RV082 VPN Issues

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by Digilog, Dec 23, 2005.

  1. Digilog

    Digilog Network Guru Member

    Hey I am new to this forum and am having some VPN issues with an RV082.

    I can connect two RV082 together and use a tunell with out any problems but trying to get client software to conenct seems to be either impossible or not in my technical ability (Have not set up a VPN before this RV082).

    Here are my problems

    I had the PPTP Server setup with users and IP range etc. User could connect and access network resources and everything seemed to be peachy until one day the RV082 started to assign a Subnet mask of to my clients for no apperant reason which of course limits network access and ppl cannot access resources etc.

    So I called Linksys tech support and they say well you should not be getting a subnet oh (gee ya think) They tried to tell my internal DHCP server on my network as assigning that subnet to my VPN client...

    I called again for another tech support agent and they said there is no PPTP on the RV082...

    I called again and got a tech who said it is only a VPN passthough router and I have to have a VPN server on my network for clients to connect to...

    Next tech told me PPTP does not work, I am to configure a Client to Gateway tunnel

    Here are my setting can you let me know if and where I went wrong?

    Local Group Setup
    Local Security Gateway Type: IP Only
    My External IP Addy
    Local Security Group Type: Subnet
    IP Address: (My Internal network is 192.168.10.x I assume this the correct setting?)
    Subnet: (My internal subnet is although the RV082 is set to as my subnet is not an option)

    Remote Client Setup
    Remote Client: IP Only
    IP Address:

    IPSec Setup
    Keying Mode: IKE /w Preshared
    Phase1 : Group1
    Phase1 Encyption: DES
    Phase1 Auth: MD5
    Phase1 SA 28800
    Phased Forward Sec Checked

    All of Phase 2 is the same except SA which is 3600
    And I have my Preshared Key

    Then they told me to create users under VPN Client Access

    Which I did.

    I am unbale to connect with either the latest Quick VPN client or the Microsoft Client.

    Any help would be greatly appreciated
  2. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    Wow...first, I'd love to laugh out loud right in the face of those "tech support" people who said the RV082 doesn't support PPTP, doesn't have PPTP, or just acts as PPTP passthrough. WOW! :thumbdown:

    I'm in shock. :rofl: I deal with Linksys VAR support, which is great, it's a shame they appear to ship business grade product support to the first level support troops that normally just deal with their 65 dollar home router issues. Matter of fact, I'm going to write my VAR rep and comment on that. IMO, business grade products should have a higher level of support over basic home products.

    OK, lets start with some basics first.....just because we don't know what settings have been fiddled with. I'd do a reset to factory defaults...then make sure your firmware is the latest official, is the latest public release I'm aware of.

    Now I have a fleet of the RV0 routers out there and in most of them I have setup the PPTP server, and I've found it bulletproof. With the basics, the network you are dialing inTO, is on a different IP range than the network that the person is dialing in FROM? Meaning, lets say your network at the office is on the default 192.168.1.XXX network...you should not have users dialing in home networks that are also 192.168.1.XXX...they should be different, such as 192.168.0.XXX or 10.0.0.XXX or 192.168.3.XXX, etc.

    A couple of years ago, due the VPN'ing in from home becoming popular, I starting building clients business networks on different, non-default IP ranges, such as 192.168.11.XXX...basically something different from 192.168.0.XXX or 192.168.1.XXX...because so many home users have routers now. Easier to build then business network different in the first place than try to go and adjust each home users network.

    A DHCP server on the network should have no bearing on your VPN clients. Any business network I build, I always have the DC run DHCP for the network, not the router. I've not had any interference from this.

    I also always make rule to have broadband modems, routers, and switches plugged into an APC battery backup unit. Keeping smooth consistant power seems to keep any "issues" to a minimum for me..as some power dips or spikes can "scramble" a router a little bit, causing the need for constant power cycling and compliants.
  3. Digilog

    Digilog Network Guru Member

    The tech support really is a joke I spend all kinds of time on hold while the "tech" goes an talks to somebody else and comes back and tries to resolve my issues.... Some of them can connect to my remote management to see what I am talking about others say there firewall prevents it from happening... The online support is no better everytime I am on with them they just stop responding to me once they realize they don't know how to solve my problem. I am totaly frustrated with them.

    But get this some of them may have been parshaly right, i have an RV016 I was testing with and there is no PPTP server option... the link is just not there on the VPN page.

    Anyway I was able to get some time to connect from offsite and found the issue I am having is somewhat different than what my manager discribed.

    He told me the netmask of fromt he PPTP server was preventing him from accessing resources on the network, this is not exactly the case.

    I was able to connect with the Quick conect client to an IPsec tunnel but I could not get access to any resources and was only able to ping the RV082's internal address but other network resource.

    I connected with the microsoft client to the RV082 PPTP server and I did get a IP of and netmask of

    I can ping the servers I need to get access to, and I can browse to \\192.168.10.x however I cannot access any resources, Windows asks me for my domain user and password which I input and I can map a drive but I cannot actually view the contents of a mapped drive if I ty to conenct to a server share without a mapping i.e. \\192.168.10.x\sharename I have the same issue, it asks for user and pass but then does not show me any contents of the share (no it is not a windows permission issue as I am loggin' in as the administrator).

    Any insight into my issue would most appreciated and thanks for the above response :)


    Edit: Yes I am running on firmware Ver
  4. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    The RV016 didn't have PPTP support in the firmware until later revisions of the firmware, I remember installing one at a client last spring, it didn't have it as I was told they did (up til then I'd only installed RV082 models)...the publically available firmware didn't not have it yet, but Cisco sent me some beta firmware which did..I just RD'd into my client, their RV016 is running 2.0.6 firmware which has the PPTP VPN support. I haven't peeked at what version is publically available yet. If you would like the 2.0.6 I can send it to ya. But that was quite a while ago, I'd imagine it should be available now.

    File and print sharing is set as an exception in the WinXP firewall? Remote Desktop?

    Lets skip the file sharing for now, can you connect to the server or any workstations using remote desktop? Or something else like VNC or PcAnywhere?

    Can you ping a LAN IP and get replies?

    BTW, I get the snm.

    When you connect, and you get the challenge, you enter domainname\username, then password?

    I'm trying to think of anything I have different on my setups, on my clients routers, I only have PPTP users setup, nobody entered in the VPN Client part for the QuickVPN. In the VPN passthrough I have all 3x allowed. UPnP is enabled. I always specify MTU manually...oh yeah, that's one thing I've noticed. If you're on cable...and you leave MTU set to detect, I've noticed it often sets itself to 576...so set it manually to 1500 if on cable or bridged DSL, 1492 for PPPoE DSL.
  5. Digilog

    Digilog Network Guru Member

    I do get the challange and I input domain\user and pasword.

    I have not tried Remoted Desktop over the VPN yet (nor PCA or VNC)

    I will give that a try at lunch today (have to go to my home office as I cannot connect from inside this network out to the VPN and back in).

    I can connect RDP to another server of mine and VPN in but as soon as I do that I lose my RDP connection becuse of the tunnel and I cannot check resources etc.

    I can ping LAN IP's if I connect to the PPTP server with the MS Client but not with IPSec and Quick VPN.

    Good to know the snm is OK it just seemed really strange and no one at Linksys tech support seemed to understand what I was talking about.

    Thanks again for all your help so far.


    Edit: When I connect I have the windows firewall off, however my dsl modem at hime has a built in router which I cannot disable, I can see if I can get my hands on a modem without the firewall built in. Are there ports I should be forwarding to my client PC to allow for the VPN, I read double nat can cause an issue but I only have the one NAT router.
  6. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    On your existing modem/router...you do not need to open or forward any ports. You only need to make sure that it will allow VPN traffic to pass through unmolested...with most routers these days do without any problems. There will often be a checkbox for IPSec Passthrough, and PPTP passthrough. That means it allows that traffic to pass through without dealing with NAT...it kind of separates that traffic and handles it a special way.

    Since Remote Desktop has come out....I find it satisfies my needs in just about all cases.

    I've not found the Windows firewall to get in the way of anything like that. On or off, hasn't bothered me.

    You say your modem....has a built in firewall which you cannot disable, and I'm assuming you're also using another router? Lets get clear on this. What type of modem/router from your ISP?
  7. Digilog

    Digilog Network Guru Member

    The modem/router is supplied by my ISP which is Sympatico (Bell Canada). It is an Efficient Networks, Speedstream Modem/Router. Not sure on the exact model number (Will check it at lunch). No I am not using another router from my home office as I "dislike" double nat.

    I have a Dlink VOIP gateway/router again not positive on the model but it is not infront of network I have it and the rest of my network behind the Efficient Networks Speedstream.

    Just to make it easy to explaine

    CAT5 from Modem/Router(DHCP Enabled but my PC is on a static IP outside of the dynamic range) to 16 Port 10/100 Switch CAT5 to all workstations at home and CAT5 to VOIP box, which is Not assigning DHCP.
  8. Digilog

    Digilog Network Guru Member

    The DSL Modem is an Efficient Networks SPEEDSTREAM 6300 DSL Wireless Gateway

    There is nowhere to set passthough for PPTP or IPSec

    I connected to the VPN at heom here and I was able to access a share, for a short period of time, just long enouigh to view one folder then it seemed to lockup my browsing.

    I connected via RDP and it loaded the BG image (The fact there is a BG image is a differnt storyt altogether I turned off back grounds in TS proporties and removed it from the local users but it still shows one on connection) partially, it never finished loading far enough for me to see the login dialog box, then I get a message there was a communication issue and TS Client closes.


  9. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    OK so just that one Efficient modem/gateway at home, and at the office you have____? Just to make sure nothing double-NAT'ing at the office. What type of connection at the office?

    Any firwware updates for your Efficient unit at home?
  10. Digilog

    Digilog Network Guru Member

    The DSL connection at my clients head office is through a standard DSL modem (mine actually, we traded so they would not be double NATing).

    Its is also an efficient networks but strictly a modem no firewall or router.

    There are no firmware updates available I am aware of it has a proprietary Bell Firmware installed on it.

    From what I can see it is made by Siemens

    There does not seem to be any kind of firmware update on the site for this router.

    I was just searching the Sympatico site (useless) www.sympatico.ca and was redirected to Bell and I have DL'd a firmware which I will try next time I get home... its designed for Users and not descriptive as to the features it may provide, guess I will have to see.

    Thanks for all your help so far.

  11. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    I'm hesitant in any suggestions to try new firmware yourself, since you say the ISP provided it...it may fall under CPE rules (customer premise equipment)....

    Perhaps a call to them to ask about if they can confirm that PPTP/IPSec passthrough is enabled.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice