1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Windows VPN Client

Discussion in 'Other Linksys Equipment' started by JGHink, May 28, 2006.

  1. JGHink

    JGHink LI Guru Member

    Hi all,

    After receiving a static IP from ISP in order to access my machines at home remotely, I am having trouble setting up VPN access to WAG54G router

    Can anyone confirm that this router can act as a VPN endpoint, and also that it is NOT possible to use the Windows client VPN to access the router?

    Even after following DocLarge's greenbow vpn client guide I am having trouble, so just desperate to get any kind of VPN working

    Thanks
     
  2. DocLarge

    DocLarge Super Moderator Staff Member Member

    Hi JGhink,

    my connection has been funny this last couple of days and I just recently saw your PM.

    The WAG54G is an endpoint vpn router. If you're unable to establish a connection, it sometimes depends upon the firmware version you are using along with the client. I've connected successfully with the greenbow vpn client on many occasions to my WAG54G, to include using it for "site-to-site" communication.

    The only way you'd be able to use the windows vpn client withe the WAG is if you were able to use the "utterly useless" windows IPSEC VPN configuration guide (you can google it or find it on yahoo). Otherwise, the connection you try to initiate from your windows OS is viewed as "PPTP" and the WAG doesn't accept PPTP connections; it does allow PPTP connections to pass thru though...

    Doc
     
  3. JGHink

    JGHink LI Guru Member

    Thanks Doc, as I say I have seen your greenbow client guide and its very easy to follow how to set it up, but I seem to be missing some of the options that need configuring

    So, will be looking to upgrade the firmware hoping that they are included.

    Thanks
     
  4. DocLarge

    DocLarge Super Moderator Staff Member Member

    I've got another idea...

    Leave all your settings as they are on the greenbow client. On the router, make these changes to the groups:

    Locol Secure Group: Subnet (Your local routers IP address)

    remote Secure Group: IP Address (Use Local LAN IP assigned to your computer)

    Remote Secure Gateway: IP Address (This is your WAN IP address)

    Using this configuration, I'm connected right now to my remote WAG54G right now.

    Doc
     
  5. JGHink

    JGHink LI Guru Member

    Ta Doc, but still not worked for me. If you can have a look at this to say where I'm going wrong, that would be great

    So, have two machines connected locally to WAG54G, one on 192.168.1.x subnet, the other on 192.168.2.x. These subnets configured in router's route table

    Client settings

    PhaseI

    TunnelName = Same as on router
    Interface = Any
    Remote Gateway = Static IP from ISP (80.x.x.x)

    Preshared Key = Hex, same as on router
    Envcryption DES = only setting available on router, so to match
    Authentication MD5 = only setting available on router, so to match
    Key Group = 1024


    PhaseII

    TunnelName = Same
    VPN Client Address = 192.168.2.x
    Address Type = Subnet
    Remote Lan Address = 192.168.1.1
    Encryption = DES
    Authentication = MD5
    Mode = Tunnel
    Key Group = 1024

    Parameters

    Maximum/Minimum Encryption Authentication Lifetime = 3600

    Router Configuration

    IPsec Passthrough: Enabled
    PPTP Passthrough: Enabled
    PPPoE Passthrough: Enabled
    L2TP Passthrough: Disabled


    IPSec VPN Tunnel = Enabled
    TunnelName = same as client
    Local Secure Group = 192.168.1.1
    Local Security Gateway = PVC1(ppp0) Not configurable
    Remote Secure Group = 192.168.2.x
    Remote Security Gateway = ip addr 80.x.x.x
    Encryption = DES
    Authentication = MD5
    KeyManagement = Auto
    PFS = Enabled
    Preshared Key = hex,same as client
    Lifetime = 3600

    Advanced

    Main Mode
    Encryption = DES
    Authentication = SHA
    GROUP = 1024
    KeyLifetime = 3600

    Same Phase II

    NetBIOS Broadcast enabled
     
  6. DocLarge

    DocLarge Super Moderator Staff Member Member

    What version of greenbow are you using? I use 2.50. Your settings are still not like the ones I gave you so that's one reason I can see why you aren't connecting. I've re-edited your settings from your last post. Make your changes "exactly" as I have listed them (see below)
    -------------------------------------------------------------------------------------

    TunnelName = Same as on router
    Interface = *
    Remote Gateway = Static IP from ISP (80.x.x.x)

    Preshared Key = Hex, same as on router
    Envcryption DES = only setting available on router, so to match
    Authentication MD5 = only setting available on router, so to match
    Key Group = 1024


    PhaseII

    TunnelName = Same
    VPN Client Address = 192.168.2.x
    Address Type = Subnet
    Remote Lan Address = 192.168.1.1
    Encryption = DES
    Authentication = MD5
    Mode = Tunnel
    Key Group = 1024

    Parameters

    Maximum/Minimum Encryption Authentication Lifetime = 3600

    Router Configuration

    IPsec Passthrough: Enabled
    PPTP Passthrough: Enabled
    PPPoE Passthrough: Enabled
    L2TP Passthrough: Disabled


    IPSec VPN Tunnel = Enabled
    TunnelName = same as client
    Local Secure Group = 192.168.1.1
    Local Security Gateway = (Subnet) PVC1(ppp0) Not configurable
    Remote Secure Group = (IP Address) 192.168.2.x
    Remote Security Gateway = (IP Address) 80.x.x.x
    Encryption = DES
    Authentication = MD5
    KeyManagement = Auto
    PFS = Enabled
    Preshared Key = hex,same as client
    Lifetime = 3600

    Advanced

    Main Mode
    Encryption = DES
    Authentication = MD5
    GROUP = 1024
    KeyLifetime = 3600

    Same Phase II

    NetBIOS Broadcast enabled
    ------------------------------------------------------------------------------------

    One thing I don't understand is this entry you have for your IPSEC Settings: PVC1(ppp0) Not configurable

    Are you not able to change this to subnet? You should be able to if you are using a WAG54G...

    Doc
     
  7. JGHink

    JGHink LI Guru Member

    Once again, thanks Doc. I now have the 2.5 version of greenbow, which allowed me to specify * as interface, an option I didn't have with the latest client

    It hasn't worked. I actually can't connect to the Internet when the VPN client is running.

    Settings on the client are exactly as specified in your last message. My router is a wag54g with no firmware ever upgraded. I have been trying over the last few days so as to maybe solve this issue, used the browser interface and the tftp program. 'Upgrade is failed' everytime.

    So, I'm stuck. Have disabled firewall on router for testing, and cannot change the IPSec settings on the router. Only have ppp0 available

    Why no internet connection when greenbow is started, and also is the problem that I am trying to connect from another computer connected to the same router? I have configured two routes i.e 192.168.1 and 192.168.2 in the route table and computers communicate over the LAN alright. I'm trying to dial up to the public IP of the router from a computer that also has this IP as well, I think thats what I mean??

    Oh dear, what router should I have bought for VPN to work?
     

Share This Page