WRV54G VPN grief

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by dharrison10, May 17, 2006.

  1. dharrison10

    dharrison10 LI Guru Member

    I must agree with DocLarge and others regarding the performance of the WRV54G.
    My problems started when I tried using QuickVPN to connect my WRT54G at home with my WRV54G at work. The client reported a successful connection, but I could not ping from one private network to the other.
    That's when I decided to replace my home router with an identical WRV54G, running the same (v2.37) firmware. I simply could not set up a tunnel between the two locations.
    I finally decided to upgrade the firmware to v2.38.6 at both ends.
    To make along story short, I finally managed to bring up a tunnel. However, I had to set both ends to Main mode, which means the tunnel will come down when my home (dynamic) address changes.
    I simply could not make the tunnel work with the static side set to Aggressive mode.
    The funny thing is that the router at work has two working tunnels, one to a SoniWALL in Main mode and the other to a BEFSX41 in Aggressive mode.
    Why won't the two identical routers play nice? I give up.
    Any ideas?
  2. TazUk

    TazUk Network Guru Member

    I don't see how using aggressive mode would help if you're using a dynamic IP :unsure:
  3. DocLarge

    DocLarge Super Moderator Staff Member Member

    It's best to put leave them both on "main" mode and get yourself a dynamic ip address from www.dyndns.org.

    This is just another sign of finnicky software/hardware programming from Linksys. Overall, the tunnels should be fine with dynamic dns accounts for both if necessary :)

  4. dharrison10

    dharrison10 LI Guru Member

    Hello Taz & Doc

    I changed the Remote Secure Gateway setting to 'Any' on the static side and left both ends in Main Mode and this worked.
    I have to say that my understanding of some concepts is still shaky and playing with different hardware added to the confusion, since I mistakingly thought the static side had to use aggressive mode to connect to a dynamic host.
    My problem now is that I lost a tunnel from the office to another remote after the firmware upgrade and even creating a new tunnel doesn't work.
    Thanks very much for your input.
  5. DocLarge

    DocLarge Super Moderator Staff Member Member

    Your best bet is to "get off" of 2.37 and use the firmware versions 2.37.13, 2.38.6, or 2.39. Firmware 2.37 is "no--damn--good" and that's the best way to explain it :)

    Make sure all of your routers have the same version just so you have a baseline to gauge any strange behavior on your network.

  6. TazUk

    TazUk Network Guru Member

    Actually I'd advise against 2.39.0 and recommend 2.39.2 instead ;)
  7. dharrison10

    dharrison10 LI Guru Member

    Hi DocLarge

    I have version 2.38.6 (downloaded from this site) on both routers.
    Where can I get version 2.39?
    All of the tunnels seem to be up, with one exception: I can ping all devices behind the SonicWALL from the WRV54G, but I can only ping the WRV54G LAN interface in the other direction (i.e, but not a PC on The PC is pointing to .254 as its gateway.
    Thanks for all your help.
  8. DocLarge

    DocLarge Super Moderator Staff Member Member

    As a golden rule, check and see if you have a firewall up. If so, you'll need to add the computer you are "pinging from" to the exceptions list of the computer you're trying to ping on the distant end.

    Try that...

