RV042 VPN configuration

I'm looking for help to the RV042 configuration for VPN access to local machines and Win 2008 Server.  History: had problems with remote printers created for customers log into old Linksys RV042 VPN Linksys software.  First Tech exposed server without security, and it had to be removed because he was attacked, but did not print problem.  2nd tech failed to get VPN to work after 1 tech.  3rd tech 4hours and I got the router is a piece of...  I am so on more than 1000 and unable to have a simple router put in place.  The current situation.  New RV042 with the V4.1.1.01 firmware, using the Cisco VPN client 5.0.07.0410, most of the 32-bit machines on network XP, a 64-bit win 7.  My customers do not have access to their data for too long and I need a quick fix.  Willing to pay, just the person to really know what they are doing.  Thanks in advance.  (I hope its ok to offer to hire someone!)

Mike,

I am sorry to hear that you're having these problems and even more sorry to tell you that you have problems with the client VPN Cisco 5.x because the RV042 does not support this VPN client. Cisco VPN client is an enterprise-level software utility that uses the IPsec protocols to connect. What you should use is Cisco VPN fast. Cisco VPN client authenticates in 2 phases while the RV042 and Cisco Qvpn authenticates in 1 phase. The router doesn't understand just how to manage connections from the Cisco VPN client. I've included a link to the Cisco Qvpn utility below. Hope this helps

http://www.Cisco.com/Cisco/software/release.html?mdfid=282414010&softwareid=282465795&release=1.4.2.1&relind=available&rellifecycle=&RelType=latest

Blake Wright

HWC Cisco network engineer

Tags: Cisco Support

Similar Questions

  • How to configure RV042 VPN to use Windows 7 client native IPSec?

    The question is in the title, I want to make the Windows client compatible with my RV042 VPN because Shrew Soft VPN fail to tunel after that little time and QuickVPN do not support Windows 7 or a 64-bit version of Windows.

    Windows does not have an IPSec client, what they offer is a VPN client that can connect to PPTP, L2TP/IPsec (on IPSec), IKEv2. To connect directly to the router RV that our only option is to connect over PPTP once the PPTP server protocol is enabled on the router. If you have a server located behind the router, you can configure to be an endpoint to one of the above types. Don't know why, Mac and Windows don't have a naked IPSec feature built-in clients.

    Some third-party applications to consider:

    Windows: ShrewSoft IPSec Client

    Mac OS X: IPSecuritas

    Both are relative simple to set up and on the routers RV0xx work fantastic and an exellent substitute QVPN. With these applications you set up the tunnel as a group and use the "XP/2000 Microsoft VPN Client ' option." " This option is a bit misleading because it seems to imply that the native VPN client can support IPSec settings, when it referred only that a computer would use this option during its WAN IP address is not always known.

    I hope this helps.

  • Two RV042 VPN has been a problem to get to the third-party router

    Hello, I have two RV042 connected via VPN very well.    First network let's call A.A.A.A Second network have also RV042 to B.B.B.253.   B.B.B. network, we have Cisco router another provider to B.B.B.254.    On this second network configuration on B.B.B.253 (our default gateway) saying that all traffic will C.C.C.C I have routing tables (just an IP address not a subnet) must pass through the router Cisco at B.B.B.254 and the location of B.B.B.B works well.

    What I'm trying to accomplish, is the unique through the RV042 VPN network A.A.A.A than when I go to C.C.C.C of IP address and get passed out through B.B.B.254 (Cisco of the seller).   I had the seller put the roads in their router to be able to deliver the A.A.A.A network and can ping on both networks.   Specifically, I can ping from A.A.A.A to B.B.B.254.   However, I would like to install my on A.A.A.A routing tables so that whenever someone goes to the unique address of C.C.C.C it passed through the VPN to the B.B.B.254.   All my efforts have failed.   I do not exclude the seller screwed up somewhere, but have been working on this all day and am running out of ideas.  It's for all the suggestions and thanks for any help!

    Concerning

    It is not possible. The RV042 using a simple IPSec VPN Tunnel tunnel. Plain IPSec has routable interfaces. You cannot add static routes to handle additional traffic through the tunnel. IPSec will be tunnel only traffic that matches local & remote security groups. Because C.C.C.C is not part of a security group that he will not get in the tunnel.

  • Customer quick RV042 VPN cannot ping lan network

    Hi guys,.

    I just created a client2gateway on RV042 IPSec tunnel and use the remote PC quick VPN client tries to connect to this router.

    Fast VPN showed that the tunnel has been established. But I couldn't ping the LAN behind the router RV042.

    Can someone help me?

    Thank you.

    Hello

    Yes, you are right. To use the fast with RV042 VPN, it is necessary to configure the user name and a password for access to the VPN Client page. As this router does not support VLANs, you can only connect the VPN client to the LAN subnet (you cannot connect the client to any beach IP configured with multiple subnets)

    Kind regards

    Bismuth

  • Rv042 VPN Customer

    Hello

    I'm trying to configure the VPN but get no success, to my seat, I have a cisco-3825 Cisco-5515-x, at the office, I have 1 rv042.

    My site to site VPN configuration works very well. But what I want now all the internet traffic of my branch should move from my seat, with the seat only, IP as little of our app only works with our Office IP.

    For VPN Site to Site, I use 3825 and rv042, my 5515-x does not get used for this VPN, I use it for other purposes. Mode routed to the case where if it takes I can configure for VPN too.

    Any help or ideas will be appreciated.

    Thank you

    If you need to make the field of encryption .

    On the 3825 to the default route inside the ASA.  Then add static routes for the public IP addresses remote VPN concentrators on the external interface of the 3825.

    This could also be done using VRF if you hate a 'Data' or "AppX" license on your 3825.

  • VPN configuration blocking Internet connectivity

    I own an iPhone6 (bought in November 14 and another iPad4 (bought in early 2014) - I face a problem even in both devices.)

    Whenever I'm trying to be devices connecting to the Internet (this either through Mobile or wireless data, I have to take concrete steps to start-up the VPN setting without which the device connect to the Internet. However sometimes (although not very often) the VPN configuration gets turned on by itself without manual intervention (on start-up or mobile data or WiFi on the device). So there is always some delay time in the connection to the Internet whenever I want to use the device.

    I would be grateful for suggestions from the community in order to overcome the problem.

    You have installed VPN software or you have configured in your VPN settings? If you have a VPN configuration, then check its configuration. If you do not have a VPN configuration or a VPN software installed, then the VPN switch in settings should not illuminate.

  • Router RV042 VPN Client access from Linux?

    Hello world!

    I have a question for the creators and users of RV042.

    Is there a way to communicate with a Linux box for access on a RV042 VPN client? I'm trying to do that and play with the settings, but I am not able to connect. I tried profiles in OpenVPN, OpenSwan, kVPNc and others. For the most part, my problem is that all of these software require too many parameters and other certificates that only types that you can create on a RV042 (.pem files).

    Please let me know if any of you were able to connect to a Linux box for on a RV042 VPN.

    Also, I would ask the CISCO/Linksys people why they provide only a Windows client for this option? "Small companies" are devices not windows based commercial devices!

    Thank you!

    Zoli

    Good day Zoli,

    Unfortunately, there is not any Quickvpn client available for Linux and Macintosh which work together with the Small Business/Small Business routers Pro.

    If I share your dismay that we do not formally use Quickvpn with all Linux distributions or any Mac OS, we have seen limited success with solutions that allow the use of third party VPN Clients when used in conjunction with our routers.

    I'm curious to know whether or not you have explored Shrew Soft VPN Client (a simple Google search will yield results). I'm currently taking a look and to experiment a little bit on my end to see if there is anything we can get to work. If you can, please let me know what you use distribution, what version and a list of all customers third-party vpn that you used.

    Personally, I'd love to see the development of a guide that we as support engineers to help all of our Linux-savvy customer.

    Thanks for your patience!

  • Unlikely VPN configuration

    Hello

    one of our partners, had asked us a strange VPN configuration. I'm not a specialist of the ASA and I want to assure you that it is really impossible.

    We already have a VPN tunnel to the TOP. For example:

    Peer1: 1.1.1.1/32 (my company)

    Peer2: 2.2.2.2/32 (partner)

    EncryptionDomain1: 10.10.10.10/32 (our field of encryption)

    EncryptionDomain2: 20.20.20.20/24 (field of the partner encryption)

    Thus, the partner we asked to install a second tunnel with exactly the same configuration. (Homologous domain and encryptio).

    I don't think it is possible, for the reason of the match seemingly obvious to access list. In this way, I think that the ASA will get confused on which traffic corresponds to which access to the tunnel to the circulation list. It's quite a superposition of access list.

    Am I wrong?

    There might be an ASA feature that makes this possible?

    Best regards

    Fabiano Martins

    Hi, Fabiano,.

    As you rightly pointed out, it is not possible to create 2 tunnels for the same source and destination, between the same two peers.

    As a single card encryption can be applied to an interface, the different tunnels that put an end to this topic are configured with line numbers.

    When traffic is matched with the card encryption, for that, a descendant of the correspondence. And when two tunnels with the same crypto-list access are configured, then always match the first condition in the card encryption, and so the second tunnel will never come to the top.

    The most interesting question here would be, as to why your client wishes to set up such a facility.

    He may be trying to achieve something that can be done without the need for the two tunnels.

    -Shrikant

    P.S.: Please check the question as answered, if it has been resolved. Note the useful messages. Thank you.

  • RV042 VPN public ip

    Hello everyone,

    I ' v bumping my head again and again with this issue... I need to configure a tunnel ipsec VPN with a service provider, they require that the first negotiating phase vpn ip address is public (which is normal "Local Security Gateway") and the need to address public ip for the second phase ("group of Local Security") it is im having problems on the source of the request service must be a public ip address as well. When I created my tunnel with their configuration. I have no problem to have the tunnel connected.

    The problem comes when I have to configure my computer with the public ip address and connect to the RV042 router in order to access the tunnel... So I tried to put a local ip address to my computer lets say 10.1.10.102 and then do a NAT with ip address public xx.xx.xx.37

    When I do this i never send packets from my computer (which is a linux server bdw) through the VPN... and if I give the server the xx.xx.xx.37 address public ip with gateway xx.xx.xx.38 also packages do not go anywhere...

    mainly the problem is to know how to configure my server or gateway to send traffic to my server through vpn! because the tunnel is UP. (remember that the only way that the service provider will acept the connection is with the public ip address on the bridge and on the group.

    OK guys, I just managed to make it work! I just plugged my server on the DMZ port with the public ip address and presto! tour of 1to1 nat!

  • RV042 vpn pass trough droping?

    Hello

    I have a Linksys RV042 (defined as a gateway, Firmware Version: 1.3.12.19 - tm) witch I use to balance the load. Two difrent ISP, one in WAN1 defined for ip automaticlly and the other in WAN2 with a static IP address. The two set MTU to 1492.

    On WAN2 I configured a VPN tunnel to another site where I have a Zywall 10w, witch works fine without any problems.

    In the building, we have about 30 computers. Some of them use software that works through a vpn connection. This vpn connects ok until a point when juicing it immediately and it does not connect at least that I reboot the Linksys.

    The newspaper does not say enithing.

    I discovered that when I change the MTU or renew the IP address of the connection drop.

    Is that it must do something with load balancing?

    It is out of memory?

    Discount to zero might help but you must reconfigure everything.

    reflash the firmware.

    HOEP that helps.

  • RV042 VPN tunnel with Samsung Ubigate ibg2600 need help

    Hi all, ok before I completely remove all of my hair, I thought stop by here and ask the volume for you all with the hope that someone can track down the problem.

    In short I am configuring a 'Gateway to gateway' vpn tunnel between two sites, I don't have access to the config of the router from Samsung, but the ISPS making sure that they followed my setup - watching newspapers RV042, I don't however see the reason for the failure - im no expert vpn...

    Sorry if the log file turns on a bit, I didn't know where the beginning and the end was stupid I know... any advice would be greatly welcomed lol.

    System log
    Current time: Fri Sep 2 03:37:52 2009 all THE Log Log Log Log VPN Firewall Access system
     
    Time
    Type of event Message
    2 sep 03:36:01 2009 value of VPN Log [Tunnel negotiation Info] Inbound SPI = c3bdba08
    2 sep 03:36:01 2009 value of outbound SPI VPN Log [Tunnel negotiation Info] = c664c1ca
    2 sep 03:36:02 2009 VPN Log [Tunnel negotiation Info] > initiator send fast Mode 3rd package
    2 sep 03:36:02 2009 VPN Log [Tunnel negotiation Info] Quick Mode Phase 2 SA established, IPSec Tunnel connected
    2 sep 03:36:02 2009 VPN journal Dead Peer Detection start, DPD delay = timeout = 10 sec 10 sec timer
    2 sep 03:36:02 2009 VPN received log delete SA payload: ISAKMP State #627 removal
    2 sep 03:36:02 2009 VPN Log Main Mode initiator
    2 sep 03:36:02 2009 VPN Log [Tunnel negotiation Info] > Send main initiator Mode 1 package
    2 sep 03:36:02 2009 charge of VPN journal received Vendor ID Type = [Dead Peer Detection]
    2 sep 03:36:02 2009 VPN Log [Tunnel negotiation of Info]< initiator="" received="" main="" mode="" 2nd="" packet="">
    2 sep 03:36:02 2009 VPN Log [Tunnel negotiation Info] > initiator send Mode main 3rd package
    2 sep 03:36:03 2009 VPN Log [Tunnel negotiation of Info]< initiator="" received="" main="" mode="" 4th="" packet="">
    2 sep 03:36:03 2009 Log [Tunnel negotiation Info] VPN > main initiator Mode to send 5 packs
    2 sep 03:36:03 2009 Log [Tunnel negotiation Info] VPN > initiator receive hand Mode 6 Pack
    2 sep 03:36:03 2009 log VPN main mode peer ID is ID_IPV4_ADDR: '87.85.xxx.xxx '.
    2 sep 03:36:03 2009 Log [Tunnel negotiation Info] VPN Mode main Phase 1 SA established
    2 sep 03:36:03 2009 log VPN [Tunnel negotiation Info] initiator Cookies = c527 d584 595 c 2c3b
    2 sep 03:36:03 2009 log VPN [Tunnel negotiation Info] responder Cookies = b62c ca31 1a5f 673f
    2 sep 03:36:03 2009 log quick launch Mode PSK VPN + TUNNEL + PFS
    2 sep 03:36:03 2009 Log [Tunnel negotiation Info] VPN > initiator send fast Mode 1 package
    2 sep 03:36:04 2009 VPN Log [Tunnel negotiation of Info]< initiator="" received="" quick="" mode="" 2nd="" packet="">
    2 sep 03:36:04 2009 value of VPN Log [Tunnel negotiation Info] Inbound SPI = c3bdba09
    2 sep 03:36:04 2009 value of outbound SPI VPN Log [Tunnel negotiation Info] = e3da1469
    2 sep 03:36:04 2009 VPN Log [Tunnel negotiation Info] > initiator send fast Mode 3rd package
    2 sep 03:36:04 2009 VPN Log [Tunnel negotiation Info] Quick Mode Phase 2 SA established, IPSec Tunnel connected
    2 sep 03:36:04 2009 VPN journal Dead Peer Detection start, DPD delay = timeout = 10 sec 10 sec timer
    2 sep 03:36:05 2009 VPN received log delete SA payload: ISAKMP State #629 removal

    PFS - off on tada and linksys router does not support the samsung lol! connected!

  • RV042 VPN group &amp; access rules

    I have install a GroupVPN and connect to the RV042 with the client VPN Shrewsoft, works like a charm as opposed to QuickVPN ;-)

    The firewall is configured with an explicit deny for RDP access rule to an internal server, can also be used to explicitly a rule is created for certain numbers of IP as a source. I noticed that I need to create an explicit allow rule for the subnet of the client Shrewsoft is using the virtual adapter or I won't be able to access the internal server via RDP through the tunnel of GroupVPN.

    Is it normal? I think that establishing a tunnel defies the rules created for a direct access to the WAN port.

    Peter

    Sorry, I got my signals crossed with my previous suggestion.  Your answer has cleared up my misunderstanding.  My rule was for a different purpose and it does not work for your situation, I thought it would be.

    redirect port (UPnP or redirection) replaced the firewall rules, but does not completely bypass their. He must work around the default rules for work, but don't not past rules customized.  The trick is to know the translation of transfer goes first, then when it is processed by the firewall, the destination is the IP and the port internal.  In addition, it would seem that VPN works the same way - allows to bypass default firewall but not custom rules.

    Since you want to double your security and have a non-standard port MORE limit access to specific IPs through the rules of firewall, then you are set up correctly.

    The VPN to bypass the firewall completely?   Maybe, but then you wouldn't have the opportunity to clients VPN filter with custom (without a separate section in Firewall VPN) rules.  Given that you have created a custom block rule, you must add an allow rule for everything that comes through the WAN (same VPN) port.   I agree it's annoying, but that's just the way the program is written.

    I didn't test the VPN rules, but I think you can handle this - the only variable would be you allow the public IP address of the remote network or remote LAN subnet range?  I expect the LAN subnet.

    ----------------------

    Other thoughts - I personally just use the non-standard port and leave the RDP Security to take care of himself.  My clients are very small, so the exposure and risk are fairly low.  For a client of profile higher or more secure, I would either put everything inside a VPN connection, or configure as you.  Of course, if the security is so important, maybe you should be on a more expensive (and capable) device?

  • Cisco RV042 VPN hub and spokes, connecting spokes question

    Hello

    I have a few Cisco RV042 router and VPN links them with a hub and spoke topology.

    Each speaks VPN works, they manage to connect to the platform.

    The hub can see each VPN active rays.

    A computer under the hub can connect to a computer in any talks.

    A computer under any talks can connect to a computer running the hub.

    Which works very well.

    Now, what I really need, is to connect computers under a RADIUS to connect to computers under another spoke.

    It don't work.

    Current configuration of LAN:

    HUB IP / mask: 192.168.0.1 / 255.255.255.0

    Spoke1 IP / mask: 192.168.1.1 / 255.255.255.0

    Spoke2 IP / mask: 192.168.2.1 / 255.255.255.0

    I was wondering if the Cisco RV042 can be configured to allow that and HOW?

    If we can not do, should what other router I use as a hub? Should I change the rays as well?

    Thank you and have a nice day

    Hope that this document can point you the right direction.

    https://supportforums.Cisco.com/docs/doc-12534

  • RV042 VPN devices and iOS4.2

    Hello

    I have problems with the VPN between RV042 and iOS4.2 devices (iPhone/iPad).

    First question is ' is it possible at all the.

    Second question is 'how '.

    --

    I configured the tunnel group and created for the VPN user. In my Windows XP-laptop QuickVPN seems to work very well.

    But when I try to connect with iPhone or iPad (3G) I'll get a message like "the server is not responding.

    RV042 journal, I found the following lines:

    Dec 10 13:09:29 2010 The VPN log Initial message of aggressive Mode [iOS_device_public_IP], but no (wildcard) connection has been configured
    Dec 10 13:09:29 2010 The VPN log [Tunnel negotiation of Info]< responder="" received="" aggressive="" mode="" 1st="" packet="">
    Dec 10 13:09:29 2010 The VPN log Useful load of Vendor ID received Type = [Dead Peer Detection]
    Dec 10 13:09:29 2010 The VPN log Ignorant Vendor ID payload Type = [Cisco-unit]
    Dec 10 13:09:29 2010 The VPN log Ignorant Vendor ID payload Type = [XAUTH]
    Dec 10 13:09:29 2010 The VPN log Vendor ID payload ignorant Type = [draft-ietf-ipsec-nat-t-ike-02_n]
    Dec 10 13:09:29 2010 The VPN log Vendor ID payload ignorant Type = [draft-ietf-ipsec-nat-t-ike-02]
    Dec 10 13:09:29 2010 The VPN log Payload Vendor ID received Type = [draft-ietf-ipsec-nat-t-ike-03]
    Dec 10 13:09:29 2010 The VPN log Regardless of the Vendor ID payload [9909b64eed937c65...]
    Dec 10 13:09:29 2010 The VPN log Regardless of the Vendor ID payload [80d0bb3def54565e...]
    Dec 10 13:09:29 2010 The VPN log Regardless of the Vendor ID payload [4d1e0e136deafa34...]
    Dec 10 13:09:29 2010 The VPN log Regardless of the Vendor ID payload [439b59f8ba676c4c...]
    Dec 10 13:09:29 2010 The VPN log Regardless of the Vendor ID payload [8f8d83826d246b6f...]
    Dec 10 13:09:29 2010 The VPN log Regardless of the Vendor ID payload [4df37928e9fc4fd1...]
    Dec 10 13:09:29 2010 The VPN log Regardless of the Vendor ID payload [4a131c8107035845...]
    Dec 10 13:09:29 2010 The VPN log Regardless of the Vendor ID payload [4a131c8107035845...]
    Dec 10 13:09:29 2010 The VPN log Regardless of the Vendor ID payload [4a131c8107035845...]

    Any ideas what's happening?

    RV042 does not support the iPhone VPN connection.

    Here is the list of what iPhone supports:

    http://www.Cisco.com/en/us/docs/security/vpn_client/cisco_vpn_client/iPhone/2.0/connectivity/guide/iPhone.html

  • RV042 VPN issues

    Hi all

    Well, I don't have VPN Linksys configuration in a while and have forgotten most of this, so I was wondering if somebody could please share any knoweldge response and help issues.

    What I want to do is to create VPN tunnels between 2 remote sites for VOIP traffic. At both ends of my tunnel, I have a Linksys router. The main site that two remote sites are connecting to has a RV-042.

    So here's what I need to know:

    1. If I have an existing VPN that runs through the router (the router is currently not my VPN endpoint, a server is) when I place a VPN endpoint on the RV-042 point my existing VPN will be functional?

    2. once the branch establishes as a tunnel with the RV-042 how will be the traffic that is intended to flow from the internet? I wish that only certain traffic flows through the tunnel, more specfically as VOIP traffic.

    3. once the branch establishes a tunnel with the RV-042 how will forward the RV-042? Also, I want just the VOIp traffic through the tunnel that anything that is intended for the internet should not go to the internet... In other words Split tunneling on both ends of the tunnel.

    Router RV - 042 is VPN Head end or head office, if you want to...

    RV-042 Firmware: 1.3.12.6 - tm

    Ideas or things I should look out for. Is this possible to do?

    Topic 1. Perhaps. If you connect to the same endpoint router and a server within the local network, then you will get most likely difficulties.

    Re 2/3. The two parties define the traffic that tunnel is based on IP addresses. You define a local and remote security group that essentially defines the IP addresses in the part of the source and destination of each IP packet. If these are in circulation will be tunnel. If they do not match, the traffic is sent outside the tunnel. The configuration of the tunnel does not specify certain protocols or ports. You can only do this based on the IP address. If you use software phones on the computers that you will not get it work as you want because you can't separate the other traffic of the computer VoIP traffic. If you use hardphone you could put all the phones in a specific subnet or address range, and then set that only those IP addresses go through the tunnel.

Maybe you are looking for

  • My imessage and facetime will not work correctly

    A few days ago my iMessage suddenly wasn't working properly on my mac. I could not receive messages, and when I tried to sent messages, he says not delivered. Then I reinstalled the OS X IS captain. Then when I type a contact to send an iMessage from

  • Improve the Camileo S10

    I bought last year a Camileo S10. There are two not good question.Light sensitivity: with plain day I work well, but with the clear desk light or unclear orrible. is it possible to upgrade? Optics: it is quite a narrow profile. Is there a possibility

  • windows ssd 8.1 migration

    Hello.  I recently migrated my boot Windows 8.1 of the original 2 TB Seagate drive in my 810 Phoenix-130qe to a Samsung 250 GB SSD using migration data from Samsung app.  After the migration, I placed the SSD in the position of the original boot driv

  • How to retrieve emails

    Open my e mail and received a notice that says welcome to outlook express 6. When I looked at my emails all former and current emails where gone. How can I retrieve these.

  • Windows 7 Ultimate no longer serial accepts.

    I bought Windows 7 Ultimate SP1 32/64 bit in 2011 and have reinstalled several times on my pc. Recently, I ran Killdisk on disk because it is an older machine, and I was about to recycle. However, I decided to keep the pc mainly to play games more ol