Cisco Routers :: WRVS4400N Connecting To ASA 5540 IPSec L2L?
May 15, 2013
I have a remote WRVS4400N that has a dynamic outside address that's initiating a connection to a ASA 5540 with a static address.
I'm all set on the ASA side. My questions relate to the 4400N. It doesn't appear to have a very robust configuration/setup available for L2L tunnels. For one my encryption is limited to 3DES.
But I'm wondering if I'm missing something in the config. I have to set up L2L tunnels to two other firewalls. One firewall has 3 discontiguous networks, and the other has 2. I have 5 tunnels setup, is this the only way? What I would like to see is 2 tunnels, one for each remote firewall, but then each tunnel would have access to the appropriate networks (like on the ASA side), is there anyway to do this? Perhaps a command line util for this unit?
My other issue relates to the tunnel-groups I have set up on my ASA's, and I would like to use appropriate names...however I can't seem to find a way to enable this to happen on the 4400N side....what I mean is I need a way to create either a "keyword identifier" or a "firewall identifier" on the 4400N and I don't see an appropriate field in the web interface.
View 3 Replies
ADVERTISEMENT
Oct 11, 2009
WRVS4400N Version V2.0.0.7.I have been attempting for weeks to connect an IPSEC tunnel between a Cisco ASA 5510 Version 8.0(2) and a WRVS4400N . Phase one seems connect okay, where as phase two always give me the errors below. This as far as I have got, I tried disabling keep alive monitor, the device never attempted phase 2. I have read endless documentation on both devices and tried almost every combination of setting that I am aware of. The best case scenario answer would be detailed steps on how to setup the IPSEC VPN (linksys) & the site to site VPN (CISCO) as I cannot find any reference material for this combination .
View 6 Replies
View Related
Oct 17, 2012
i have a WRVS4400N Router and behind that router i am running a OPENSWAN Server. I know that the WRVS4400N has a VPN Service on board, but for specific reasons i'd like to use my own ipsec server.
The problem is that i cannot forward the IPSEC Paketes (4500 and 500) coming from the internet interface to the LAN. All other port forwardings like SSH works. I think the reason is that the IPSEC Services (Pluto, etc.) are already running on the router and therefore the pakets cannot be forwarded. The log shows all forwarded port (e.g. SSH) but does not show any IPSEC traffic.
I'd like to turn off the VPN Service on the router, but I cannot find any configuration switch that allow my to do so.
View 1 Replies
View Related
Jan 31, 2012
I'm trying to find a reference for how many IPSEC tunnels the WRVS4400N can passthrough.
View 0 Replies
View Related
Oct 7, 2011
I have a WRVS4400N, and need to apply access control to an IPSec tunnel that terminates at a client site, but can't seem to make the device comply.
I can configure ACLs on their device for the LAN to restrict packets coming back into my network, and can restrict packets outbound frm my LAN but that is hardly a secure method of doing this in my opinion.
View 1 Replies
View Related
Oct 15, 2011
I'm having a heck of a time connecting the WRVS4400N VPN to another WRVS4400N VPN. both of the routers have the current firmware version V2.0.2.1: Router 1 is below, and router 2 has the matching configuration with as it should be the local group being that routers local information and the remote crew set up being router ones information. the status is up on both of the routers, but I'm unable to ping the remote gateway or any device behind it.[code]
View 5 Replies
View Related
Jan 20, 2012
I put just got a wrvs 4400N and when I replaced my old linksys router I can't access my network computers anymore. I'm I missing something or do I need to do some kind of setup?
View 3 Replies
View Related
Feb 9, 2012
I want to buy a WRVS4400N, but I need to know something before.
The router will serve as an access point for 10 wireless station, 6 of them will run over Terminal server, the router will also serve 20 computer for the internet, so I want to Link aggregate the four LAN port to my swtich, I know how to do it on my Dell Powerconnect, but I want to know if the WRVS4400N will support it, there will be a lot of traffic going through the router so linking the 4 port in LAG mode to my Powerconnect swicth will speed up the communication !
View 4 Replies
View Related
May 3, 2011
I need to configure multicast between 2 Csico 5540's lan to lan ipsec tunnel for a Voip application.
View 2 Replies
View Related
Feb 6, 2011
I'm trying to set up remote access IPsec VPN on a pair of ASA 5540 without much success. I can connect with a client on the outside, and when I try to ping something on the inside I can see the ping requests reach the target but the answers don't come back to the VPN client. I've tried with different NAT rules without success.
View 3 Replies
View Related
May 15, 2013
We are planning to use an ASA 5540 to terminate about 3000 IPSec connections. The maximum supported IPsec VPN Peers for this platform ist 5000, so this should be ok in theory.
What is a bit unclear to me is what exactly happens when (for whatever reason) all 3000 clients try to connect at once ? Perhaps it's not at once but depending on timers this could mean 3000 incoming IPsec connection within 10-20 seconds.
Will the the ASA cope with it ? I can't find any info regarding this on CCO. It's also not that easy to test/simulate.
View 2 Replies
View Related
Sep 11, 2011
I need some clarification with configuring my ASA 5540 with IOS 8.3x for remote client certificate authentication.
I have my root certificate from the Microsoft CA but not quite sure if the outlined steps in the Cisco websites below are exactly what I need since the firewall seems to be generating the certificate to be used. [URL].
My setup is such that the CA will issue certificates to the remote clients and to the ASA firewall, and the remote clients will authenticate and connect with their certificates which the firewall constantly updates using the CRL update from the CA. The dhcp pool is to be issued by the domain controller on the inside network and not on the firewall. Any examples or best practice steps to achieve this.
View 8 Replies
View Related
May 31, 2012
This has to be the most weirdest issue I have seen since the past year on my ASA. I have an ASA 5540 running the 8.4(2) code without any issues until I stumbled upon this problem last week and I have spent sleepless nights with no resolution! So, take a deep breath and here is a brief description of my setup and the problem:
A Simple IPSEC tunnel between my ASA 5540 8.4(2) and a Juniper SSG 140 screen OS 6.3.0r9.0(route based VPN)
The tunnel comes up without any issues but the ASA refuses to encrypt the traffic but decrypts it with GLORY! below are some debug outputs, show outputs and a packet tracer output which also has an explanation of my WEIRD NAT issue:
My setup - ( I wont get into the tunnel encryption details as my tunnel negotiations are **** perfect and comes up right off the bat when the ASA is configured as answer only)
CISCO ASA - IPSec networking details
LOCAL NETWORK - 10.2.4.0/28
REMOTE NETWORK - 192.168.171.8/32
JUNIPER SSG 140 - IPSec networking details
PROXY ID: LOCAL NETWORK - 192.168.171.8/32
REMOTE NETWORK - 10.2.4.0/28
HOST NAME# sh cry ipsec sa peer <JUNIPER SSG PEER>
peer address: <JUNIPER SSG PEER>
[code]...
As you can see, there is no echo reply packet at all as the packet is not being encapsulated while it is being sent back. I have been going mad with this. Also, this is a live production multi tenant firewall with no issues at all apart from this ****** ip sec tunnel to a juniper!!
Also, the 192.168.10.0/24 is another IP Sec tunnel remote network to this 10.2.4.0/28 network and this IP SEC tunnel has a similar Juniper SSG 140 screen os 6.3.0r9.0 at the remote end and this woks like a charm without any issues, but the 171 is not being encrypted by the ASA at all.
View 2 Replies
View Related
Dec 15, 2011
All of my remote sites use various routers to route all of their traffic via IPsec. However, I have one WRVS4400N w/firmware 2.0.2.1 configured with a working tunnel. My issue is I need to set the Remote Group to 0.0.0.0 0.0.0.0 so all traffic is forced via IPsec tunnel and not out the local gateway. When I do the error, Remote Security Group and Local Security Group cannot be in the same network. However, it works with Cisco/Linksys RV042.
View 3 Replies
View Related
Sep 5, 2011
I have setup a ISA2006 as Internet firewall, and use 4400N as VPN Client, connect to ISA2006 via IPSec VPN, but it did not work.
Network topological as below:
Internet <------------> ISA2006 <-------------------------> local1 <------------>local2 <--------------------> WRVS4400N <----------> PC
Static Internet IP | 192.168.112.25 192.168.112.0/255 | 192.168.114.0/255
[Code]......
View 1 Replies
View Related
Apr 29, 2013
I tried any type of combination and just couldn't make it works. Only PPTP works well. Whether Apple iOS IPSec VPN is supported or not?
View 11 Replies
View Related
Nov 1, 2011
I am having issues getting my ASA 5540 at site A, to pass TFTP and SYSLOG from itself across the IPSEC tunnel to our SYSMON servers (Syslog and TFTP) that live at site B. I have followed the suggestions of other threads and I am still not getting anywhere. Here is a quick topology diagram.
View 6 Replies
View Related
Oct 30, 2010
WRVS4400N v2.0 2.0.0.8
QuickVPN 1.4.1.2
Vista Home Premium SP2 64-bit
Trying to connect from laptop through an AP to my WRVS4400N via VPN. Not having much luck...I get to "Activating Policy..." and then "Connection Error".I like this router thus far, I have been able to set up multiple BSSIDs and VLANs which has been very useful.
View 6 Replies
View Related
Feb 10, 2012
The router will serve as an access point for 10 wireless station, 6 of them will run over Terminal server, the router will also serve 20 computer for the internet, so I want to Link aggregate the four LAN port to my swtich, I know how to do it on my Dell Powerconnect, but I want to know if the WRVS4400N will support it, there will be a lot of traffic going through the router so linking the 4 port in LAG mode to my Powerconnect swicth will speed up the communication
View 1 Replies
View Related
Jan 29, 2012
Just bought 3 WRVS4400N, I wanted to setup gateway to gateway VPN. I followed the instructions on the WRVS4400N admin guide and VPN does not connect. I also downloaded the VPN setup wizard and that also did get the gateway connected. Everything seems to be correct. Do I have to enable anything else? Firewall setting?
Below is my config.
IPSec VPN Tunnel: Enabled
Tunnel Name: TUN01
Local Security gateway: IP only
WAN1 IP: 192.168.100.1
SUBNET: 255.255.255.0
Local Security type: subnet
LOCAL IP: 10.10.10.1
SUBNET: 255.255.255.0
[code]....
View 1 Replies
View Related
Mar 2, 2012
I am having all sorts of trouble connecting a Cisco RVS4000 to a Cisco ASA5505 over IPSec... I have used the "site to site" vpn wizard, I have a fress "factory reset" on my asa 5505...
View 11 Replies
View Related
Jul 5, 2011
Right out of the box, the WRVS4400N [firmware v2.0.1.3] I just purchased says the WAN interface is DOWN; and it simply will not obtain an IP address from the Arris TM602G cable modem it is attached to. Internet still runs great on the old WRT54G. Is this WRVS4400 DOA? Or is there some arcane setting the quickstart guide overlooks? OR?
View 2 Replies
View Related
Dec 7, 2011
I'll just use the 4400n to provide DHCP to my two VLANs and then a new problem cropped up. I am unable to add a default route to the 4400n's DHCP server. It uses the 4400n's vlan IP as the default route. What I'm trying to ultimately achieve is to configure the 4400n as an access point for our "private" network on vlan1 and also "guest" access to the internet on vlan2.
View 12 Replies
View Related
Mar 3, 2013
I'm having problems trying to establish a IP Sec tunnel from the office to home. All of our machines are Macs so I have been using the directions described in "How to create an IP Sec tunnel for MAC Clients, A QVPN alternative" but I still can't get it to work. My setup is as follows:
The office is connected to the outside world through a MODEM (Sagemcom 2864 Connection Hub). This MODEM is also a wireless router. It's DHCP server provides addresses 192.168.2.x.The WRVS4400N's WAN port is connected to one of the LAN ports on the MODEM. It's IP address from the MODEM is 192.168.2.x. The WRVS4400N provides addresses 192.168.21.x to devices connected to it.We have a DynDNS account and are using the DDNS client on the WRVS4400N router to connect to it.At home, we have a DIR-655 router with IP Sec Passthru enabled. The router provides IP addresses 192.168.1.x for all devices connected to it. I am fairly sure there are no issues with the router setup at home since I am able to VPN into the office of my full-time job without any problems. I have tried just about everything I can think of but have not been able to get this to work. setting up the Local and Remote Group Settings on the WRVS4400N and the IP address settings in IP Securitas?
View 2 Replies
View Related
Sep 16, 2011
Ive setup a few WRVS4400N over the past 6 months, and have been receiving the below message from some of them every couple of hours.What does the message indicate?
View 1 Replies
View Related
Sep 15, 2012
I have successfully got QuickVPN working from Windows 7 64bit into my WRVS4400n. The router is sat behind another router/modem (Belkin) as the UK uses PPPoA and the WRVS4400n doesn't.So I set up DMZ and changed the DHCP to always allocate 10.x.x.2 on the Belkin which is the WAN side for the WRVS4400n as it is the only thing attached.I have now noticed, and I'm not sure whether it was the case before, that the DNS that the WRVS4400 is showing is the LAN address for the Belkin Modem/Router (10.x.x.1), not 192.x.x.1 for the WRVS4400n itself. I assumed setting the Static DNS 1 on the WRVS4400n would do it, but it didn't?When I connect into the network with QuickVPN, the computer names do not show even though I have selected the option in QuickVPN?
View 1 Replies
View Related
Aug 8, 2011
Our business was looking at purchasing one of these Cisco routers and were curious if it supported WPA2 EAP-TLS?
View 2 Replies
View Related
Jul 23, 2012
I have 2 WRVS4400N's available to be. One is running my network and security connected to my WAN.I want to use the other one stricly as a switch or even adding wireless repeat of my current wireless LAN.
View 1 Replies
View Related
Dec 16, 2012
Recently installed a WRVS4400N router on my home network. Prior to that I was using the wireless built into my FIOS router. I wanted something more secure so I went with the WRVS4400N. I turned off the FIOS wireless and am only using the cisco wireless.
Im having intermittent issues with the wireless. I have many things hooked up to my wireless including a HP printer and a Sonos system. Most of the time if I just open my ipad I cannot see anything else on my network including the printer. If I try to see the Sonos system can cannot, sometimes I can open the app on my iphone and then I can see it.
Sometimes I can see the printer and sometimes I cant. Sometimes when I do see it and then print to it, it will be gone before it even prints.
I don’t seem to have any issues thru the LAN connections.
Also, ive noticed that the wifi is much slower than the old FIOS box.
FYI, when I remove the cisco and fire back up the FIOS wifi I don’t have any problems at all at any time. And its much faster.
I have tried channel 6, 11 and auto. Also turned off IPC and still no change.
View 1 Replies
View Related
Aug 5, 2012
I have a gateway to gateway vpn (home-office) working fine for almost an year btw 2 wrvs4400n routers, This morning, the VPN tunnel was down. I clicked "Connect" from the web based interface, but it does not reconnect.
I tried setting up a new tunnel using the VPN setup wizard, but it says it can't connect to the remote router. Which is strange, since I can ping there normally.
View 2 Replies
View Related
Sep 13, 2012
We currently have 2 different ASA 5505 connect to our ASA5510. We want to VPN connect the 2 5505's to each other while still mantaining connection to our 5520. I have attached pdf of what we have. What we want is to connect traffic between the two 5505's so that devices in either location can talk to each other while still mantainig connection to the 5510.
View 13 Replies
View Related
Sep 13, 2012
We currently have 2 different ASA 5505 connect to our ASA5510. We want to VPN connect the 2 5505's to each other while still mantaining connection to our 5520. I have attached pdf of what we have. What we want is to connect traffic between the two 5505's so that devices in either location can talk to each other while still mantainig connection to the 5510.
View 1 Replies
View Related
Sep 30, 2011
The company I work for uses a Cisco ASA 5510 router. We currently have an IPsec VPN set up and useres connect through the Ciso VPN client using group authentication, then they are prompted for a username and password, and use the same username/password they log on to thier work computers with. Some of the users have recently got Samsung Galaxy 10.1 tablets and would like to connect to the VPN using those tablets, but I can't figure out how to get the tablets to work. I've tried the anyconnect app for the andriod market as well as creating a VPN connection from the Tablet's settings page, but no luck either way. Perhaps I'm not entering a setting right? Has any one had any luck getting andriod tablets to connect to a Cisoc VPN?
View 1 Replies
View Related
