I have a WRV210 Router with the latest firmware (22.214.171.124) and QuickVPN (126.96.36.199). Apart from the very annoying fact that Windows 7 is not support (I can get around that by using virtual machines running XP), I have a problem with certificates.
There is NO certificate in the QuickVPN directory
If I start QuickVPN it gives the error - "Server's certificate doesn't exist on your local computer. Do you want to quit this connection?".
However, If I click "No", the connection proceeds anyway - and succeeds !!
Where is the security if the certificate is ignored ?
It seems to me that anyone with just the Username and Password can access the VPN
On further investigation, there is a presharedkey defined in "ipsec.conf". Now I have been playing with certificates
and had previously copied a certificate into this directory so does the certificate get cached by this (or other) files
If so does this get overridden if a new certificate, copied to the QuickVPN directory?
Further reading the help file on certificates, it seems to me that the question really means do you trust the SSL
certificate for the router retrieved from the router on connection. I am not a VPN expert but it seems to me that
this is only half the story. How does the router know the user is a valid user without a certificate from the user ?
I though that this was why you exported a certificate and placed it in the QuickVPN directory - ie to authenticate the user
What am I missing here?
Another annoyance - If I click on "Yes" to quit the connection, I am taken back to QuickVPN but there
is NO easy way to close the application. You can minimize it, but you cannot close it without Task Manager.
This is also a security issue since minimizing removes the icon from the TaskBar (I know there is an icon in the
System Tray, but the only way to determine what this icon is for is to select help) so a user assumes
the program has terminated but restarting the program merely restores the client with the password filled out.
QuickVPN Client will use the certificate to authenticate the QuickVPN Server, which presents its certificate to the Client at the initial SSL handshake.