Im having trouble with getting my VPN to work on my brand new WRVS4400N router. i cant find the solution to my problem, no matter how much i read about it.
WRVS4400N: Firmware Version: V22.214.171.124-ETSI
QuickVPN: Version: 126.96.36.199
The laptop im trying to connect to the gateway via VPN is a Windows 7 x64 HP Elitebook 8540p with a internal mobile broadband (HSPA+)So.The scenario is that i've installed the QuickVPN client on my Win7-machine without any trouble.I've created a user in the web-administration of the router.The router is configured to disable "Block WAN requests" in the firewall, apart from that the firewall is on.When trying to connect - with a valid certificate that i created, i get a error message after the dialog telling me "Verifying network":"The remote gateway is not responding. Do you want to wait?".
The log.txt tells me:
...2010/10/06 00:00:28 [STATUS]Verifying Network...2010/10/06 00:00:34 [WARNING]Failed to ping remote VPN Router!2010/10/06 00:00:37 [WARNING]Failed to ping remote VPN Router!2010/10/06 00:00:40 [WARNING]Failed to ping remote VPN Router!2010/10/06 00:00:43 [WARNING]Failed to ping remote VPN Router!2010/10/06 00:00:46 [WARNING]Failed to ping remote VPN Router!2010/10/06 00:00:49 [WARNING]Ping was blocked, which can be caused by an unexpected disconnect.2010/10/06 00:02:13 [STATUS]Disconnecting...
I'm running Cisco QuickVPN on a clients laptop (Windows 7). Windows firewall is disabled because McAfee SaaS is running.I sometimes have the issue that the initial connection attempt comes back with "Gateway not respoding" during the network verification process. You close the program, you open it again and it works. Sometimes it takes 2 or 3 tries. Today I have the issue that my client tried it like 20 times including several reboots and it's just not working. I tried it from my own computer and it connected fine on the 2nd try.I'm thinking that it might be time-out thing, that the VPN client doesn't receive a response fast enough? I know my clients home internet is darn slow.
I have been having some trouble with my internet for awhile now. It fine one second and than it will get really slow and eventually stop working. When I troubleshoot to see what the problem is it either gives me DNS server is not responding or default gateway is not available, sometimes it will give me both. It says it fixes the default gateway problem but it will show up again 5 minutes later.
Here is my ipconfig /all Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved.
I have router Linksys RV042 v1.2 with latest firmware Version: 1.3.13.02-tm. And I'm using QuickVPN v 188.8.131.52. I've setup VPN connection with values, below: But every time I'm trying to connect to router by VPN it always popup a window "Remote Gateway not responding".It occurs when I'm trying to connect to VPN behind other router, when I'm connected directly to Internet the connection is established.But I'm connecting to other networks using VPN and it's working properly (behind the same router), so I think it's problem with RV042 configuration but I don't now weher.
I am trying to install a Cisco VPN Router RV120W behind this router. I have setup the Cisco and can access the internet from the device. I also setup the Actiontec router with the DMZ host as the Cisco router. When I try to connect to the VPN tunnel however I connect but receive an "Gateway is not responding" error message after 30sec. Is there anything else I need to setup on the actiontec router to allow VPN passthough or something like that?
Actiontec Lan IP: 192.168.1.1 Cisco Wan IP: 192.168.1.2 Cisco Wan SN: 255.255.255.0 Cisco Wan Gateway: 192.168.1.1 Cisco WAN DNS: 192.168.1.1 184.108.40.206 Cisco Lan IP: 192.168.20.1
Edit: I have also tried this connection from a Windows 7 Pro with Firewall enabled and also Windows XP with the same error.
Quick VPN log:
2011/12/30 00:05:58 [STATUS]OS Version: Windows 7 2011/12/30 00:05:58 [STATUS]Windows Firewall Domain Profile Settings: ON 2011/12/30 00:05:58 [STATUS]Windows Firewall Private Profile Settings: ON 2011/12/30 00:05:58 [STATUS]Windows Firewall Private Profile Settings: ON 2011/12/30 00:06:10 [STATUS]OS Version: Windows 7 2011/12/30 00:06:10 [STATUS]Windows Firewall Domain Profile Settings: ON (code )
I have a RV180 router and i am trying to use the Quick VPN Client version 220.127.116.11. It works fine on my Windows 7 pc, and worked successfully once on the windows XP sp3 pc. But now the XP pc will not work.
What looks strange is in the VPN Client Connection Status on the router I see the status is Online, however the XP pc will not ping anything on the network or connect to the RDP pc i want. The QuickVPN Client hangs on "Verifying Network".
I tried the suggestions i saw online:
Disabling Firewall Enabling Firewall Making user name shorter Allowing for PING on WAN (replies all come back fast) Reboot Router Upgraded firmware to 18.104.22.168
I did not adjust the MTU rate as i was not sure what to change it too. AV is AVG 2012.
Router is a version 1.1 running with sw version V1.1.13-ETSI Quick VPN is sw version Ver 22.214.171.124
The issue is that I can't connect due to that i cant ping the internal IP, get this error message in the QVPN log [WARNING]Failed to ping remote VPN Router![URL]I have disable the "Block WAN Request" and it is possible to ping the router on the external site.So as I see it, the router blocks for ping on the internal IP via QVPN, what have I done wrong?
I've just set-up one of the RV220W VPN solutions. This worked fine for a while, but now it reports the remote gateway is not responding. Other clients can connect, but not the computer I'm using at home. Log file reports:
2011/08/31 21:10:31 [STATUS]Success to connect. 2011/08/31 21:10:31 [STATUS]Tunnel is configured. Ping test is about to start. 2011/08/31 21:10:31 [STATUS]Verifying Network... [code]...
I've tried the most common stuff. Enabling ICMP, checked that remote administration runs on port 443, changed MTU to 1400 manually, It allows fragmented packages too. Checked that IKE and IP Sec services are running. I've also tried both with windows firewall ON and OFF. A colleague of mine had the same problem in the same time frame as me, but after a while - he suddenly was able to connect. I still can't!!
We have 2 remote locations that are connecting to a server at our home location. Each remote computer uses quickvpn utility to establish a vpn with the home location. Our problem is that sometimes the vpn disconnects while we are working in remote desktop on server 2008. Luckily our sessions in remote desktop stay put but we lose the vpn connection. Most of the time we get a message that the remote gateway is not responding. Our dsl internet connection seems to work and we have previously had no trouble with connecting to the home location. We have 3 computers that connect simultaneously to the server at each remote location and sometimes one computer will stay connected while others disconnect.
i have a problem with ASA 5510 version 8.2(1),i have a mac os x 10.6.8 dns server when the asa is online and i want to use the internet my internet is very slaw it neede about 1.5 min to open yahoo.com and the asa log viewer shows too many drops, i have only the rule allow any tcp/udp domain.
Any one experience with this issue that cannot access to console port. USB serial cable and terminal server working fine with all other ASA 5510 except one of them. I rarely see the console and aux port failed to response.
I have ASA 5510 with CSC-SSM-10 .ASA 5510 IOS version- 8.4.2 and CSC-SSM-10 IOS version 6.6.1162.Web filtering is working fine with respective to my configuration.From yesterday morning, i was facing issue with the sites like gmail, webmail.After giving credentials like username and password in the web page, the page is not resonding.In troubleshooting process, i removed all the acls, class maps which will direct all the traffic towards the CSC. In this scenario all my mail service sites are opening.If we apply the these ACLs and Class-Maps, only my mail service sites only affecting.
I have an ASA-5510 in a location that loses connectivity to the wan gateway after anywhere from five to fifteen minutes. At first I thought that the unit might be defective, but I replaced it with an ASA-5505 with similar results. A reload of the ASA-5510 will restore connectivity for the next quarter hour.
Here's the version information on the 5510:
Cisco Adaptive Security Appliance Software Version 8.2(1) Device Manager Version 6.2(1) Compiled on Tue 05-May-09 22:45 by builders
We have two ASA5510s, each with outside interfaces to the same two ISPs (different IP addresses within the same subnet, of course). Both ASAs allow ICMP on all (inside and outside) interfaces. One ASA's default route is to ISP-1 and the other is to ISP-2. We can ping the default gateways for both ISPs from only one ASA. From the other ASA, we can only ping the default gateway for the default route but not the other. The pings originate from an inside client, first configured with the default gateway for ASA-1, then for ASA-2. Why does this happen, how do I troubleshoot something like this and how do I fix it?
We have a 3560 switch behind a ASA 5510 at a site that we are trying to access via telnet over the internet, we find out the switch does not have a default gateway configured. So I configure the following rule on the 5510: [code] Try accessing the switch, and all is good. One of our change control steps is to identify any others are connected to the device via: [code] I see the connection and show users command return 172.16.30.15, as expected. How is it possible that address can connect to that switch.
Switching out a 5510 as our primary firewall with a 5520. I've essentially copied the working config from the 5510, and put it on to the 5520, making small changes where necessary. Plug everything. I cannot get out to the internet.
-All interfaces have no shut on them -No machine can ping out to the internet gateway -All machines can ping out to the inside interface of the firewall -It's not a problem with the internet because I can take a laptop, enter in our outside interface information, plug it into the internet gateway, and I can get out to the internet just fine.
Two ASA-5510 in Failover.I already have several VPN with Cisco VPN client.Now I have the requirement to activate new AnyConnect VPN, witch "migrate" the old VPN to.The customer does not want to purchase licenses for SSL VPN, and then I have to configure the AnyConnect on IPSEC.I read that AnyConnect over IPSEC don't need SSL license - is this right?
Client version 2.5.3055.On the ASA with 8.4.2 (ASDM 6.4.7) I don't find HOW to configure the IPSEC for AnyConnect, while a friend of mine with 8.4.3 did it.Is there a way to configure using CLI, or is an item of the 8.4.2 ?When I try to connect, after authenticating Username & Password, I receive (on the client) a message "AnyConnect was not able to establish a connection to the specified secure gateway." On the "Real Time Log Viewer" I see only SSL, never IKE nor IPSEC
I run a cisco asa 5510 and I want to know how to configure the asa to let some of AAA users navigate through the remote gateway (with remote public ip).I've already configure ipsec, ssl group policy, and I know I can disable split tunneling. I do it but remote users (connected with ipsec vpn cisco client) could access remote LAN but when they try to navigate through internet, there's no ip connection.
Do I have to configure some NAT ? I've already configure some rules to let the vpn ip pool go to the internet.I just want my remote users to navigate on internet through the vpn tunnel and the remote gateway (the asa).Do I have to setup some proxy ?
I've got two RV082's connected. Each has a dynamic IP (changes typically every few weeks). I've configured the tunnels on both ends with a local and remote "Remote/Local Security Gateway Type" of "Dynamic IP + Domain Name(FQDN) Authentication".If I look at the VPN Summary tunnel status, it shows an IP address of "mydomain.dyndns.org 0.0.0.0" under the "Remote Gateway" column heading. The Tunnel Test "Connect" button is N/A.I can resolve both of the mydomain.dyndns.org entries on both sides of each VPN using the Diagnostic DNS lookup tool within each router. If I hardwire a fixed IP address for the Local and Remote Gateway everything works just fine. VPN is good.
I just can't seem to get the "mydomain.dyndns.org" function to work. It appears the router can't resolve the dynamic IP from the domain names on each of the routers.
I replace our aging rv082 routers with wireless rv220w routers. The gateway to gateway vpn works great, however I am no longer able to manage our print servers port 80 management page. I can ping any host with success, and I can manage hosts that have a port 10000 or 8000 web interface - but no port 80 ones... I had no issues when using the old rv082 routers...
I picked up a pair of RV220W's and before I spent loads of time at a remote site, I figured I'd go through some VPN testing at home to make sure I could get it setup properly. What this means is I've plugged the Internet uplink into a switch, then from the switch into both routers & configured them (using unique static IP's for each) from there. For what its worth: While I have some IT experience, I don't have strong networking experience.
I setup several VLAN's on the local RV220W, and the end result is to make it so that an asset at the remote site with an IP in any of the ranges (192.168.121.0/24, 192.168.131.0/24, 192.168.141.0/24 and any future VLANs) can communicate with/access resouces at the local site. Likewise, an asset at the local site with an IP in any of the ranges (.121, .131, .141 + any future VLANs) should be able to reach the remote resources (currently just 192.168.181.0/24, but future VLANs as well).
This evening I tried to focus on the relevant VPN pages of the Administration Guide to get the VPN up. Leaving the defaults I got as far as establishing a link between both sites and it seems that things are working right: From the remote site (.181) I can access the local site (.121, .131, .141); and from the local site I can at least ping resources (a laptop) on the remote site. (Yay!)
However, when I physically connected an asset that had a 192.168.121.X, 192.168.131.X and 192.168.141.X IP addresses to the remote RV220W (which is 192.168.181.0/24), I couldn't see it from the remote or local sites.I assume this is expected. But I'm reaching out to the community to see what other possibilities might be available becuase networking is a weak area for me. I figured it might be something like a Static [or Dynamic] Route but I really am not 100% sure.
Local Router LAN/WAN Settings: LAN IP: 192.168.121.1 on default VLAN (1) VLAN 13 defined 192.168.131.1 with DHCP enabled; Reservations created outside of DHCP scope VLAN 14 defined 192.168.141.1 with DHCP enabled, Reservations created outside of DHCP scope Inter VLAN Routing enabled for all VLANs
Can I have use a Gateway-to-Gateway IPSec tunnel whereby a user can surf the Internet using his local Internet connection and at the same time connect through the IPSec tunnel to a remote subnet using RVS4000 routers?
I have two Cisco RV042 Routers, they are being used to connect two offices, i have created a standard gateway to gateway connection, fixed public ip addresses on both sides and everything works fine, except when the tunnel gets disconnected, it does not connect back automatically, i have to log into either router console and click the connect button to get the tunnel working again, this is really annoying since it happens once or twice a day at least.
New hardware here, requesting a bit of your knowledge, We are tryingin to setup a simple gateway to gateway VPN
HomeA Has an RV016 with a public static IP Local Group Security Gateway type is IP Only with the IP Local Security Group Type is Subnet, with the local IP class 126.96.36.199 Remote Security Gateway Type: Dynamic + Email Email address firstname.lastname@example.org Remote Security Group Type: Subnet IP Address 192.168.1.0 IPSec Setup as default with nice password.
HomeB has an RV082 with a dynamic ADSL link Local Group Security Gateway type is DynamicIP +Email Email address email@example.com Local Security Group Type is Subnet, with the local IP class 188.8.131.52 Remote Security Gateway Type: IP Only Remote Security Group Type: Subnet IP Address 192.168.0.0 IPSec Setup as default with nice password.
The idea is for HomeB which has a dynamic IP, to reach HomeA, which has a static IP and connect. But they just wont. I have not clue what's wrong, I followed the instructions, maybe i miss interpreted something. I could share the VPN logs for both., Im getting a lot of errors there.
I have a pair of RV082 routers and I'd like to configure gateway to gateway VPN tunnel as described in a cookbook, "How to configure a VPN tunnel that routes all traffic to the Remote Gateway," (file name Small_business_router_tunnel_Branch_to_Main.doc). I followed this cookbook and found that my while the Main office has internet connectivity, the branch subnet doesn't have internet connectivity.
Routing does behave as advertised, where all traffic does go to the main office. However, the 192.168.1.0 subnet in the branch office does not get internet connectivity. I've read in other posts that the Main office router will only provide NAT for the local subnet, not the branch office subnet. Is there a way to configure the RV082 router to provide NAT for all subnets?
If not, which Cisco product will provide the VPN Tunnel connectivity as well as the NAT for all subnets? Can the RV082 be used as part of the final solution or are my RV082s a wasted expenditure?
Following is the configuration that I'd implemented, (real IP and IKE keys are bogus).
Gateway To Gateway Remote Main Office Add a New Tunnel Tunnel No. 1 2 Tunnel Name : n1-2122012_n2-1282012 n1-2122012_n2-1282012 Interface : WAN1 WAN1
Just bought 3 WRVS4400N, I wanted to setup gateway to gateway VPN. I followed the instructions on the WRVS4400N admin guide and VPN does not connect. I also downloaded the VPN setup wizard and that also did get the gateway connected. Everything seems to be correct. Do I have to enable anything else? Firewall setting?
Below is my config.
IPSec VPN Tunnel: Enabled Tunnel Name: TUN01 Local Security gateway: IP only WAN1 IP: 192.168.100.1 SUBNET: 255.255.255.0 Local Security type: subnet LOCAL IP: 10.10.10.1 SUBNET: 255.255.255.0
I am trying to set up a gateway to gateway VPN connection between a RV042G (central site) and a RV110W (newest firmware) which is used for presentation purposes on various customer's sites. The RV042G has a static IP. The RV110W has different IPs, depending on where it is used.
Basic VPN settings are clear to me (we have another VPN between two RV042G with static IPs). I set up the VPN connection on the RV042G wth the following settings for "Remote Group Setup":
Remote Security Gateway Type : IP + Domain Name (FQDN) Authentication IP by DNS resolved: mydomain.no-ip.org Domain Name: router12345
The value "router12345" is what I have configured in the RV110W as "Host name" in the network settings.
This configuration does not work so I am obviously doing something wrong. Do I have to use "router12345.mydomain.local" instead if I configured "mydomain.local" as the domain name in the RV110Ws network settings? For my tests the RV110W has a WAN-IP of 192.168.178.100 because it is located behind a DSL-Router. The external IP of this DSL-router is 178.0.x.x. The resolved IP from mydomain.no-ip-org is 192.168.178.100 but when I look in the RV042G log I see the requests coming withg the external IP (178.0.x.x). Is this the problem? The last message I see in the log is "no connection has been authorized with policy=PSK".
Or can I use "IP + Email Address (USER FQDN) Authentication" instead (where can I enter this email address in the RV110W?). Or do I have to use "Dynamic IP"?
I recently swapped out an RV082 with a newer model (still RV082 but black and a different interface). I configured the Gateway to Gateway VPN exactly as it was before but none of the three other RV082's will connect. I have tried deleting the connections several times to no avail. I have aggressive mode disabled and have tried with the firewall on and off. Below are the settings (IP's have been X'd out) and the log.
Settings: IP OnlyIP Address : X0X.X0X.20.31Local Security Group Type : IPSubnetIP RangeIP Address : Subnet Mask : Remote Group Setup Remote Security Gateway Type : IP OnlyIP AddressIP by DNS Resolved : Remote Security Group Type : IPSubnetIP RangeIP Address : Subnet Mask : AES-192AES-256AES-128 AES-192AES-256 AES-128 IPSec Setup3DES Keying Mode : ManualIKE with Preshared keyPhase 1 DH Group : Group 1 - 768 bitGroup 2 - 1024 bitGroup 5 - 1536 bitPhase 1 Encryption : DES Phase 1 Authentication : MD5SHA1Phase 1 SA Life Time : secondsPerfect Forward Secrecy : Phase 2 DH Group : Group 1 - 768 bitGroup 2 - 1024 bitGroup 5 - 1536 bitPhase 2 Encryption : NULLDES3DES Phase 2 Authentication : NULLMD5SHA1Phase 2 SA Life Time : secondsPreshared Key : Minimum Preshared Key Complexity : EnableLOG: