No VPN access after adding RTP300 (Vonage router)

Discussion in 'Other Linksys Equipment' started by puckhead_paul, Dec 14, 2005.

  1. puckhead_paul

    puckhead_paul Network Guru Member

    Greetings --

    First off, I'm *VERY* new when it comes to this home networking stuff. That said, here's my home network config currently:

    HS Internet ----> Vonage RTP300 rtr ----> WRT54G ----> Home PC

    Since adding the Vonage router, I have been unable to access my work's VPN 98% of the time. One night, I tried for 3 hours before getting in. I have tried to switch the two units such that the HSI plugs into the WRT54G first, which then connects to the RTP300 router, but the phone line button (for the home phone) never lights up. Seems like the only way it will work is in the above configuration.

    Is there anything I need to do in the Vonage router to enable VPN capability? This is a *HUGE* sore spot for me as I cannot understand just how one Linksys unit creates havoc for the other. I'm sure there are config issues which may come up and I'll be happy to oblige if it gets this matter resolved. Many thanks!!

    ++ Paul in Chicagoland
  2. eric_stewart

    eric_stewart Super Moderator Staff Member Member

    Hey Paul. I didn't notice your post until I was doing a search for some RTP300 related stuff on the board. I'm not surprised that you're having problem with VPN pass-through with the device because I have observed similar (mis)behaviour with this box. I'm assuming that you have VPN pass-through check boxes ticked off in the Security-> VPN tab.

    Because I'm lazy, I'm just quoting a post that I made on (another good resource by the way). I think the RTP300 was a perfectly good when used as a phone adapter, but I have issues with its routing capabilities and firewalling ,etc.

    <quoting the post,15091598>

    Re: [Security] Using the RTP300 as a Firewall.. Good or Bad Idea

    I had my RTP300 setup on my network as a firewall/QoS device for my home network. It was not the only firewall, since it was sitting in behind my Cisco PIX 501. The PIX was connected to my DSL connection. My idea was that by "hiding" my inside PCs behind the RTP300 I could exert QoS over the outbound packets to the Internet...making sure that the VoIP had priority...and I could also (but secondarily) have the power of 2 firewalls protecting my network. I was using the RTP300 since I was able to keep it after I cancelled my Vonage service.

    That was the long story. The short story is that I had nothing but headaches with the crazy thing. Even with the latest firmware, port forwarding didn't work properly, neither did VPN passthrough. Worse, it had to be rebooted at least once a day. The standard operating procedure around my house became, "Who's going to go down and power cycle the thing with the blue flashing LEDs this time?". I even dumbed the thing down by turning off the NAT'ng firewall and going to just routing mode with the same result. Several resets to default configuration and reloading the firmware later and it is now gathering dust in my basement beside the wine rack. It will probably still be there in about 10 years or so...maybe holding open the basement door.

    I wasn't happy with it to say the least. I now have a WRT54GS doing essentially the same thing as the RTP300 was intended to do. It's setup as a router/QoS device using the standard firmware and hasn't needed a reboot in over 7 days now. My son is getting a game for his Nintendo DS tomorrow that will allow him to wirelessly connect to the Internet to play head-to-head with other kids(too bad the DS only supports WEP...what were they thinking?) I will setup my QoS router for WEP.

    I'm not suggesting throwing the device out, but at the same time if your network is working fine the way it is, perhaps you might consider replacing your clunky old Pentium 100 with a shiny new purply-blue Linksys WRT54GS. They're sure to be on sale somewhere on Boxing Day!


    <end quote from>
  3. NateHoy

    NateHoy Network Guru Member

    Hi, Paul.

    I have a WRTP54G from Vonage, similar to your RTP300 except my WRTP54G has wireless. As far as I know, that is the only difference.

    I'm sure you've read this, but just in case, you want to plug everything in as per "Instructions A" here:

    I never had problems with VPN specifically on the WRTP54G, but I did end up putting it behind my WRT54G because the Vonage routers never really had effective QoS, and due to some stability issues. However, in your case, I suspect some of your VPN problems are caused by the fact that you are trying to traverse two NAT (Network Address Translation) barriers.

    What you are shooting for is:

    Internet -> WRT54G -> (LAN)
    (LAN includes your RTP300 and your PC, so the RTP300 becomes a Vonage device only).


    CONNECTIVITY: If you hook things up this way (temporarily):
    Internet -> (WAN)WRT54G(LAN) -> (WAN)RTP300(LAN) -> PC
    Is the PC able to surf the Internet?
    If not, then you need to check the config of the RTP300 to see why. Make sure it is getting an IP address from the WRT54G, etc. If your PC can surf the 'net when connected to the RTP300, then you know you have a decent connection.

    BLOCKAGE: Do you have any ports forwarded or closed on the WRT54G? The RTP300 does not need ports forwarded, however it will react badly if any of the following ports are closed, or forwarded to another client:

    The RTP300 needs to be able to communicate outbound on all of those ports. You should not have to forward any of them, but forwarding 5060 and 5061 is worth a try. Or you can experiment with putting the RTP300 in the DMZ.
  4. eric_stewart

    eric_stewart Super Moderator Staff Member Member

    <quoting NateHoy>
    What you are shooting for is:

    Internet -> WRT54G -> (LAN)
    (LAN includes your RTP300 and your PC, so the RTP300 becomes a Vonage device only).
    <end quote NateHoy>

    I think this is the best advice and (coincidentally) mirrors what I said in my own response. To reiterate, my experience is that the RTP300 is a perfectly good device when used as a phone adapter, but when asking it to be a router I ran into issues. NAT traversal is possibly one of them but I've traversed multiple instances of NAT with other boxes and not run into issues. As NateHoy said, QoS on the RTP300 is rudimentary and problematic with this device too and that's probably all the motivation you should need to rearrange your network since you want to make sure the VoIP traffic gets sufficient priority when your Internet connection experiences congestion.

    Putting the RTP300 behind your WRT54G is a good bet since the WRT's QoS is much better. Hang your PCs off the WRT54G and not the RTP300.

    Let the little piglets (your PCs) suck momma sow WRT54G's teats and not the RTP300.

    Ooops. Sorry. Too much super-charged eggnog! ;-)
  5. mazilo

    mazilo Network Guru Member

    Make sure the VPN options are enabled on your RTP300 unit.

    The following is just some points I would like to make based on my observations on both RTP300 and WRTP54G VoIP routers:

    I don't recommend to put either RTP300 nor WRTP54G as the main router if your LAN has some other VoIP devices. The VoIP parts on these two RTP300/WRTP54G will suck up all the VoIP ports and render the VoIP devices behind them useless. OTOH, putting any of RTP300/WRTP54G behind a non-symmetrical NAT/Firewall router will pose another problem (as pointed out by NateHoy) in the sense that neither RTP300 nor WRTP54G supports a STUN server option. Until RTP300/WRTP54G supports a STUN server option, your best option is to put the unit as the main router to make the VoIP works.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice