Discussion in 'Cisco Small Business Routers and VPN Solutions' started by chuckcsi, Sep 5, 2006.

  1. chuckcsi

    chuckcsi LI Guru Member

    We have a LAN setup on a mobile truck we access internet through satellite. We need to setup a VPN with 9 EDJE playback units behind the VPN so we can access remotely. Have tried with 3com VPN and have failed, we have a static IP address on the modem. What Linksys unit should we purchase and what would be the setup procedures.
  2. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    I have several dozen RV082 and RV016 units out in the field...I access them through their PPTP VPN server...works great.

    However...satellite...higher latency...VPN can get odd as latency increases. Tough to say...add to that...I bet it changes IP address quite frequently too.

    I wonder what would be more tolerant of such a rubber band setup..IPSec or PPTP.
  3. DocLarge

    DocLarge Super Moderator Staff Member Member

    You'd probably want to go with a device that has a good track record for vpn at the moment; the RV042/RV082 units would be a good choice until the firmware for the WRV200/RVS4000/RVL200 line is a little more stable.

    The WRV54G running firmware 2.37.13, 2.38, and 2.38.6 is solid with its intel IXP425 processor is a "monster," I might add:


    I'm assuming you guys are talking "router-to-router" or is it "client-to-router?"

    If you're talking "router-to-router," here's a tutorial I put together using the WRV54G:


    I'll probably have to make some new ones showing client connections...

    If I neglected to mentiong, the SMCBR14VPN router (they don't sell the SMCBR18VPN anymore) is also a solid choice should you not want to go with Linksys routers. The SMCBRXXVPN line has been phased out, but again, you can find the SMCBR14VPN at some online stores:


    It's cheaper at Amazon:


  4. askywalker

    askywalker LI Guru Member

    doc - thanks for the link - that was an interesting article.

    I have the wrv56g running on 2.39.2. Should I change to 2.37.13, 2.38, or 2.38.6? I need to manually reset the tunnel (it tunnels to a monowall at my office) anytime there is a power problem or reset at the office, but otherwise it seems fairly stable.
  5. chuckcsi

    chuckcsi LI Guru Member

    We ahve had Hughes set the modem with a static IP address. Our problem has been when we get to the 3COM VPN we can't get passed to the units behindit. We have tried to configure it with a NAT setup but we keep running into the same problem. The 3COM device is a VPN Firewall 3CSBCFS.

    Their techical support is terrible so that is why we feel Linksys might have the better solution. WE are considering the RV016 as recommended in some of the ffedback your thoughts?
  6. DocLarge

    DocLarge Super Moderator Staff Member Member


    I have a couple of WRV54G's that have been running on 2.37.13 for 18 months and they "always" bounce back from power outages and ISP refreshes of ip addresses. I'll get with Toxic and see about putting it in the downloads section if you're interested in trying it...


    I can't really give you any comments on the RV016 being I'm not an RV0xx user. Stonecat would be more "in-the-know" on that particular line, but as far as I've heard, they (RV0xx series) don't disappoint.

  7. chuckcsi

    chuckcsi LI Guru Member

    Do you have a recommendation for either the RV042 or RV082, any significant difference other than ports or any diffence in the setup. Should they bbe set up in NAT mode 1 to many or in another mode
  8. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    THe 042 has 1/2 the CPU power, and a little less RAM I believe. For a single user node like you have...I wouldn't let that be a concern.

    The 082 and 016 models seem to get more attention when it comes to firmware updates..the little 042 often getting it later on. It recently only got the addition of PPTP VPN support..and from what I've read here...I'm not sure it's running as smoothly as the big brothers yet. I've not worked with the 042...it had a shakey start, so I've just stayed away from it..to be fair, seems to be settled down now. Realizing price is a concern here.

    What is your setup? I'm not clear on how you wish to implement the VPN...do you want a full time 24x7 connection between the routers? So you're (at mothership) in constant connection with the roaming truck?

    Or does your truck need to VPN to "mothership" at the end of each day to data exchange or upload something?

    Or do you, sitting at mothership, want to just VPN to the truck to grab data...then log out?

    I will say one thing, this stems from a problem I had last week....is that VPN tunnels do not like high latency...especially IPSec. A satellite connettion on the truck...you're going to have something like 150ms added to the normal times. I'm curious in exploring what it is you need to actually do here..software wise, and if there's possibly a better means of doing it.
  9. chuckcsi

    chuckcsi LI Guru Member

    To answer your question we are using it to connect to the truck when they reach each location to monitor the devices and also upload video or text files. These units are EDJE 1013 video playback units with the ability to have individual IP local addresses, the VPN is simply our tunnel to the 9 units connected to the switch. Essentially once connected to one of the units we can monitor its operation and make changes to the programming. The truck is a mobile display that travels from Race event to race event, so the only access we have is during the time they setup at a location.

    Can we setup the 042 in PPTP mode or do we need to go to the 082.

    We are trying to order today as we need to do maintenace on truck next Wednesday in PA.
  10. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    OK so you're just connecting part time? You don't need a full time connection..just a brief connection to view something?

    I'm trying to picture your setup....I've done a few video vid came setups, say with Linksys or Intellinet cameras, I usually just do port forwarding on the router to the camera, on a custom port like 88 or something. Then...from anywhere across the internet, just point your web browser to the WAN IP address:88 or the dynamic dns hostname:88 and you can log into the camera and view it.

    Or like a friend of mine does...he manages security cameras for businesses..has a bunch of them setup. I built a pretty cool workstation for him at his office...he runs a centralized webcam management system called Go1984 http://www.logiware.de/
    You can Google go1984 and be directed to many sites that have free trial downloads. This software reaches out to all his cameras that he manages (many of them)...and keeps in constant touch with them...so he can view anything from his office. The intellinet cameras are IP based..on networks with more than one camera, we set them on unique LAN IPs..each on a different port..and do the port forwarding on the router to each internal port.

    So...the reason I went off on a tangent here..I'm wondering "why bother with the complication of a VPN..when port forwarding will do", tied in with a dynamic dns service if needed. Remove the chance of satellite latency screwing with any VPN.

    Yes the RV042 does PPTP VPN, it was added rather recently, not sure how 100% bulletproof it is compared to the PPTP VPN on the 082 and 016 models, which have had more time to mature their firmware.
  11. chuckcsi

    chuckcsi LI Guru Member

    Port Forwarding

    Our problem seems to be the modem will not support port forwarding. I would be interested in your thoughts on how to get around the problem. Instead of the VPN are you suggesting a router with port forwrding ability?
