RV042 and quickvpn, not working

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by brucenolan, Oct 2, 2006.

  1. brucenolan

    brucenolan LI Guru Member

    ok I followed the setup guides best I could ( some directions didn't jive with my rv) but cannot vpn. I have two public IP from my isp so I have the RV on 1(lan at 192.168.1.X) and my besfr41 (lan at .2.X) set on another so I can work at two computers on the same desk. so from .2 lan with quick vpn I cannot connect to the .1 lan behind the RV. I thought quickvpn was suppost to be easy to cofigure? no firewalls up on either end.. anything else? what the heck am I doing wrong? or did I get a bad RV? oh firm ware is also not to happy with the logging on the RV, seems like I get better logs from logviewer and my befsr41 the RV was to replace. any help?

    edit changed besfr81 to besfr41 that it is
  2. Maple-Guy

    Maple-Guy LI Guru Member

    I use several RV042 with Quick VPN with firmware v1.3.7.9 (the .10 is out but I haven't tried it) Some of those RV042 also have VPN tunnels connected while I qickVPN into them with no problem.

    So we know it can work, now let's find out why it doesn't work for you.

    My first point would be to try it with the latest client available here:


    and the latest firmware available here:


    After verifying that your username is created in the VPN section of the RV042 try it and if it doesn't work explain your physical setup to me.

    You said you have 2 IPs from your ISP so is it a switch connected to your DSL or cable modem and the 2 WANs from the routers are connected in the switch? or do you have an integrated switch on your DSL modem? Describe in more details.

    Why would you use 2 routers to connect two computers on the same desk on two different subnets?

    Thanks for the infos; I'll try to help more with more precise data.

  3. brucenolan

    brucenolan LI Guru Member

    Hi JF, thanks for replying. I will go ahead and get latest firmware, what I have is cable modem---hub--then two routers--RV042 and besfr41. the 42 was to replace the 41. so to setup and test the 42 VPN and what have you I got another ip (the third) from Cox and set the 42 up on it. already had the hub inline for my astrisk box (second IP) so no big deal. I thought it would be nice to have both LANs right in front of me for testing. I read somewhere that the vpn computer had to have a different subnet so .1 and .2 no?
    anyhow thanks if you can point me in the right direction, I'll try the newer firmware
  4. Maple-Guy

    Maple-Guy LI Guru Member

    Try it first and we'll discuss after...

    One thing is for sure, your internal (lan) subnet cannot be the same on the originating QuickVPN PC than on the destination (RV042) lan subnet. Thats why the RV042 bugs you to change the lan address when you create your first client if I remember correctly.
  5. brucenolan

    brucenolan LI Guru Member

    tried qvpn and on the 42 and still no go, I have a big hammer, think that will work? I hope I didn't waste 150 on something that won't do me any good, its a bummer cause I like linksys, I've got four different linksys models...... hope this isn't the last
  6. Maple-Guy

    Maple-Guy LI Guru Member

    ok, what are the parameters you put into the QuickVPN client and can you describe the process that goes on after you press "connect". Confirm to me that you have the username/password created in the "VPN Client Access" section of the router and that the user is set to "active". You can also try to specify the port as being 60443 in QuickVPN.

    I have to ask those simple details is that it is the simplest ever way to do a VPN connexion and it must be something very simple that isn't right.

    As I said, I've got several of them deployed and never had any problem.

    Good luck
  7. Toxic

    Toxic Administrator Staff Member

    did you enable https?
  8. brucenolan

    brucenolan LI Guru Member

    toxic: https is enabled
    JF: in QVPN client I enter username/password I created in the "VPN Client Access" section and that U/P is active. tried port 60443 as well. I'm sure something very simple is wrong, thats why I set up two pc on the same desk. I am doing NAT thru the befsr41 and have IPSec passthru enabled as well as PPTP passthru
  9. brucenolan

    brucenolan LI Guru Member

    here is a screen shot of the qvpn client result and the log from the RV

  10. Toxic

    Toxic Administrator Staff Member

    are you port forwarding port 500 to the PC in question?
  11. brucenolan

    brucenolan LI Guru Member

    toxic: on the befsr41 which is the client side, I need to forward 500 to the pc running QVPN? I will try that when I get home...
  12. brucenolan

    brucenolan LI Guru Member

    same results with port 500 forwarded, so what is the deal, is this RV bad? is there any other configuration that is more direct I can try to see if it will work, like plug a pc into the wan port with a static ip and try to vpn into the lan side?
    any thoughts? too late now to return the RV for refund, just replacment but I don't want todo that if I'm doing something wrong and the RV is fine.
  13. Maple-Guy

    Maple-Guy LI Guru Member

    there's no need to firward any port. Have you tried choosing port 60443 on the quickvpn client? In my case I often have to choose 60443 because of web servers running on client pcs. The skype client also use port 443 as an alternate connection.
  14. Maple-Guy

    Maple-Guy LI Guru Member

    Do you have tunnels and other VPN stuff configured in the RV042 besides the username/passwords? I was wondering where the log we see in the pic was comming from.

    The 72.xx address we see in the screencap you sent is the WAN address of the RV042?

    If you enable it in the firewall settings of the RV042 can you ping its WAN address from the pc on the other router?

    toxic: I'm not sure what is related to port 500, I never had to do anything to access my clients 42s besides a dyndns setup. Can you explain why you are asking this? I may learn something new today!
  15. brucenolan

    brucenolan LI Guru Member

    maple-guy: the screen shot is from the system log, I will give a shot of the VPN config page.
    the 72.xx is the RV042 public ip
    I can ping both ways from either ip

  16. Maple-Guy

    Maple-Guy LI Guru Member

    ok, the thing is; you dont need to create anything else beside the username/password in the VPN Client User section of the RV042. So you should delete any tunels you already have.

    The tunnel you have presently will create a IP address conflict when QuickVPN client connects. Delete everything else but the username/password. And try again.
  17. DocLarge

    DocLarge Super Moderator Staff Member Member

    Bruce, are there any over vpn clients loaded on the pc(s) in question? Also, there is a limitation, at least with the WRV54G line, that only allows you to run "either" the IPSEC VPN tunnels or quickvpn, but not "both" at the same time. Toxic and I talked about that just last night and he said as far as he could tell, you can run quickvpn at the same time you're running the internal pptp server, however, what we didn't verify is if you can run the ipsec tunnels at the same time you're trying to make a quickvpn client connection on your RV unit.

    Having said that, are you running an IPSEC vpn tunnels as this time? Additionally, quickvpn is known to not connect if there's been a large amount of traffic passing through the host router. In that event, you'd need to do a simple reboot and try again...

  18. Maple-Guy

    Maple-Guy LI Guru Member

    Yes that particular configuration can be done. I'm running it on several clients sites however, beware of conflicting IP address ranges.

    By looking at the pics Bruce attached to his last post, it seems that the IP address ranges in the tunnels config are conflicting with the address range of his befsr41 (described in his first post) wich will make QuickVPN bomb everytime even if the tunnel in question is not connected. The simple fact that it is in the config will prevent QuickVPN from connecting.

    That's why I asked him if he had any tunnels configured and to delete them if he does in my previous post.


    Just to be clear... 3 simple steps to establish a QuickVPN from a factory default RV042...

    1. Add userane/password in RV042 and verify that they are active
    2. Install QuickVPN client on far away PC
    3. Put username/passord, WAN IP address of RV042 and select appropriate port ---> Click CONNECT

    That's it
  19. brucenolan

    brucenolan LI Guru Member

    defaulted the RV, add user/pass, QVPN on laptop, input info---> click connect.... connecting----hung on verifiy network. so I click disconnet on VPN page of web interface for RV subneted desktop----laptop connected to vpn
    so thank you very much and I will continue on that thread (stuck on verifing network) thanks
  20. Maple-Guy

    Maple-Guy LI Guru Member

    If I understand correctly you did get a connection in the end?

    For the stuck on "verifying network" problem, I've seen this quite a few times. In most cases, the problem was solved with rebooting client PC (or ending the stuck VPNclient.exe process) and/or rebooting the client router (not the RV). In very few cases I rebooted the RV042. Sometime it was the local subnet conflicting with the RV042's local subnet (they need to be different)

    Since I've put my WRV200 in the closet (as a passtrought router), that problem is almost inexistent. The QuickVPN client should be more explicit about why he is not feeling good... maybe that will come in a futur version.

    Please confirm that you do have a conection?

  21. brucenolan

    brucenolan LI Guru Member

    yes, the connection was made. I haven't gone any further than that 'cause 0430 hrs comes too quickly (work) altho when I tried from work it failed, probly some firewall issue I will have no control over. I plan to try from the laptop thru evdo connection and will let you know how that goes
  22. brucenolan

    brucenolan LI Guru Member

    Ok, I was able to connect thru evdo on the laptop didn't hang on verify, I could ping IPs on the lan but couldn't access anything, NAS was not available even by ftp'ing to the IP. the vpn log looked good just unable to see any lan devices. what now?
  23. Maple-Guy

    Maple-Guy LI Guru Member

    I've never seen this particular behavior, all the QuickVPN setups I've done were painfree and even the "real" VPN tunels between RV042s where relatively easy to setup.

    If you can ping but can't access any ports (ftp etc.) my first reflex would related to a firewall somewhere in the datapath itself but beside that I can see what would render things so complicated for you.
