1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New WRV54G beta firmware (2.38)

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by H2O_Goalie, Apr 1, 2005.

  1. H2O_Goalie

    H2O_Goalie Network Guru Member

    Well, I decided to roll the dice and try the newly posted beta firmware...revision 2.38. Apparently is was found on the China website and is now available for download here at LinksysInfo.

    BE CAREFUL with it! It seems to verge on unstable. I've spent the morning getting it installed and configuring it as I'd like to have it run...and in the process I've locked up the router twice.

    I think like most people my main complaint has been the lack of NAT-T support. Well, I've not yet tested to see if that's been fixed (though give me a few more hours and I'll know). Unfortunately, it would appear that they may have broken other aspects of the VPN functionality.

    I have one tunnel set up with remote group/gateway of "any". I can get the configuration information entered and saved for that tunnel with no problem...afterwards the router still functions. But I also tried setting up two other tunnels, one with a defined remote group and gateway, the other with a defined FQDN gateway and a remote group of "any". In both cases, when I save the configuration I get the VPN status line reading "resolving host"...and when that happens, the router will no longer connect to the Internet. You can't get out of your local network. What's even worse is that the system seems to hang to the point that if you close the web configuration IE window, you can't get back in. You have to reset the router to factory default in order to get out of the hang.


    As an aside...can anyone tell me what the difference is (and why they have both listed)between the "VPN Tunnel" and "VPN Gateway" radio buttons?
  2. H2O_Goalie

    H2O_Goalie Network Guru Member

    OK...I believe that I isolated the lockup issue. It seems that clicking (enabling) the "VPN Gateway" radio button was what was causing the router to attempt to "resolve" a host (the VPN status message I mentioned in my previous post). If anyone has more information on what exactly the "VPN Gateway" radio button does, please post up.

    As long as I have only the "VPN Tunnel" radio button selected, things seem OK. I have established a tunnel between my home (public IP) endpoint and my office (public IP) endpoint. It works, I can pass traffic (including NetBIOS). However, this also worked in earlier firmware revisions. I'm going to head up to the local coffeehouse in a few minutes and see if I can go from a NAT'd address to the WRV. Keep your fingers crossed.
  3. H2O_Goalie

    H2O_Goalie Network Guru Member

    Hello from the local coffeehouse. Survey says:

    Try again Linksys.

    Same problem as before according to my Oakley.log, I've got syslog running at home so I'll see the router's log when I get home later. But I'm sure it's the same NAT-T problem we've all been experiencing.

    What a piece of junk. Thank you Linksys for a $179 useless piece of plastic and sand.
  4. TazUk

    TazUk Network Guru Member

    So what problem(s) does this new firmware address :?

    The lack of NAT-T support is the only real problem I've had with my WRV54G, in all other respects it's been fine. What makes it worse is I have a much older and cheaper BEFVP41 sitting here and NAT-T works fine on that :evil:
  5. H2O_Goalie

    H2O_Goalie Network Guru Member

    I also have a VP41...which is now being used. The only thing I noticed that was different was the addition of the PeanutHull bit in the DDNS tab.
  6. DocLarge

    DocLarge Super Moderator Staff Member Member

    H20 and TAZ,

    obviously I must be missing something because when I was still in Arizona, I had no problems with people connecting from behind their routers (for example, WRT54G) using the linksys quickvpn client and vpn'ing to my network. I could also go to border's wi-fi connection and access my network with quickvpn. At that time, the firmware version I was using for the wrv54g was 2.36.5. Now that I have a modem that allows me to connect across ADSL (http://www.adslnation.com/products/xcespec.php), I just uploaded to 2.37.7 to see if there's any gains/losses.

    Maybe I've just gotten lucky twice because using my WAG54G for endpoint vpn connections hasn't been a problem either for users behind other Linksys routers. The exception is that I had to use greenbow for the WAG.

    Should you guys want to trade a few ideas, I'm always welcome for exchange...

  7. TazUk

    TazUk Network Guru Member

    To be fair I haven't tried since updating to 2.37.7 but it definitely didn't with 2.37.1, using both the Quick VPN client and SSH Sentinel :?
  8. H2O_Goalie

    H2O_Goalie Network Guru Member

    I am not interested in using QuickVPN. To be more blunt...I can't use it (or GreenBow, etc.) in my application. I must use the integrated IPSec functionality in XP. Which works beautifully with the BEFVP41. What's more, I don't think I should have to use the client app, as the router itself is advertised and labeled as an IPSec endpoint.

    What pisses me off is that Linksys (Cisco for God's sake) has gone backwards...a 2-3 year old piece of hardware like the VP41 works perfectly, but the new $200 router doesn't.
  9. DocLarge

    DocLarge Super Moderator Staff Member Member

    Well, I just got through jumping in Linksys tech supports azz for taking 50 hours to get me the "super secret squirrel" beta I don't think they ever released for testing (a.ka. shitz and giggles). I have in my possession 2.37.13 and I was tempted to try it but I'm probably not going to until I can see the benefits of using 2.37.7 first. H20, I realize you aren't interested in quickvpn, but "supposedly" 2.37.13 fixed the issue where "remote gatewy didn't respond when quickvpn requested authentication," "resolved quickvpn ot geng able to connect after changing LAN IP address back to the default (," and also "fixed some problem with SHA1/MD5 being disabled in Phase II."

    Again, I don't recall this version ever being out on the streets but I'll probably load it up in a day or two...
  10. H2O_Goalie

    H2O_Goalie Network Guru Member

    I have to admit...I find it funny that they've given you the "super-secret" beta at 2.37.13...but I've been experimenting with 2.38.
  11. hurleyp

    hurleyp Network Guru Member

    I'm a bit off topic here, but several weeks ago I reported a bug with a major throughput collapse when access restrictions are set in the 2.37.1 firmware. After the usual back-and-forth with the Linky crew, they sent me an email March 18 claiming that the beta 2.37.13 was attached. There was no attachment, so I requested that they try again. I've emailed them weekly since then, but they've been ignoring me the whole time. Maybe 2.37.13 isn't so hot after all? ;).
  12. TazUk

    TazUk Network Guru Member

    They seemed to have gone backwards since they were bought by Cisco. I would have thought/hoped support etc would improve now that they are a Cisco company, obviously I was mistaken :roll:
  13. Toxic

    Toxic Administrator Staff Member

    they bought linksys, and noy they have to pay back that money.. then best way is cut jobs, wages and support. thats why there is a backward move.

    they are trying now to make a profit after buying linksys
  14. TazUk

    TazUk Network Guru Member

    I understand that but if people stop buying their products due to major bugs and poor support then they are going to turn a once profitable company into a loss marking subsiduary, that to me doesn't seem like good business sense.
  15. H2O_Goalie

    H2O_Goalie Network Guru Member

    Have they in fact cut jobs, wages and support? Any more than any other networking company? I believe their support has moved to India...but if that's the case, it's certainly not unusual.

    I'm sure you guys know more about Linksys than I do...to this point I've been happy with their products and frankly have never needed technical support until I bought the WRV. I took 1 shot at it with them...in the end, they sent me support information and beta firmware for a WRT. That's how bad they are now.

    Frankly, it just seems to me that something as basic as NAT-T would have been checked and double-checked before the product was released.
  16. Kompressor

    Kompressor Network Guru Member

    I have a site-to-site VPN connection and version 2.37.13 resolved the issue of remote computers not showing up in network neighborhood. So I'm very happy with this version.
  17. gaogi

    gaogi Network Guru Member


    The VPN Gateway option basically disables split tunneling, so all traffic that goes through the router will be routed to the VPN tunnel. The VPN Tunnel option enables split tunneling, so only traffic destined for the remote end point gets routed to the VPN tunnel.

    Also, the QuickVPN client uses the MSFT IPSec client. It's basically a wizard that configures the MSFT client to connect to the WRV.
  18. H2O_Goalie

    H2O_Goalie Network Guru Member


    Thanks for your reply re: gateway vs. tunnel. That makes sense.

    I have to say though that I'm skeptical of your explanation of QuickVPN. MSFT IPSec is 100% transparent once it's set up, and utilizes only IPSec. QuickVPN requires user intervention (run the app and login) and also requires SSL to funtion...so IMO it's not as "clean" as just the straight IPSec.

    Do a ShieldsUp scan on your WRV...you'll see that 443 is open. That's required for QuickVPN. Frankly, I don't like that.
  19. H2O_Goalie

    H2O_Goalie Network Guru Member

    Did you not have NetBIOS broadcase enabled in earlier versions? On the endpoint-to-endpoint tunnels I did get up and working (in 2.37.7, 2.37.9 and 2.38) I had no problem seeing/browsing remote nets.
  20. Kompressor

    Kompressor Network Guru Member

    Yes, I did. Although this is the first beta firmware I've used. All others were version 1.37 and earlier which don’t support seeing remote networks and can only be done manually (\\computername).
  21. gaogi

    gaogi Network Guru Member

    RE: QuickVPN

    The username and password you enter is used only to authenicate your identity. Once you've been authenticated to the router, SSL is used only to exchange IPSec tunnel information (remote network, remote gateway, pre-shared key, etc), so a tunnel can be set up automatically using the MSFT client. Once the tunnel is setup, it's 100% IPSec as well.

    Actually, the QuickVPN client is more secure than using the MSFT directly, since it generates a per session, per user, dynamic pre-share key. There are no static keys to leak out.
  22. DocLarge

    DocLarge Super Moderator Staff Member Member


    I just downloaded 2.37.13 and haven't loaded it as of yet, but if you've got a site-to-site setup up, is it with two wrv54g's? And if so, could you provide some screenshots? I've just posted on another site showing people quickvpn does actually work and I'm looking for my examples of router configs. I'd appreciate it if you could drop some "vpn configuration page" screen shots showing your site-to-site configuration minus the ip's...

  23. Kompressor

    Kompressor Network Guru Member

  24. JohnBima

    JohnBima Network Guru Member

    I have been testing the WRV54G by myself and with Linksys Tech Support for over 50hours, and have tried every firmware version ever developed. All I can say is this product is the biggest piece of shitt I ever bought. Linksys has escalated all these matters I brought up to the development team, and I will await a reply... or not! I'll have to wait and see. This product should have never been released to the public without strick Quality Control. Now everybody is paying for it. I would hate to see Linksys toll charges for all the support calls on this.

Share This Page