Discussion in 'Cisco Small Business Routers and VPN Solutions' started by Toxic, Dec 29, 2005.

  1. Toxic

    Toxic Administrator Staff Member

    All credit goes to DocLarge for this..


    NOTE: There may be variances in some areas of web interface, but this document is proven to work! :) :)

    1) Setup Page

    Internet Connection Type: Automatic Configuration (DHCP)

    MTU: Auto

    DHCP Server: Disable

    Time Setting: (GMT) England [Obviously set this to your own zone or leave at default]

    NOTE: If your ISP has recently changed from “data†to “ipstream†you may have to change the MTU from “auto†to “manual†in order to allow vpn data transfer. A common symptom of change in Ethernet technology is when you try to transfer information across a tunnel and you get “Network is no longer available.†In this instance, the MTU is set “too high†(i.e., 1492) and isn’t able to “pass through†the segment at the distant end. Think of a 6 foot tall man trying to fit through a door made for a 4 foot child. By adjusting the MTU to suit the situation, you now have a means of assuring data gets through. (Doc/1 Aug 05)

    2) Security ---> VPN Page

    Ipsec: Enable
    PPTP: Enable
    L2TP: Disable

    NOTE: This goes away from previous advice I’ve given but we’re trying something new. People were able to connect before, so this slight change really shouldn’t alter that much. Furthermore, the 50 vpn tunnels that come with the WRV54G/RV0XX routers are designed to work with third party vpn clients (i.e., SSH Sentinel, Greenbow, Logmein, etc...) and "not" with quickvpn. Quickvpn handles all aspects of negotiation by itself (now that the mystery is solved, it's a clever little tool to me :))
    Also, in the WRV54G/RV0XX manual, where it shows you how to create an IPSEC policy, if you're using quickvpn, this, by default of installation is already done for you by Quickvpn (look in the Program Files\Linksys\Linksys VPN Client directory on your computer and you will see this.) If you are "not" going to use Quickvpn, you could try this (yes, some people have been able to do it). Also, as noted by Chris Watts (a..k.a. Chris547), quickvpn uses a randomly created pre shared key everytime it connects. I think I may love quickvpn now...

    Remaining settings on this page should be disabled.

    3) Access Restrictions:

    - Start off by using a simple name and password combination such as

    username: test
    password: tester

    4) Apps & Gaming

    "NO" vpn port forwarding settings of any kind (500, 1701, 1723, etc...) are required for quickvpn to work. It establishes its own tunnel.


    - Enable HTTPS on the router. QuickVPN needs this.

    - Try using firmware 2.37.13, 2.38 (you can download 2.38 from linksysinfo.org), or 2.38.6. I’m currently using the 50 user license upgrade from Linksys (firmware version 2.37E) and it works perfectly!

    - SNMP & UPNP are disabled.

    - Make sure the ipsec service under settings is started. If you’ve ever loaded SSH Sentinel, SSH knocks ipsec offline and you never even know it unless you happen to be checking services to see why your tunnel doesn’t come up (I found this information out surfing forums).

    - "DO NOT" have any other vpn application "LOADED" on your machine other than quickvpn; even if you have another vpn application loaded and its process is shut off in the back ground, quickvpn still "will--not--run" if it's loaded. If you happen to be able to do this, you're quite fortunate, otherwise, load quickvpn only to avoid conflict.

    - Disable any firewall that you currently have running for the moment (again, we're establishing a baseline). I use Norton Internet Security 2003 and can connect to Dave's vpn segment with my firewall up so you might want to consider a new firewall in the event you can't connect with your current firewall running. Incidentally, when I’m at a wireless internet café, I have to drop my firewall on my laptop to make the connection to vpn, but I’m sure this is just something to do with how the router policies of that local business’s router are enforced. Other than that, I connect to a remote vpn host (from my homeâ€) with my firewall up. Once you’ve made the connection, just turn your firewall back on.

    - Copy and paste this link into your browser to get your WAN IP address if you don’t know it for sure (http://remote.12dt.com/rns/) to place in quickvpn's "Server Address" field.

    Here's one more thing. Copy and paste this link into your browser (http://www.dslreports.com/drtcp). This application will allow you to adjust the MTU setting of your NIC "on the fly" if you bump into a problem with the MTU causing tunnel drops. Make your MTU setting "On The Client" 1458 “if†there are problems with tunnel connectivity.


    1. The quickvpn client is not the only vpn client loaded on the client machine.

    2. MTU on the WRV54G you are connecting to isn't set at "auto" and/or the packets being sent from the client computer are too large (should this be the case, download "DrTCP" and set the MTU of the client's NIC to 1458). Additionally, it doesn't hurt to check and see if the MTU on the client router is set at "auto" also.

    3. You are trying to connect through a dialup or ISDN connection.
    NOTE: I have never been able to connect from a dialup/ISDN connection with quickvpn. More power to those who can.

    UPDATE: Recently, someone was able to connect over dialup in a highly "unusual" manner Basically, when connecting over ISDN, quickvpn hangs at “verifying network†but it will still negotiate the ip security portion and allow you access to your LAN. The only way to close the connection is to terminate it through task manager.

    4. The firewall software on your computer is registering the "ACK" conversation from the distant-end device (wrv54g) as an "Invalid ICMP Type." In this instance you can either "shut down" the firewall for the session or, as I've done, uninstalled my firewall software (NIS 2004) and quickvpn, then reinstalled both (Norton first followed by quickvpn). After that, launch quickvpn, and once Norton detects it, it establishes all the proper rules to allow it to pass through the firewall. Hopefully your firewall software should do the same.

    In the case of #4, I never caught this until I noticed after reloading one of my computers, I had to drop the firewall on one of them to access "the same damn share" as the others, but I didn't have to bring the firewall down on any of the others except that one particular machine.

    5. IPSEC Passthru is not enabled on the client/distant end router.

    6. You have communication software loaded that is preventing quickvpn authentication with the wrv54g router

    Note: I loaded software from motorola cellphone that installed its own "liveupdate" software that blocked quickvpn from talking to my wrv54g router. I knew there was a program I'd recently loaded that was most likely the problem because I had just used quickvpn an hour prior.

    7. You have installed two nic’s on the client computer and quickvpn is trying to utilize the connection that is not assigned an ip address. Simply disable the card that is not being used.

    8. IPSEC is not running on the client computer you’re connecting with. To remedy this, go into control panel, administrative tools, then click on services. If IPSEC isn’t started, set it to automatic and start the service. If you’ve ever used ssh sentinel, this knocks your ipsec out and you have to go into windows services to restart it.

    9. The user account and password is not created or has not been typed in correctly.

    10. Large downloads will disrupt the routers tables causing quickvpn to not respond every so often.

    11. Quickvpn terminates in the middle of a quickvpn session. Just like #10, this hoses up the routing tables for vpn. The answer is to delete all existing accounts and recreate them (don’t create the same username and passwords twice) or reset the router to factory default and start from scratch.

    12. HTTPS is not Enabled by default. If you will use the Linksys QuickVPN Client Software for allowing VPN Clients to connect.

    These configurations are just what I’ve noticed when having quickvpn problems. People world wide have been following this guide with and have had success with the WRV54G, RV042 and the RV082 routers. Again, this is just a baseline. When you figure out what you need, just vary things as needed.

  2. Toxic

    Toxic Administrator Staff Member

  3. NerdsLogic

    NerdsLogic Network Guru Member

    XP SP2 Quick Connect Problem Solved

    For those of you who are having problem to connect using QuickVPN while Windows XP SP2 is enabled (Test to see if it works while it's disabled, if it does, then this is your fix so you can leave the XP Firewall on"


    After you install the update and restart, you can simply allow the Linksys QuickVPN Client to pass through Windows XP Service Pack 2 Firewall by adding it to Program Exceptions.

  4. ericgil82

    ericgil82 Network Guru Member

    did anyone try with RV042 connect with quickvpn? is it working?
  5. DocLarge

    DocLarge Super Moderator Staff Member Member

    If you follow the same guidelines, it should work for you also. Just remember to enable "HTTPS" with your particular router...

  6. ericgil82

    ericgil82 Network Guru Member

    i have already try the solution above but while verifying network quickvpn thorw this error:

    The remote gateway is not responding. You will now be disconnected, please try again later.

    pls help me to solve this problem.

    i'm having a laptop which is win xp pro without firewall on connect to my RV042, and 2 x 1mbps ADSL line, 1 for the laptop and another for the RV042, laptop connect without router, straight from adsl modem

    the rest i follow the intruction above.

    my rv042 showing the connection is online while the quickvpn establishing the connection but after verifying the connection it throws the error. then its disconnecting from the server.

  7. TazUk

    TazUk Network Guru Member

    I've noticed a problem with Quick VPN where the PC has more than one network card. On my work PC I connect to the internet via a wireless card but the PC has an on-board NIC and Quick VPN tries to use the IP address from that when establishing the tunnel. Disabling the on-board NIC allowed me to connect fine :thumb:
  8. ericgil82

    ericgil82 Network Guru Member

    i have disabled my on-board NIC but still the same. any ideas?
  9. DocLarge

    DocLarge Super Moderator Staff Member Member

    Can you post a screen shot of your vpn setup page?
  10. ericgil82

    ericgil82 Network Guru Member

  11. DocLarge

    DocLarge Super Moderator Staff Member Member

    I'm checking it out right now. When you get a moment, shoot a PM to "Ye Olde Stonecat" and see if he has a moment to take a look since he uses the RV082 in quite a few locations...

  12. mikes104

    mikes104 Network Guru Member

    anyone have a solution for the RV082 not connecting? I can get mine to work at home using the external address but once I get to work and try the public wireless it doesn't work. mine too stops at "Verifying Network"

    in the log I get this:
    Mar 8 06:43:26 2006 Connection Refused - Policy violation UDP 2xxx.xxx.xxx.xxx:42185->6x.xxx.xxx.xxx:500 on ixp1

    once the firewall was turned off (only to test), I get this:
    Mar 8 06:44:06 2006 Connection Accepted IGMP on ixp1
  13. DocLarge

    DocLarge Super Moderator Staff Member Member

    Prior to linksysinfo exceeding their bandwith a few months ago, there were a lot of RV082 users that had posted saying they were connecting to their routers with quickvpn. It' a shame the fixes they found aren't available on the site anymore... :(

    Based on your last entry, I assume you were able to connect with the firewall off?

  14. mikes104

    mikes104 Network Guru Member

    nope...wasn't able to connect with the firewall disabled. I just received different enteries in the log. I got the router in hopes of using the VPN part at work using my laptop on the public wireless in the building. I don't like using remote desktop without any other encryption (Cain & Abel for example). I can get it using my external IP at home with the loopback function but I don't think that's a true test. I may try this weekend from a dialup connection or wireless somewhere else.
  15. ericgil82

    ericgil82 Network Guru Member

    hi Doc

    i have tried to do a look up on user "Ye Olde Stonecat" but it doesnt exist. any idea?
  16. mcj200

    mcj200 Guest

    RV042 connection hangs on "verifying network" then

    I am having the same problem. I initiate the connection and it stops on "verifying network" for a few minutes. Then I get "remote gateway not responding".

    How can I troubleshoot this?
  17. mikes104

    mikes104 Network Guru Member

    I treid the PPTP server option on the RV082 using a dialup connection and another boadband connection and both conencted perfectly. so, I think it is maybe the firewall at work that's blocking GRE47 or PPTP.
  18. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    That would probably be the case then...as the PPTP server on the RV082 and 016 models really is a solid setup, and uses the native Windows VPN client. I'd bet the network at your office is using a fireall that's stopping IP type 47 GRE....since you showed your router is working if you attempt PPTP over dial up or from another broadband host.
  19. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    No spaces! :D Sorry I didn't see this earlier..been on the road a lot lately. (Setup a few RV0 routers last month too! :D )

    To be honest...I'm not fond of the QuickVPN client...yet. It's touchy...very touchy. I've setup a whole bunch of RV0 routers...but only the 082 and 016 models because they support PPTP VPN..which works..it simply works..whereas the 042...due to RAM limitations, only supports the QuickVPN.

    DocLarge has the experience with the QuickVPN, he's invested time in it, as his guides attest. I've not..because for my job...I need to get things up and running quickly for my clients, and I've noticed the QuickVPN, when dealing with many users computers, can be too finicky. If they've had any ad/spyware that's modified the tcp stack or winsock, or any other IPSec software installed, or some oddball network card drivers, or on their internet connection MTU is not set correctly somewhere, or.. or....

    And by the way, I've found this to occur in other IPSec software clients...Sonicwall GlobalVPN, or Cisco VPN Dialer...

    So, I don't have much for suggestions for you...maybe try a winsock repair utility to make sure your TCP stack is virgin fresh. Latest network card drivers. Your router on your host network that you're dialing from is on the latest firmware, MTU set correctly (1492 for PPPoE DSL, 1500 for bridged DSL and cable)...make sure you're not running any TCP tweaking utilities like Cablenut or our Speedguide.Net TCP Optimizer. (which running a winsock repair utility would have wiped out anyways) Make sure your computer is scrubbed clean from malware..run CCleaner, Spybot Search and Destroy, Adaware, MS Defender, a trial of Ewido, an online scan at TrendMicro and Kapersky.

    3rd party software firewalls?
  20. Chaz0003

    Chaz0003 Guest

    I have a similar problem with the WRV54G and the QuickVPN software. I was able to connect from my Win2000 system with no problem, but both of my XP systems kept getting the "Remote gateway not responding" messge.
    I went and updated the firmware to 2.38.6 and now none of my systems can connect and all are getting the same error message.
    At least it's more consitant now :cry:
  21. TazUk

    TazUk Network Guru Member

    Are you running the 1038 version of Quick VPN ?
  22. sparky420

    sparky420 Guest

    i am finally able to get connected to my wrv54g with thanks to this site. but i have a problem i can't find anything on.. once i get connected with quick vpn, I can ping my server by name and ip, but i can't see it
  23. DocLarge

    DocLarge Super Moderator Staff Member Member

  24. MystiKal

    MystiKal Guest

    I recently bought a WRV54G specifically for its VPN feature. Eventually, I found my self googling and ended up on this site with the same problems everyone here has been experiencing. I finally got my VPN working, even though LinkSys support couldn't figure it out. Everyone's suggestions on this post is right on, but those who have followed the guide here and still can't connect, try the below notes in addition to the tips on this post:

    I highly recommed starting fresh with the default settings on the router. I did a Reset to Factory Defaults through the web interface, but that didn't help me much. Given that I setup NetScreens and Concentrators and I can't get a LinkSys to work, I was about to throw this router onto the floor when I noticed the small reset button on the back. While the router was powered on, I pushed the reset button with a paperclip a few times. The settings were all reset. First thing I did was setup my basic networking so my computers on the LAN port all have internet connectivity. Next, I went and added the VPN user names and passwords. After adding all the usernames and passwords, be sure to click on save settings. Then I went to Security->VPN and changed the pre-shared key to a key with more then 7 characters. I chose to setup the Local Security group using Range. If you want to use range, the range can look like: I set the Remote Security Group and Remote Gateway to any. Again, be sure to click on save settings. When I tried to connect through the WAN port, it worked. The only thing that I can think of that I didn't do before was to push the reset button on the back.
  25. DocLarge

    DocLarge Super Moderator Staff Member Member

    Welcome to the VPN club!!

    FYI, this post was about getting "quickvpn" connectivity. I haven't written a post regarding connecting a wrv54g to another router. I did however, put a video together displaying how this was done a few months ago. If need be, I'll post it in the sticky section for the future.

  26. akstormrider

    akstormrider LI Guru Member

    I have a problem with quickvpn that I can't seem to find any info on.

    I get the usual hang during network authentication, but I've found a "fix" that I haven't found mentioned anywhere else, and I'd like to know why this works, and how to permanently fix it.

    The DNS servers for the network inside the vpn should be and .3. However, if I go into the TCP/IP settings for the nic, while quickvpn is still connecting, it has changed the primary to, which of course doesn't serve dns. If, while quickvpn is still authenticating, I change the dns to .2, quickvpn quickly authenticates and connects.

    So, why is quickvpn setting the dns to .1, and where can I change it?
  27. TazUk

    TazUk Network Guru Member

    Is that the address of the router?
  28. akstormrider

    akstormrider LI Guru Member

    yes, .1 is the address of the router, but we have other servers handling dns.

    edit: and sometimes it will connect on it's own, without changing the dns server to .2, but even then, the vpn is useless until I change the dns server to .2.
  29. tom4516

    tom4516 Network Guru Member

    Connection Problems

    the WRV54G does not support NAT-T.
    maybe that is a reason for the problems.
    i use thegreenbow vpn client and it works only if i am directly connected to the internet. behind my router it does not work. although my ip is defined for the dmz...
  30. DocLarge

    DocLarge Super Moderator Staff Member Member


    That fact was confirmed last year. This is not the case with the new WRV200 (it supports NAT-T and GRE). The only way to use greenbow behind your wrv54g is to buy another router that is NAT-T/GRE capable (i.e., SMCBR14VPN, BEFVP41, Netgear DG834G, Dlink di804hv/di808hv) and place that "in front" of your wrv54g (this router basically becomes your gateway connection). I've used this configuration successfully and greenbow would connect from behind the segment I had my wrv54g running on without any problems.

  31. tom4516

    tom4516 Network Guru Member

    Thanks Doc, but I tried another application.

    The WRV54G is in my office, connectet directly to the internet over DSL (D-Link modem). And I want to connect the WRV54G from my home. DSL too, but another router. If my laptop is connected directly - it works. Behind my home-router not. I also tried different router but nothing helped. So I gave up...
    My goal was to create an IPSec tunnel from any network where I'm currently connected with my laptop so that I have everywhere access to my office.

  32. DocLarge

    DocLarge Super Moderator Staff Member Member

    My bad, I thought you had the WRV54G at home...

    Yep, you've hit the problem we all did. It's "Quickvpn or Bust!!" at some point, unless you don't mind connecting your computer directly to a modem to use third party client software.

    Most of the routers that supports quickvpn "will not" support GRE or NAT-T (i.e, WRV54G, RV0XX series) with the only exception being the WRV200, which is NAT-T and GRE compliant. The RV042/RV082 models have onboard PPTP servers that support the microsoft client so there's a workaround for the GRE issue.

    Other than that, something everyone has to consider if they want a WRV/RV0 series router is the issue with NAT-T and GRE translation.

  33. Wisi

    Wisi Network Guru Member

    ok, to sum it up:

    if my linksys rv042 in the office is connected directly to the internet and I am also behind a router which is connected with the internet the quick vpn client ist not working (responding...) even when I set up dmz?
  34. Toxic

    Toxic Administrator Staff Member

    what firmware version for the RV042 are you using, and what QuickVPN version are you using?
  35. Wisi

    Wisi Network Guru Member

    Firmware version : (Jul 27 2005 19:25:03)
    Quick VPN:
  36. Toxic

    Toxic Administrator Staff Member

  37. Wisi

    Wisi Network Guru Member

    linksys vpn client still not working, even with the newest updates

    but with my windows xp can connect via pptp, so I don't need the linksys client anymore ;)

  38. shkim

    shkim Guest

    Thanks to Toxic! I've been wrestling with the QuickVPN and Remote Desktop for the last 2 days. I previously ran SSH Sentinel so I went to the settings, restarted IPSec and presto we are up and running again.
  39. Toxic

    Toxic Administrator Staff Member

    glad we could help
  40. RichardD

    RichardD LI Guru Member

    WRV 200 and Quick VPn

    I keep reading about the issues with the wrv54g but no one seems to have a fix for the wrv200... the thing is drivin me nuts... I can connect with the quick vpn client, no hangs, and then I can ping the router's local but that is all. Do you have any suggestions?

  41. Nooter

    Nooter LI Guru Member


    I'm in the same boat. Everyone says these things shoudl work for both but my WRV200 is still shit. On top of that I can't VPN out of it to one specific place just from behind this router. Wierd thing.

  42. sthoen

    sthoen Network Guru Member

    QuickVPN 1.0.40 with Cisco VPN client co-exists!

    I have been able to install both clients on the same Windows XP laptop and connect to different equipment without problems.

    The servers are a WRV54G fw 2.39.2 and PIX 506e.

    I am connecting through a WRV200 fw 1.0.12
  43. stellarc

    stellarc LI Guru Member

    I am using the WRV54G and set it up per these instructions. The QuickVPN Client connects fine and is stable, but i can't browse or view the LAN over the VPN connection. Any thoughts or suggestions would be greatly appreciated....Thank You in advance for you thoughts and assistance.
  44. Toxic

    Toxic Administrator Staff Member

    Hostnames (netbios) wont work, as QuickVPN does not use this. you cna add hostnames to your LMHOST file.

    try using \\ip address of PC\ in URL
  45. stellarc

    stellarc LI Guru Member

    is there an easier way other than using \\ip address of PC\ in URL?
  46. mage20

    mage20 LI Guru Member


    Thanks a lot
    Thanks to you, I have understand why Quickwpn were not connected to my RV042 with the message "verifing netnork"
    In fact, windows firewall was enabled.
    Now, this is perfect except access by netbios to computers
  47. mage20

    mage20 LI Guru Member

    hi toxic

    i have tryed a lot of configuration by dns, wins ... nothing

    According the one solution, it's modify the host /lhmosts file on each computeers ?

    thanks in advance for your reponse
  48. Greg Anderson

    Greg Anderson LI Guru Member

    QuickVPN works for a while, then not

    I have both an RV082 and an RV016 on 2 different networks, and they both have exactly the same problem. We have gotten both of them to work quite well with QuickVPN - but only for a while.

    I'll do a factory reset, reflash the firmware, reload the configuration export file and everyone works great again. Sometime later (a week, a month, two months), I start getting reports of QuickVPN troubles and pretty soon no one can get a connection at all ever. I repeat the reset procedure and we are back in business again.

    But this is a production firewall that many other services rely on, so taking it down for a factory reset is a real pain in the butt and must be scheduled at all sorts of weird times or becomes critical when I am out of town. Any ideas?

    PS I notice many posts about lack of name services on QuickVPN connections - we have users configure an office WINS server on their network connection. Since very few home or hotel networks have a WINS server, it doesn't mess them up there and allows name services when they get QuickVPN connected.
  49. Toxic

    Toxic Administrator Staff Member

    Since you do the same thing everytime i would suggest trying to do something different.

    backup configurations maybe great, but can also give problems. I know doing it manually is a pain in the butt, however it could resolve the issue.

    what firmware are you running with and what version of QuickVPN are you using?
  50. Greg Anderson

    Greg Anderson LI Guru Member

    More config details

    I have tried about every firmware version for the last year. We are currently running 1.3.2 on the RV082, and 2.0.10 on the RV016.

    I have also tried a complete manual rebuild on each router instead of restoring export files. The result is the same as restoring EXP files - works great for while, then it all falls apart. Curiously, no feature other than QuickVPN clients ever seems to have any problem at all.

    But thanks for the suggestion.
  51. Greg Anderson

    Greg Anderson LI Guru Member

    Even more config details

    We are currently using QuickVPN 1.0.38.
  52. OpticalMan

    OpticalMan LI Guru Member

    Greg, what are the exact symptoms you are seeing? Is it a problem of QuickVPN users getting disconnected after long a long time? Or is it that after the router has been on for a while that no users can connect anymore? If it's the latter, I may be able to help you.
  53. Greg Anderson

    Greg Anderson LI Guru Member

    Symptom Details

    The most common problem is that after the router has been operating fine for a month or so, a QuickVPN client that had been working is no longer able to get a connection. It goes through the usual Connecting, Activating, Verifying and then just sits there until timeout without ever completing the Verifying stage.

    With a router re-flash and re-config and no modifications to the client at all, the client again works fine.

    I just did a router rebuild yesterday, so we are all working perfectly at the moment. Thus I can't really test any new theory at the moment. But I would love to have a more permanent solution, because I anticipate that I am just starting another lap around the same track.
  54. dm101r

    dm101r LI Guru Member

    RV042-, same thing, it has been working fine for 2 month, then QVPN clients couldn't connect (unknown header error in wget_error.log).All other things were fine, PPTP VPN, gateway to gateway VPN, group vpn with manualy setup win clients, but QVPN didn't work. Reset, firmware flash, new configuration, works again :)
  55. DocLarge

    DocLarge Super Moderator Staff Member Member

    How much traffic are you guys pushing through your routers?
  56. OpticalMan

    OpticalMan LI Guru Member

    DocLarge: I have two RV082's and one has a lot of traffic. That is the one that has this problem (50 users and mail server behind it).

    dm101r: Ok, I have a wget intercept program that will wait for more than 10 seconds to connect. I believe this is your problem. I will provide a link shortly to this application workaround.

    Greg Anderson: Check your wget_error.log file and see if you see similar error as dm101r had.
  57. DocLarge

    DocLarge Super Moderator Staff Member Member

    I offer this next statement "strictly" as a comment:

    When I was running my WRV54G, I sometimes noticed after large file downloads via ftp (or anything else for that matter), quickvpn would lockup and stop working. I would either have to "reboot" the router to clear it or recreate the accounts entirely.

    It seems as if this problem is still present based on what you guys are relaying...

  58. OpticalMan

    OpticalMan LI Guru Member

    Ok, here is a link to the application I wrote. The installation instructions are in the zip file. This is a workaround only. It is my hope that Linksys will eventually fix this problem.

    This fixes the problem of connecting using QuickVPN or and where the wget_error.txt file shows:

    Read error (Unknown error) in headers. Giving up.

    Click here to download zip file

    The bummer is that this needs to be intalled on every QuickVPN user's computer.
  59. Greg Anderson

    Greg Anderson LI Guru Member

    Router traffic

    At times, we push large volumes of data through both routers. The RV016 is our staff network firewall, and the RV082 hosts several customer applications. The outside (Internet port side) of these two routers are connected in our building, so we will frequently transfer a few hundred MBs at a pop from a staff machine on the RV016 network to a hosting machine on the RV082 customer hosting network by going out one firewall and back in the other. We also have 100s of MBs of both inbound and outbound FTP traffic on both RVs at fairly regular intervals. To further compicate matters, we have two ISPs serving both RVs, as shown below.

    ISP1 ISP2
    + |
    + + + + + + + + + + + + + + + + |
    + + |
    + _______________________________________________|
    + | + |
    + | + + + + + + + + + + + + + |
    + | + |
    + | + |
    RV016 RV082
    | |
    Staff Hosting

    Where do I find the wget_error.log? Are you referring to the wget_____.txt files on the client in the "Linksys VPN Client" directory, or something else?
  60. Greg Anderson

    Greg Anderson LI Guru Member

    :eek: Diagrams just aren't the same with all the spaces sucked out! Sorry.
  61. TazUk

    TazUk Network Guru Member

    Use the [code ] [/code ] tags, without the space after the word code in my example :wink1:
  62. OpticalMan

    OpticalMan LI Guru Member

    Sorry, yes the filename I had wrong in my earlier post, it's really "wget_error.txt" inside the folder where QVPN was installed to.
  63. dm101r

    dm101r LI Guru Member

    tnx, i'll have to wait for next 2 month to try this workaround :)
  64. davewrv200

    davewrv200 LI Guru Member


    I am new to this forum site. I am trying to figure out how to create a new thread. I just got my wrv200 and I want to ask some things about it. I thought I nwas a really good technician but I can't figure out a simple thing like creating a new thread!
  65. Toxic

    Toxic Administrator Staff Member

  66. davewrv200

    davewrv200 LI Guru Member

    Thank you Toxic

    I feel like an idiot now! I see it!
  67. cfelix

    cfelix LI Guru Member

    QuickVPN findings

    Hi everyone,
    First, a big thanks to all that post their findings and problems in this and other forums. It is always a big help and the reason I am writting this today.

    For a while now I have been trying to get QuickVPN to work with a WRV200 and I finally found my problem. I am here to share my experience as I have search the Internet and have not found any help on this. My apologies if this exists somewhere.

    The setup:
    A WRV200 is the VPN gateway, and my testing involved different client side ISPs.

    client -> WRT54G -> DSL modem -> Internet -> DSL modem -> WRV200 -> LAN
    client -> WRT54G -> cable modem -> Interent -> DSL modem -> WRV200 -> LAN
    client -> Verizon QNC -> Internet -> DSL modem -> WRV200 -> LAN

    Remote gateway:
    Uses static IP, PPPoE, and All settings per the QuickVPN tutorial and posts in this website, including IPSec passthrough enabled.

    The problem:
    From day one I was able to establish a QuickVPN connection from all these different setups. The very first time I established a QuickVPN connection from one of these locations I would be able to access the LAN (i.e. map drives, etc). After the first time it never worked again. I could get a QuickVPN connection established and was able to ping the gateway (, but nothing else (no drives to map, no pinging anything else).

    After giving up on QuickVPN, I tried TheGreenBow with the same results. The connection was established, and I could ping the gateway (, but could not do anything else. I disabled all firewalls, but the results were the same. I decided to connect directly to a cable modem (public IP) and it finally worked. Using EtherReal, I found that the ESP packets coming from the remote gateway were not getting to the client. I decide to setup the client behind a router, but with the DMZ set to that client, and QuickVNC and TheGreenBow worked like a champ. So, what happened? I cannot just connect to the gateway from behind the WRT54Gs, and IPSec passthrough is enabled. Further testing forwarding the ESP port (4500) to the client made it work too, so I just decided to reboot the WRT54G and suddenly it started working without the DMZ and port forwarding. It seemed that the IPSec passthrough tables needed some cleaning. After the reboot, I have not had any problems.

    How you can test:
    If you can establish a QuickVPN connection, but cannot see the LAN, maybe this can help.
    1. Verify connectivity to the remote gateway. I used DocLarge's Greenbow/Quickvpn Fix Connects to WRV54G From A NAT-T Rtr to check that my QuickVPN login and network settings were correct. I will not post the whole thing here, but if you issue this command you will get a response from the gateway with VPN information.
    wget https://mark:test@ er=mark
    Open the file with the data, per DocLarge's instructions, and verify that the network information is correct.

    2. Disable all your firewalls.
    3. Put your client in the DMZ or forward port 4500 to it.
    4. Use EtherReal to see what is happenning with your ESP packets. A simple ping will generate one packet out and one packet in.

    Why does this happen?
    I will not go into detail how IPSec passthough works, so please search on the Internet for an explanation. I cannot tell you why the IPSec tables in the WRT54G go bad, but I can give you a hint of how things work. IPSec packets do not have information that allows the packet to traverse a NAT (unlike HTTP, etc), so when an ESP packet from the remote gateway gets to your router it does not know what to do with it. The IPSec passthrough feature keeps track of open IPSec connections to know that a particular IPSec packet needs to go to your client. This is good to know as IPSec passthrough may be disabled in public access points.

    Hope this helps someone. I have read posts in may forums with people having the same problems.

    Have fun,

    Carlos :thumbup:
  68. TazUk

    TazUk Network Guru Member

    NAT-T is designed to get around this so a WRV200, which is meant to support NAT-T, and a NAT-T enabled VPN client should not be a problem :)

    Can anyone confirm that NAT-T does indeed work on the WRV200?
  69. cfelix

    cfelix LI Guru Member

    Well, the problem I had was not on the WRV200 side, but the WRT54G on the client side. My setup was
    client -> WRT54G -> DSL modem -> Internet -> DSL modem -> WRV200 -> LAN
    and the VPN gateway is the WRV200. The WRT54G will not allow the ESP packets to go through unless the IPSec passthrough feature was enabled. If I understand all this correctly, if NAT-T worked for IPSec on the WRT54G side then you would not need the IPSec passthrough feature. Am I right?

    I know there is a NAT-T parameter in the IPSec VPN tunnels (not the QuickVPN setup page), but that did not work in my setup (I used TheGreenBow to test it). It would be nice to test WRV200 to WRV200 to see. I do have a WRV200 here, so in the next few days I'll try it to see what happens. Any bets?

  70. TazUk

    TazUk Network Guru Member

  71. cfelix

    cfelix LI Guru Member

    So I could not get the damn WRV200 back up again. It locked up to the point that not even a reset gets it back alive. Definitely not a device to be in the market right now. I replaced the WRV200 with a WRV54G, which I have successfully used before. I did find that I am still having problems with QuickVPN seeing the network ONLY when the client is connected behing a DSL line (Bellsouth to be exact). PPPoE is set and I have an IP, but it does not see the network. In contrast, from behind a cable modem QuickVPN works perfectly. WHAT A PAIN!
  72. msegre/rrock

    msegre/rrock LI Guru Member

    Will my quickVPN ever work on my RV-16

    Excuse the long post I just discovered these forums.

    It's been 2 years since I bought an RV-082 because it supported 2 WAN ports, 1 to 1 NAT and support for a VPN client, all of which I am using.

    What a struggle it's been. I fought with support for a year to get a bug fixed in 1 to 1 nat and gave up on QuickVPN.

    Since then I have purchased 2 RV-016 routers and keep watching for new release which each time seem to offer a little hope that QuickVPN will some day work.

    Today I wasted 2 and half hours with tech support which has degraded noticeably in the past 2 years. Now every tech says they are L2 but have no debug skills at all. Never look at the log or check for error messages in the wget error file just keep wanting to change settings almost at random. Very little concept of what that does in a production setting. The L2 person finally passed me on to the next level that person seemed to know less and didn’t even have a copy of QuickVPN (this is the VPN router group!)

    Having given up with tech support, after hours I reset to factory defaults and rebuilt. Not only is that a pain in the ass but it is error prone. Again linksys seems to have little regard for production settings. The RV routers at $500 are not just toy home routers.

    At a minimum could you please provide a way to print all the settings so I can try to make sure I reset my complex configuration (mail server, dns servers, instant messaging, web servers, app servers, video streaming appliance, a block of ip addresses, 2 wans, about 10 services to configure - in addition to the regular dhcp, ip etc). Rebuilding not only takes time but inevitably at least one app fails and I worry that I missed a hole in the fire wall.

    Now to QuickVPN I am finally connected (sort of) using Firmware 2.0.10 and QuickVPN 1.0.40. I can ping my servers and even do a file share using IP addresses. But I cannot reach the web servers which seems odd. It acts like an MTU problem (I set it to manual and 1428 as suggested). I guess I’ll need to use ping –f to see what the real packet limit is. I thought auto did this ???

    More importantly I have an https server on port 443. I see there is a beta version of firmware that supports 60443. I am hesitant to try that since I had one router become a brick after trying to revert to an earlier firmware.

    I haven't tried it with the windows firewall (this system had checkpoint firewall) the suggestion to turn off the firewall is just absurd. I use a VPN because I need to connect remotely (ie often directly connected to the internet - when traveling I use a Sprint card) there is no way I will trun off my firewall.

    Also I need to figure out name resolution since some servers are multi homed. I have a WINS server not sure why that doesn't do it. The current way DNS works on the VPN is ridicules. Pointing DNS to the router and then using the DNS supplied by PPPoE makes it impossible to control the DNS server client use. The router should use the DHCP DNS like all the other clients on the network. Or provide a setting in the QuickVPN setup.

    Who knows I’m down to a just a couple of more issues, maybe after 2 years I’ll be able to use the features I bought these routers for.

    Please don’t take this as just a flame. Having stuck with this router over 2 years and lots of $$ I hope linksys finally delivers what was promised originally.
  73. Toxic

    Toxic Administrator Staff Member

    without using beta firmware you wont see the fixes until linksys releases an official firmware. you could be waiting another 2 years for that. good luck.
  74. Nd4Spd

    Nd4Spd LI Guru Member


    How sad is this? Seems everyone is having issues with this software.

    I've been trying to get QuickVPN working on an RV0041. I've tried all the suggestions thus far, but was wondering if anyone had luck w/ the RV0041? So far, I've not gotten it to work. The wget_error.txt shows the following (last line):
    failed: Unknown error.
    Giving up.
    Hardly helpful.

    I'll keep plugging away at it and reply if I get anything figured out.

    I'm also trying to get it to connect with GreenBow, but again, no such luck. Any suggestions on a very simple, easy VPN setting to get it started?


  75. msegre/rrock

    msegre/rrock LI Guru Member

    After upgrading to the 2.0.12 beta code and installing checkpoint's flex firewall I did get this running on an RV-016 and so far am happy with the results.

    I have a non-IPSEC VPN I use for another location and I was hoping to run both at the same time. Since they are totally different technologies it probably could work but there seems to be some route conflicts. I doubt I'll spend much time on it.

    Since not all users have access to the checkpoint firewall would like to get this working with the XP SP@ firewall. It shouldn't be that hard, I think it may be an issue with XP detecting port 500 needs to be oppenned. Not sure when but I hope to look at it sometime. Or if I'm lucky somone will figure it out and post the solution.
  76. OpticalMan

    OpticalMan LI Guru Member

    Aaron: How long does it take before you see the generic error? Is it about 10 seconds?
  77. aronson

    aronson LI Guru Member

    I apologize in advance for a stupid question in a great forum....

    How do I enable https on my WRV54G?

  78. Nd4Spd

    Nd4Spd LI Guru Member

    Yes, it spits out the error after about 10 to 15 seconds. I am guessing since I have to reload the error log file as it's running.
  79. OpticalMan

    OpticalMan LI Guru Member

    Aaron (Nd4Spd): Ok, I guess it's not getting any response from the router. verify the WAN IP address of the router. Are you using 1.3.5 firmware?
  80. Nd4Spd

    Nd4Spd LI Guru Member

    WAN Ip is good and I am using 1.3.5

  81. OpticalMan

    OpticalMan LI Guru Member

    Can you ping the WAN IP remotely?
    Have you tried to remotely administer the router?
    Do you have HTTPS turned on?
    Make sure you don't have port 443 being forwarded.
  82. Nd4Spd

    Nd4Spd LI Guru Member

    Well, I'm working w/ someone now (outside our network) with the GreenBow VPN. They've made the tunnel but can't ping anything on our network and can't access anything on our network. Our internal IP is and so is the router on the other end (client). From the reading I've done, I can't determin if this is a problem or not.

    Any thoughts w/ this one?
  83. TazUk

    TazUk Network Guru Member

    The local LAN ranges need to be different at both ends otherwise it will just assume it's local traffic and not route it down the tunnel :wink1:
  84. OpticalMan

    OpticalMan LI Guru Member

    yes, that's a problem.
  85. Nd4Spd

    Nd4Spd LI Guru Member

    Yes it is. :) We got that straight (finally). Here's what I don't get. How am I supposed to support mobile users who may be connecting at coffee shops, home, etc with all sorts of different router configurations? I can't change my LAN IP all the time and I don't even want to begin supporting them changing theirs.

    Also, I've only been able to get the users connected when I know their static IP address to put into the VPN remote client setup. I know some will be on a dynamic IP. I've tried changing to a dynamic IP + FQDN but so far no luck. The FQDN would have to be their ISP, correct?
    If I went to a Group VPN I'd have to have a FQDN, so would that mean I'd have to make a different group tunnel for say, all of the Road Runner domains, then all the Comcast domains, etc?

    Thanks for all the help. Still trying to get all this in my little brain. :D

  86. DocLarge

    DocLarge Super Moderator Staff Member Member

    Is there a way you can post a screenshot of your setup options on the vpn page?

    I see your difficulty with "road warriors;" that has been a consistent problem depending upon the vendor you use. I can't speak for th RV0041, but supposedly, the WRV200 can support "road warriors" buy enabling the nat traversal feature and setting the "remote security gateway" to "any;" this was a welcomed feature to quickvpn users. Being the RV0041 has been out for a little bit, it stands to reason it may not support this feature. I normally make a straight connection, but this is something that may warrant more looking into :)

    Have you considered having your road warriors using dynamic dns clients?

  87. Nd4Spd

    Nd4Spd LI Guru Member

    I can probably drum up a screen cap here in a bit. I did see the NAT traversal in the advanced section of the VPN setup and turned it on.

    What I'm wondering is how the email address + FQDN works. If I have these remote users, can't I use their email address + our FQDN? Or is that feature not used in that way?

    Thanks! Screen cap to follow...

  88. DocLarge

    DocLarge Super Moderator Staff Member Member

    I really can't say, because I've never used that particular router and linksys hasn't updated their router simulators in a while...

  89. rplankenhorn

    rplankenhorn LI Guru Member

    WRV54G/QuickVPN/DNS Issue

    I have been able to connect to my router fine using the above tutorial, but I am running into a DNS/Router issue. I noticed when I use QuickVPN that it manually sets the DNS server addresses to the LAN IP address of the remote gateway. My problem is that on the remote network I am using a separate server to handle my DNS rather than the router and I can't get QuickVPN to use that IP address by default instead of my router's IP address. I have tried to change several settings on the router interface and some of the config files in QuickVPN, but I have had no success. Any help would be much appreciated.

  90. DocLarge

    DocLarge Super Moderator Staff Member Member

    You could possibly try using lmhost files for the computers you want to access. Yep, it may be a pain, but this might be "one" particular workaround you could use...

  91. jayhawksigns

    jayhawksigns LI Guru Member

    I got our RV042 installed today at work and probably shouldn't of expected to easily setup the VPN tonight when I go home. I think that I had tried everything in the tutorial at least once, and I might just be missing something some where. It was good to find this forum and hopefully I will be able to resolve the problem.

    I am going to update the RV042 to the latest firmware tomorrow, currently running and I have been attempting to use the .40 release of the QuickVPN client.

    Both my home and work are connected with Cox, at work I of course have the RV042, and at home I am using a D-Link DI-604.

    The problem I am having is it hangs on the Verifying Network, it seems like for almost a minute at times. I just tested one last thing, I removed the DI-604 and it works. Any ideas what settings I need to change??

  92. TazUk

    TazUk Network Guru Member

    Is IPSEC passthru enabled on the D-Link?
  93. Nd4Spd

    Nd4Spd LI Guru Member

    Attached is a screen capture of our setup. I've included the drop down of the options available. Any suggestions on getting these road warriors connected with a Greenbow client (or any client for that matter) are greatly appreciated. (Note: Preshared key left blank here on purpose).


    Attached Files:

  94. L-DJ

    L-DJ Guest

    OpticalMan you rocks!!!
    this was the solution I've been looking for around on internet and linksysinfo.org for about to days. I works at first try (well second, first I wrote password wrong :p).

    It's easy to implement.

    Does Linksys know about this bug?
  95. yukons

    yukons LI Guru Member

    I have a wrv54g (2.39.2) as a destintation with quickvpn 1.1 on windows xp as a souce pc. I have another wrv54g on the side of the pc as my nat router. My quick vpn seems to connect but I can not ping or get access to anything in the network. I do not see any error or anything from my syslogs. this is what happens when I have all tunnels disabled. If i try to enable a turnel i get errors about the shared secret and blocking my addresss in the syslog. if i disable then the quickvpn connects but can not ping. i have followed the configuration listed above but does not seem to help. i did not change my mtu since on my pc but the two routers are at auto.
  96. Toxic

    Toxic Administrator Staff Member

    what are you trying to ping? the remote router or a remote pc? do the remote pc's run firewalls? if so have you configure the firewall to enable icmp echo reply
  97. yukons

    yukons LI Guru Member

    remote router, remote pc, http to lan printer. all of this working when i am local but now using the vpn nothings seeems to work pages the connection. i noticed my dns server on the local pc changes to the ipaddress of the vpn destination gateway router. my subnets are different on the two lans as well.

    one thing i did notice when i pinged the address is this;

    C:\Documents and Settings\blandm>ping

    Pinging with 32 bytes of data:

    Negotiating IP Security.
    Negotiating IP Security.
  98. sjohn10

    sjohn10 Addicted to LI Member

    RV042 wgetintercept problem, and negotiating ip security/disconnect in 8 minutes


    i tried the new WGetIntercept as described here... got farther (Activating policy), but never fully connected.
    i tried a batch procedure i found elsewhere (requires your IP/password in the procedure) and it worked.
    but... after about 6 minutes i seem to lose the connection... pig returns Negotiating IP security as above... about 2 minutes later, i get 'remote gateway is not responding"

    i have an RV042 that as worked fine for 18 months, until last week. updated the firmware to latest, and suddenly all was well for a day, then the same problems... so i tried these fixes...

    any ideas on how to keep the connection open would be greatly appreciated...

    any ideas why the wgetintercept might not work (or does that matter?)

    any thoughts on setting back to factory settings and starting again?
    information here is great... i appreciate all you knowledge and help!
  99. Toxic

    Toxic Administrator Staff Member

    Well all I can say it is in my opinion best to do a factory reset after an upgrade. and setup the router again.
  100. sjohn10

    sjohn10 Addicted to LI Member

    stuck verifying network; remote gateway not responding

    i reset to factory setting, and reconfigured...

    now i get stuck on the 'verifying network' window, and after more than a minute, i get 'remote gateway not responding'

    any thoughts on what would have suddenly made it stop working, and if it can be fixed (and of course, if so, how?)

    the VPNTMP.bat workaround does still make the full connection...
    and now does not disconnect in minutes... but this is not a good option for our guys on the road... always having to check their IP, edit a .bat before connecting...

    while the 'verifying network' window is up, if i ping a system, i get 'negotiating ip'

    any suggestions on fixes, or other software or hardware to try would be greatly appreciated... it was working so nicely for a while, but it seems from these forums that the linksys VPN devices are unreliable for lots of folks... unfortunate...

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice