1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

RV042, Port 443, MS SBS2K3 SP2 HTTPS & DNS

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by Nutsy, Jul 5, 2006.

  1. Nutsy

    Nutsy LI Guru Member

    Ok. Im new here, but not new to the industry. I have done some searching on these forums on this particular issue i am having, but can't really find anything definate in terms of an answer.

    I am running a SBS2K3 server behind a Linksys RV042 VPN Router. I would like to use the QuickVPN utility to give access to the Exchange server to my remote clients.

    Additionally I would like to give them HTTPS access to the Exchange Webclient so they can check their email from Internet Cafe's etc.

    Here are my two issues:

    1. I must forward Port 443 to the SBS Server because Exchange Webclient needs HTTPS. When Port 443 is forwarded, the QuickVPN utility will not connect to the VPN Router.

    Is there a workaround or fix to this? I have read about QuickVPN being able to use port 60443, but dont see any option in the Router to set this up.

    2. If i unforward Port 443, QuickVPN works and i can ping specific IP addresses, however, I cannot ping any machine inside the VPN via DNS Host name. Ie. the VPN Client is not going to my SBS server for DNS/Active Directory information. Because Outlook client uses the Active Directory/Internal DNS name to connect to the Exchange server, the clients are unable to connect to the Exchange server using Outlook.

    Other than creating a manual hosts file on the client computer, is there any way of getting the VPN clients proper domain/active directory access accross the VPN?

    Any and all help would be GREATLY appreciated as I have wasted time with Linksys (useless) technical support, fiddling around with settings, etc.

    Thanks,

    Trevor
     
  2. Toxic

    Toxic Administrator Staff Member

    Hi and welcome to the site.

    1. The new alpha code has a fix for this afaik.

    * RV042 will listen to ports 443 and 60443 for QuickVPN connection. Remark: Earlier firmware only listens to port 443.

    2. you could try adding an IP address for your DNS on the LAN, however you may also need the DNS name for the ISP for net access perhaps? you would need to test this out. the setting is in the DHCP page.

    btw what firmware revision are you running at present?
     
  3. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    SBS and RV0 routers made up a huge portion of my clients.

    Keep things simple...I use the rock solid reliable built in PPTP VPN server the RV0 series have, to give your clients access.

    I create "reservations" in DHCP on the SBS box..so that workstations always have a fixed IP address...then clients VPN to the router..and RDC to their workstations.
     
  4. Nutsy

    Nutsy LI Guru Member

    Running 1.3.7.4 (Dec 23 2005 10:09:32)

    Where can I get the aplha code?

    I am also not using the RV0 for DHCP. I am using the SBS for DHCP.
     
  5. Nutsy

    Nutsy LI Guru Member

    PPTP is an interesting solution. It seems to work. What are the down sides to it? What is the difference between using the QuickVPN and the Windows PPTP client? I take it PPTP is not IPSEC.

    The other thing, when i establish a PPTP connection, it defaults the DNS to the address of the RV042. I would like it to go to my SBS server for DNS if possible.

    Trevor
     
  6. Toxic

    Toxic Administrator Staff Member

    PPTP is just the method of tunnelling, it has no built in encryption of its own however

    as to DNS did you try adding the DNS entry of the SBS to the DHCP page?
     
  7. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    PPTP is, on paper, less secure than IPSec. Microsofts PPTP does have security/encryption, MS-CHAP and MPPE...however yes it can be cracked with tools out there.

    But in practice...it's fine for your "part time road warriors" to connect from home, or on the road. They are part time dynamic users. For full time 24/7 "router to router" VPN connections..yes..you always want IPSec for that.

    However...what are you running through the VPN tunnel? RDC. And RDC has your various levels of encryption.

    For "Set it and forget it" performance...I do recommend doing the "reservations" approach over trying to rely on VPN name resolution to work. Set your remote users to RDC to their reserved IP address..you set it once..and it works..and works..and works...

    No calls at night "I can't find my PC!" Or complaints the next morning. It's hard to hit a moving target, easy to hit a fixed one! :thumb:
     
  8. OpticalMan

    OpticalMan LI Guru Member

    I echo what Trevor said about QuickVPN defaulting the DNS server IP adress to the router. No matter what I do, I can't get it to automatically assign a custom DNS IP address. Tech support told me it is hard coded that way. I wish they would change it to look at whatever is on the DHCP page. Although, I have the RV082 which seems to be the same in this respect.

    EDIT: oops, Trevor was talking about PPTP & DNS. In that case, just override the PPTP client settings to the DNS server of your choice. At least the XP client allows for this.
     

Share This Page