RV042 with Cisco 2610

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by petersung, Sep 6, 2006.

  petersung

    petersung LI Guru Member


    I am trying to setup VPN (client - gateway) for my uncle's office, He's got T1 coming thru Cisco 2610. What do I need to do on Cisco and RV042 in order for this to work properly? or is there any alternat setup? My cisco Knowlege is practically none existance and Linksys support is unable to assist on this issue.

    T1 --> Cisco 2610 --> RV042 (DHCP) --> Server/Network

    Your inputs are greatly appreciated!:thumbup:


  ifican

    ifican Network Guru Member

    First and foremost you will need to find out what version of code is on the 2610. If it is non crytpo code there is nothing you can do to make it work. Have someone with rights log into the router and get to enable mode. It will have a # after the name of the decive, i.e router#. Type in Show ver and depress enter you will get back a list of stuff but the most important is the code version will be toward the top and be listed something like 2610-K9OY6-M or something of the such. The K9 is the give away, if you see K9 it has a crypto code set installed. When you get a chance to check the code get back to us and we can check into that particular version of code for you.
  petersung

    petersung LI Guru Member

    Thanks for your quick reply!
    Here is the output, I did not see K9 in it..

    Cisco2620#show ver
    Cisco Internetwork Operating System Software
    IOS (tm) C2600 Software (C2600-I-M), Version 12.0(5)XK1, EARLY DEPLOYMENT RELEAS
    E SOFTWARE (fc1)
    TAC:Home:SW:IOS:Specials for info
    Copyright (c) 1986-1999 by cisco Systems, Inc.
    Compiled Tue 14-Sep-99 15:53 by jjgreen
    Image text-base: 0x80008088, data-base: 0x8073CEEC

    ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
    ROM: C2600 Software (C2600-I-M), Version 12.0(5)XK1, EARLY DEPLOYMENT RELEASE SO
    FTWARE (fc1)

    Cisco2620 uptime is 1 week, 1 day, 4 hours, 24 minutes
    System returned to ROM by power-on
    System image file is "flash:c2600-i-mz.120-5.XK1.bin"

    cisco 2620 (MPC860) processor (revision 0x102) with 20480K/4096K bytes of memory
    Processor board ID JAB033801W9 (1588470289)
    M860 processor: part number 0, mask 49
    Bridging software.
    X.25 software, Version 3.0.0.
    Primary Rate ISDN software, Version 1.1.
    1 Ethernet/IEEE 802.3 interface(s)
    1 FastEthernet/IEEE 802.3 interface(s)
    1 Serial network interface(s)
    2 Channelized T1/PRI port(s)
    32K bytes of non-volatile configuration memory.
    8192K bytes of processor board System flash (Read/Write)

    Configuration register is 0x2102

    What do you think?

    Thanks!!! :thumbup:

  petersung

    petersung LI Guru Member

    Do I even need the Cisco? Can I replace Cisco with RV042 all together? The T1 uses a RJ45, would connect that to WAN1 on RV042 be ok?


  ifican

    ifican Network Guru Member

    Ok the cisco router in question does not do encryption itself, but all that means is that you cannot terminate a vpn on the router, it should however pass the traffic. Are you trying to use the router as a vpn or are you trying to get a client behind the cisco router to connect to the linksys router. Also no you dont need the cisco router, however if you were going to take it out of play you would need a csu/dsu that is compatable with the isp there and then you can connect the csu/dsu to the linksys router. Also just so we keep things straight, yes the connection looks like an rj45 its actually an rj48 which is pinned out differently.
  petersung

    petersung LI Guru Member


    Thanks for the info. So bottom line...

    Internet ==> Cisco ==> Linksys RV042 ==> Network

    I have to find someone to program the Cisco to pass the VPN traffic to the Linksys which is behind the Cisco. From the Easy VPN Client, the port I should pass along is 443 and 60443? Does that mean I don't need an static external IP for the linksys since all traffic still going thru Cisco which has a static IP?
    If I want to make a bit complicated by making it gateway to gateway from Office to Home. Would the same port forwarding/traffic forwarding work?
    Sorry if the question sounded dumb... but I am a newb.. :)
    Thanks again for your help! You have been great!

  ifican

    ifican Network Guru Member

    The router will inherently pass all the traffic by default, the only thing you would need to be concerned with is if there is an ACL (access-list) in place that might block the traffic in question. As far as Quickvpn goes thats a good question, i have been trying to figure out what ports it uses myself. I do know it uses 443 or 60443 initially then the ESP packets are sent via port 4500 udp i believe. Hopefully some quickvpn master (DocLarge) can answer this one. Also if you want to send me your router config (off line of course) i will be happy to look at it for you. Oh and if you are going gateway to gateway you will not need to forward anything for the tunnel as it will be terminating on each gateway device.
  kspare

    kspare Computer Guy Staff Member Member

    The cisco router can definitly terminate a vpn tunnel.

    First you need to get an ios that will support ipsec tunnels on the cisco router.

    Then you can search on the cisco website for topics on doing ipsec tunnels and go from there.

    Depending on the ios you may need to purchase a license for an upgraded ios that will support tunnels and go from there. If you can't get your hands on an upgraded ios, you maybe better off to just put a rv042 in front of the 2610 router and run it like that instead. Honestly if you have no cisco experience that would probably be easier anyway as a cisco router can get a little technical.

    Hope that helps a bit.
