1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WRV200 + Quick VPN Client

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by sarielmarse, Nov 13, 2006.

  1. sarielmarse

    sarielmarse Network Guru Member

    Hi,

    I've got Router WRV200 with:

    WAN Configuration
    IP: 192.168.19.200
    MASK: 24bit

    LAN Configuration
    IP: 192.168.1.1
    MASK: 24bit

    I connect PC directly through WAN port to router to avoid some other hardware isues. Then I install Linksys VPN Client 1040 on that practiculary Pc. In WRV200 I set VPN user for example test with pass test. Next step was to configure VPN Client with user: test pass: test router IP adress "192.168.19.200". In client PC's I see that "verifying network..." and that's end. In router Status/VPN Clients tab there is client connected. But it doesn't work.

    In router I've got 1.0.20 firmware.

    I found meny subjects about problem with VPN Client but there is no 100% advice how to resolve it.

    Regards

    Sariel Marse
     
  2. ifican

    ifican Network Guru Member

    I would venture to guess you are trying to connect via port 443. Also you have configure the pc in the same ip address range as the routers interface correct (192.168.19.x)? Something else just came to mind, if you are running firewall software on your PC it can also cause the connection to hang at the same spot if you have not previously allowed the vpn traffic.
     
  3. Toxic

    Toxic Administrator Staff Member

    I have been told that QuickVPN does not use port 443 on the WRV but 60443. if you use QuickVPN 1.0.40 you cna select the port number which wuickVPN will use initially. I would also recommend upgrading to WRV200 1.0.24 firmware as well.
     
  4. sarielmarse

    sarielmarse Network Guru Member

    In PC i've got ip adress in the same range what is WAN router IP. PC IP 192.168.19.10. I'm trying to connect with 443 and 60443 ports. I found that i should to forward some ports. If I have to forward some where I have to do it ?
     
  5. Toxic

    Toxic Administrator Staff Member

    you should not have the same range as a WAN ip address, the router will have two IP addresses. the WAN port will/should have a Public IP address and the LAN should be a private IP address. You PC should have a Private IP address if behind a router. are you double natting the WRV200? what is it behind?
     
  6. sarielmarse

    sarielmarse Network Guru Member

    In that practiculary situation my public ip is 192.168.19.200.

    regards

    Sariel Marse
     
  7. sarielmarse

    sarielmarse Network Guru Member

    For this moment I haven't connect router to public network. I have been testing for this moment.

    Regards

    SM
     
  8. ifican

    ifican Network Guru Member

    Simon, he is just running a test environment to get quickvpn working. It appears that his overall config is correct.

    That being said, you have not verified that all firewall software on the pc is turned off or allowing the vpn connection back in.
     
  9. sarielmarse

    sarielmarse Network Guru Member

    My firewall seems to be disabe. Strange is that I use Cisco VPN Client to connect to Cisco Pix and every thing is ok.

    Regards

    SM
     
  10. Toxic

    Toxic Administrator Staff Member

    can you show us a layout of all devices you have from your Cable/ADSL modem to the WRV200.
     
  11. ifican

    ifican Network Guru Member

    Which version of Cisco VPN? The latest version i ferget the number lives happily with quickvpn but the earlier version does not. Also make sure the cisco vpn client is shutdown when you are using quickvpn. One last thing, the cisco client uses different ports then the quickvpn client so the firewall if enabled still could be the problem if its not a client incompatibility on the host machine.
     
  12. sarielmarse

    sarielmarse Network Guru Member

    I've check it. Firewall servis is disable, Cisco VPN Client servis is disable. And there is still that same problem "Verifying Network..." and thats all.

    Strange is that ins status tab client is online. But is fake.

    Reg

    SM
     
  13. ifican

    ifican Network Guru Member

    It shows online because it passes network authentication, which version of the cisco vpn client are you using? Also what does the icon show in the system try? One thing i notice with quickvpn is if it fails to connect the "verifying network" box will be present forever even if you reconnect and get a connection, unless you shut down the program and restart it.
     
  14. Toxic

    Toxic Administrator Staff Member

    if the WRV200 is behind another router (since the WAN is private and we dont know you layout of all you devices) have you port forwarded UDP 500 to the WAN IP of the WRV200 on any device and made sure anything infront of the device supports IP protocol (not ports) 50 and 51 ?
     
  15. sarielmarse

    sarielmarse Network Guru Member

    My cisco vpn clint is 4.7.00 thats for sure. What color hmm it seems to be red line crosed and status verifying network.. Strang is that when I disconnect user form status/vpn client tab icon is going to be green and status is disconnected.

    reg

    SM
     
  16. sarielmarse

    sarielmarse Network Guru Member

    WRV200 is behind nothing.

    reg

    SM
     
  17. sarielmarse

    sarielmarse Network Guru Member

    There are no other devices. There is only WRV200 and PC. Pc is connected to router WAN port. PC have 192.168.19.10 and router WAN 192.168.19.200. Router LAN interface have 192.168.1.1. I'm connecting through router WAN port to access router inside network 192.168.1.0.

    reg

    SM
     
  18. ifican

    ifican Network Guru Member

    Thats normal for the icon, 4.7 are you sure? I have done lots of testing with 4.0.X and all has been fine, if its indeed 4.7 then maybe something else has been changed and it now does not like having any other vpn client installed. If you have access to the cisco client software i would say uninstall it and try quickvpn, i can tell you for sure the netscreen client does not like any other vpn to even be installed running or not on the host machine.
     
  19. sarielmarse

    sarielmarse Network Guru Member

    Ok will try it. Maby it will works ;) For now i would like to thx ;)

    regards

    SM

    p.s. I try it and will writte about it.
     
  20. sarielmarse

    sarielmarse Network Guru Member

    000 Plutorun started on Tue Sep 13 10:09:47 EST 2005
    001 [Tue 10:09:50] Starting Pluto (Openswan Version 2.4.5dr3 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OEr\134[u@aflB_)
    002 [Tue 10:09:50] Setting NAT-Traversal port-4500 floating to on
    003 [Tue 10:09:50] port floating activation criteria nat_t=1/port_fload=1
    004 [Tue 10:09:50] including NAT-Traversal patch (Version 0.6c)
    005 [Tue 10:09:50] ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
    006 [Tue 10:09:50] starting up 1 cryptographic helpers
    007 [Tue 10:09:50] started helper pid=376 (fd:4)
    008 [Tue 10:09:51] Using KLIPS IPsec interface code on 2.4.26-uc0
    009 [Tue 10:09:51] Changing to directory '/etc/ipsec.d/cacerts'
    010 [Tue 10:09:51] Changing to directory '/etc/ipsec.d/aacerts'
    011 [Tue 10:09:51] Changing to directory '/etc/ipsec.d/ocspcerts'
    012 [Tue 10:09:51] Changing to directory '/etc/ipsec.d/crls'
    013 [Tue 10:09:51] Warning: empty directory
    014 [Tue 10:09:58] listening for IKE messages
    015 [Tue 10:09:58] adding interface ipsec0/eth0 192.168.19.254:500
    016 [Tue 10:09:58] adding interface ipsec0/eth0 192.168.19.254:4500
    017 [Tue 10:09:58] loading secrets from "/etc/ipsec.secrets"
    018 [Tue 10:18:23] listening for IKE messages
    019 [Tue 10:18:23] loading secrets from "/etc/ipsec.secrets"
    020 [Tue 10:19:22] packet from 192.168.19.14:500: received and ignored informational message


    What does it mean in last row ?

    Regards

    SM
     

Share This Page