Ready to dropkick BEFSX41

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by rdave, Feb 1, 2005.

  1. rdave

    rdave Network Guru Member

    I have had nothing but problems with this. The firmware out of the box rebooted every few minutes seconds once the PPPoE session was connected. Finally got some stability with firmware 1.51. Some users got email timeouts so I manually adjusted the MTU, which seems to help but some users still get problems. Now I can't get a VPN connection to work either. Using Greenbow, I never see an entry in the VPN log file. Using an AG041 I get one reply back, but the AG041s IKE proposals never appear in the log of the BEFSX41. Turned off the firewall feature to see if it was blocking something and lost remote administration so I will have to go back to the site to fix it. ARGH!!!

    This is a POS.

    Can someone please recommend something that works full stop? I have also had problems with Netgear FVS318 (not this bad). If I need to fork out more money so be it, but I need something that will work for remote sites and remote individuals (including NAT-T).

  2. rdave

    rdave Network Guru Member

    I've documented my current settings with screenshots if anyone wants to see if they can see something obvious. I've invested enough time in this to try a little more... amazing what a little sleep does.

    The BEFSX41 is running fw: 1.51 and the AG041 is running fw: 1.08.

    Thanks for any comments,
  3. budda0910

    budda0910 Network Guru Member

    I feel your pain. These linksys endpoints are starting to annoy me so much i'm tempted to just build a cheap debian system to handle ipsec/routing. More features, better reliability, better security, better documentation, plus, they just work the way they're supposed to.

    I guess that's a recommendation... Got any linux chops?

    EDIT: Actually, now that i've reread your post, you may want to seriously consider using a linux box as the central point in your vpn (assuming you have multiple tunnels into a single location). You can tweak configurations and setup polcies using kame/racoon which are very fine grain for each individual tunnel, so you can get each one going with the config that works (since many of these appliances just dont want to talk to anything that doesn’t look exactly like them). Plus, the logfiles are much much more clear, so you wont be banging your head against the wall quite as much. And the QOS (once you read the advanced routing and traffic control howto) on linux is just about as good as it gets (probably better).
  4. TazUk

    TazUk Network Guru Member

    I've setup a few BEFVP41's and they've all been stable setup as both site to site and client to site VPN's, maybe try swapping your BEFSX41 for one of those :?
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice