still leaves the issue with the VPN tunnel (which I think is realted to rv042's erroneous XYZSwan rekeying method).

    But hey, we got that great "go buy trendnet" button instead.
     
  18. marshal

    marshal Network Guru Member

    I've installed the firmware.. work great.. but.. where can I buy license for trendnet?
     
  19. sterner

    sterner LI Guru Member

  20. Sfor

    Sfor Network Guru Member

    I had to replace a damaged RV042 with a new one. I've trasferred all the settings with the settings backup feature. All settings were transferred except for the MAC address clone.

    After a short investigation I made sure the WAN MAC clone settings are not stored to (or restored from) the backup file.
     
  21. Sfor

    Sfor Network Guru Member

    I've noticed another problem related to the MAC address clone function. If a WAN2 MAC address is different from the default value, the WAN2 does not work in the Dual WAN mode. I was unable to make WAN2 to get the IP from a DHCP server, in such a situation.
     
  22. Toxic

    Toxic Administrator Staff Member

    i'll let the guys at linksys know.. thanks Sfor
     
  23. EBAL

    EBAL Network Guru Member

    Toxic, is there any way to change the default QuickVPN port in the new firmware? I am using QuickVPNPlus and it has an option to indicate the port number. It would be nice to define a custom port for QVPN+ to add another layer of security. I've found that certificates are rendered essentially useless via the "-c any" option.

    Perhaps there's a "tweak" via telnetd?

    Thanks.
     
  24. Toxic

    Toxic Administrator Staff Member

    not that I know of. afaik it will look for 443 then 60443 only.
     
  25. inspiron100

    inspiron100 Guest

    I have a quick question about ProtectLink.
    What is considered a user? (Computer, Server, Email address, etc.)
    Also is there a trial version that I can try?
     
  26. catch21

    catch21 Guest

    SSLV2 is still enabled after firmware update. How do I disable this?
     
  27. dgc03052

    dgc03052 Guest

    Aha - that might explain all the problems I'm seeing... WAN2 has been dead for me for several days, and I haven't been able to figure it out... Both connections will work just fine from WAN1 (one DHCP, the other PPPoE), but neither works from WAN2....

    Now I just have to test this when I can back to it...
     
  28. Sfor

    Sfor Network Guru Member

    Yet another problem related to the System Management - Bandwidth Management settings.

    Saving the settings on this page can cause the router to work incorrectly. Additional router reboot is necesary to make everything work, as it should to.

    In my case the router works in Dual Wan - Load Ballance with both ports in DHCP mode. When the bandwidth management options are saved, the router gets another IP on WAN1 while still working with the old WAN 1 IP. As the result the router responds to pings on both IP's on WAN1 (the old one and the new one).

    The IPSec tunnels stop working in such a case. The negotiation log shows the tunnel negotiation packets directed to the old WAN1 IP are reaching the router, but some of the response is comming from the new WAN1 IP. Since some of the IPSec protocol packets are comming from the old WAN1 IP and the rest from the new WAN1 IP, the tunnel will not connect.

    If doing the bandwidth management settings changes remotely, it is necesary to have the remote management enabled. In other case the IPSec connection with the RV042 can be lost, and someone will have to reboot the device in the remote location.
     

Share This Page