1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WAG54GX2 VPN Setup

Discussion in 'General Discussion' started by JdW77, Oct 23, 2005.

  1. JdW77

    JdW77 Network Guru Member

    Hi all,

    I'm trying to setup a site to site VPN connection with a WAG54GX2 to another WAG54GX2

    example:

    Local subnet = 192.168.0.0 / 255.255.255.0
    WAN IP = 213.84.60.123 / 255.255.255.255

    Remote subnet = 192.168.1.0 / 255.255.255.0
    WAN IP = 81.12.54.190 / 255.255.255.255

    How did I set it up
    ______________________________

    Local site router
    Local secure group:
    subnet 192.168.0.0 /255.255.255.0

    Remote secure group:
    subnet 192.168.1.0 / 255.255.255.0

    Remote secure gateway:
    81.12.54.190

    Key exchange method: Auto (IKE)
    Encryption: 3DES
    Authentication: MD5
    PFS: Enabled
    Pre-shared key: abc123
    Key life time: 28800
    _______________________________

    Remote site router
    Local secure group:
    subnet 192.168.1.0 /255.255.255.0

    Remote secure group:
    subnet 192.168.0.0 / 255.255.255.0

    Remote secure gateway:
    213.84.60.123

    Key exchange method: Auto (IKE)
    Encryption: 3DES
    Authentication: MD5
    PFS: Enabled
    Pre-shared key: abc123
    Key life time: 28800
    _______________________________

    Connection = UP

    I can't ping or connect to any of the clients on the other site

    What did I do wrong?

    Hope one of you out there can help me to solve this problem

    Cheers,

    Jochem
     
  2. truebit

    truebit Guest

    it's routing problem

    ..
    you consider your env's routing table.
     
  3. JdW77

    JdW77 Network Guru Member

    I've already checked that, but all routes are in the table. I've reported this problem to the Linksys helpdesk and they are investigating the problem. Hope to hear from them soon.
     
  4. RickyG

    RickyG Guest

    I'm having the same problem with my boss' WAG54GX2. I've tried to configure it to talk to Checkpoint FW1.

    What is unusual is that the checkpoint log is reporting both incoming and outgoing traffic as encrypting and decrypting correctly.

    However I'm getting timeouts when I try to ping in either direction. Also tried the WAG54GX2 witha Netgear FVS318 but to no avail.
     
  5. JdW77

    JdW77 Network Guru Member

    Confirmed!!!

    I have exactly the same problem.
     
  6. ns1090

    ns1090 Guest

    I have the same issue as well. I am evaluating site to site VPN using 2 WAG54GX2's and cannot get it to work. Link says its up but cannot ping any address at other end. Linksys support have been looking at it since end of Oct. They could not get the remote management to work (and neither could I).

    I have also noticed timeout issues using Telnet and FTP through both the wired and wireless switches. Using Telnet through wireless times out after 55 seconds and on wired after 15 minutes. Have had to put keepalives in to make connection stable.
    FTP breaks almost instantly when sending or receiving data through wireless connection but OK with wired. Maybe something to do with WPA2 with AES but that's the authentication and encryption we have to use.
     
  7. J_a_y

    J_a_y Network Guru Member

    I've got the same issues.

    Has anyone actually got a direct hardware VPN connection to work with the WAG54GX2?

    I have just purchased a number of these for VPN users within my company, so any help would be gratefully received!
     
  8. Davec

    Davec Network Guru Member

    Same problem

    I am getting the same problem when connecting my wag54gx2 to my ipcop box. The line VPN is up and active at both ends but no traffic. I have checked the routes at both ends but as this is a replacement for a working wag54g and all ive done is copied the settings it should work.
    Has anybody had a reply from linksys concerning this
     
  9. Anonymous

    Anonymous Guest

    If the wag54gx2 is anything like previous offerings from linksys (wag54g, wag54g v2, ag241, sx41, vp41) the firmware is all important when using these boxes for vpn tunnels.

    Are there any other firmware versions for your wag54gx2? I haven't used the 'gx2 yet because I don't like the power button they put on them (if it loses power, powercut for example you have to manually turn it back on).
     
  10. Dorven

    Dorven Network Guru Member

    Yes, this power button is really stupide ! :thumbdown:

    Which firmware version have you ? Mine is 1.00.02 .
     
  11. Davec

    Davec Network Guru Member

    Where do you get the firmware 1.00.02

    Where do you get the firmware 1.00.02 as mine is 1.00.01, I have looked on linksys site but cant find a newer firmware.
    It has to be the router as it is a direct replacement for a working wag54g, its VPN tunnel comes up fine and I can access the servers in the office . I switch off the router change to the wag54gx2 its tunnel comes up fine butr no access. If you can post and supply a link to the newer firmware it would be nice
     
  12. JdW77

    JdW77 Network Guru Member

    Firmware

    The 1.00.02 is the firmware for Annex-B and 1.00.01 is for Annex-A
    The are no other firmwares available at the moment :sad: :sad: .

    Cheers,

    Jochem
     
  13. Anonymous

    Anonymous Guest

    Same problems!

    Has anyone found asolution to this? I have a WAG54g and am tryign to get a Site t Site VPn runnign between this box and a Checkpoint FW (NGX). the tunnel looks as though it is up. but the moment I try and ping the corportae network from behind the linksys it times out, when i ping the Linksys subnet from behind the Checkpoint, I get the following in the FW log:

    Encryption failure: no response from peer.

    This all suggests to me that the Linksys box can't route to the remote subnet. but why, surely this is taken care of when you define the Remote Secure group. Any elp would be most appreciated, Linkstys have suggested some basic "Solutions" so far, obviously they don't work.
     
  14. Davec

    Davec Network Guru Member

    Router table

    I looked at the routing table in advanced routing and found entires for my tunel with interface unknown, after contacting linksys a number of times I am returning the router for a new one. This will be the last linksys router i am going to get from now on it Draytek or zyxel which ive only heard good things about
     
  15. Anonymous

    Anonymous Guest

    No VPN here either

    Hi all

    This router looked liked a good solution for us too. Bought it for the VPN capabilities but the VPN is totally non-functional.

    Same issue. Connection shown 'Up' on both sides of the tunnel but can't ping anything behind the router. Tried with reliable BEFVP41 on one side and the WAG54GX2 on the the other and same problem. Tried with reliable Greenbow VPN client on one side and WAG54GX2 on the other and still same problem.

    The logging facility on the device is also really bad. Punts out a load of code and you have to move through loads of pages to see all the output.

    Bunch of pointless time-wasting advice from Linksys. They need to get some new firmware out quicksmart or order a recall of these boxes.
     
  16. Davec

    Davec Network Guru Member

    Nww router

    After talking to linksys I sent my 1 week old wag54gx2 back of replacement. The new router arrived today shinkwrapped.

    Unboxed and setup in 5 mins

    VPN is in UP state and both ends are reporting OK.

    No traffic is going through the tunnel at all.

    I would not like to be the linksys support person when I phone up later. This is two router of the same type that dont work. This is the last linksys product I will be buying for my office, that will be 20 wag54gx2 going back to supplier.
    Anyone how needs to do a VPN on a budget I would recommend the

    Zyxel Prestige 662 HW.
    Harder to setup but work fine no problems at all.

    I will keep looking back about this router to see if this is fixed
     
  17. jimrorrison

    jimrorrison Network Guru Member

    Same problem

    Purchased two wag54gx2 - same problem, tunnel shows as up but no traffic going through. These routers are supposed to replace the wag54g which works fine using VPN tunnels from other sites. Linksys need to get their finger out and upgrade firmware.
     
  18. Anonymous

    Anonymous Guest

    Same problem

    I everybody
    I have the same problem with my brand new WAG54GX2

    Has anyone found a solution for this VPN issue???

    I haver passed most of the two last days with the Hotline with no answer
     
  19. DocLarge

    DocLarge Super Moderator Staff Member Member

  20. Anonymous

    Anonymous Guest

    Same problem here.. Link OK but no traffic passing through the tunnel :thumbdown:

    Linksys should upgrade their firmware :sadbye:
     
  21. Dorven

    Dorven Network Guru Member

    Hi all !

    who have news about this problem ? :sadbye:

    Thanks
     
  22. Al3x

    Al3x LI Guru Member

    i am looking at purchasing two of these routers myself and vpn tunnel two sites.

    i assume the vpn tunnel connections but theissue you have is the pinging. did you setup the port forward, config firewall and spi?

    how are you configuring your gateway
     
  23. Al3x

    Al3x LI Guru Member

    hmm it just hit me, does the router actually support vpn endpoint? because it would make perfect sence why clients can connect but the router cant because all it can do is pass through tunnel
     
  24. freesailor

    freesailor Network Guru Member

    It should support VPN endpoint but so far it seems nobody here succeeded in arranging such a thing, maybe there is a bug preventing that.
    I didn't succeed in doing an endpoint VPN, too: tunnel up (supposedly OK) but no answers from PCs connected to LAN interface of the router, just like others found.
    I'm not a VPN expert, I couldn't swear I didn't make some mistakes but ... :(
     
  25. DocLarge

    DocLarge Super Moderator Staff Member Member

    I run tunnels to and from the WAG54G all the time. This router does support endpoint vpn tunnels (5 to be exact). It's simple to configure with greenbow vpn as your client, or running "tunnel to tunnel." I can try to help as much as I can, and there's always help in the WAG54G forum or the WRV54G forum when it comes to vpn questions.

    Doc
     
  26. freesailor

    freesailor Network Guru Member

    Doc, I think in this case you are really talking about WAG54G, not WAG54GX2, because the two routers are "cousins" and even WAG54G could be meaningful for this issue.
    Am I right?

    I tried to establish a VPN tunnel from a Greenbow client (on internet) to my WAG54GX2 (as VPN endpoint).
    The tunnel goes up (correctly, it seems) both at client side and at router side but from client I can't ping my desktop PC on internal LAN (IP address: 192.168.1.100). (BTW: I've even switched off the router firewall feature that blocks pings).
    This behaviour is the same that others found: tunnel up but unreachable machines into remote LAN behind the router.
    I tried to look at misconfigured routing tables on the client but it seemed ok.
    Of course, being quite a beginner in VPN configuration, I can't exclude my mistakes. :?

    If you have info about (or know of sites or forums that have) a real-world "working" example of VPN client configuration + VPN tunnel parameters at router side (+ eventually routing tables), it could be really useful to look at these, for all us that are still struggling with WAG54GX2 VPN endpoint features ... 8)
     

Share This Page