VPN connection to RV042

Unanswered Question
Apr 26th, 2010

Hi everyone,

I'm trying to get a VPN connection working, but keep getting the error message "The remote gateway is not responding".

The environment is as follows:

- client with Windows XP Pro SP3 and QuickVPN client (version 1.4.0.5)

- client is behind a simple Netgear router

- destination is a RV042

- I exported a client certificate and copied that into the client directory here

- I added a user and password to the VPN client access section

- the RV042 acts as a router with NAT in my office

- Remote management is enabled with port 60443 (because ports 80 and 443 are redirected to one of the servers in the office)

- tried to switch off the firewall on the RV042 --> no success

- tried to switch off the firewall locally here on the notebook --> no success

Any more hints would be greatly appreciated... I have no idea what I could try further. :-(

Thanks in advance and best regards,

Frank

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Te-Kai Liu Mon, 04/26/2010 - 15:17

RV042 may not like to serve remote management and QuickVPN on the same port, i.e. 60443. Could you try configuring a different port for remote management, e.g. 6443?

frankneps Mon, 04/26/2010 - 15:51

Hi,

I enabled "Remote management" because it was mentioned in a posting (found via Google), that this may help to avoid the problem with the not responding gateway.

I changed the entry to 6443, no difference.

I disabled remote management, still the same error.

Thanks though... and best regards,

Frank

Te-Kai Liu Mon, 04/26/2010 - 15:57

Could you post your log files (log.txt and wget_error.txt) located at the QuickVPN install directory. Please hide some portion of your ip address as this is a public forum.

frankneps Mon, 04/26/2010 - 23:13

Hello,

here are the log files:

1. I can't see a problem in wget_error.txt :

--00:51:51--  https://frank:[email protected]:[email protected]word*?USER=frank[email protected]:[email protected]word*?USER=frank
           => `C://Programme//Cisco Small Business//QuickVPN Client//vpnserver.conf'
Resolving xxx.dyndns.org... ww.xx.yy.zz
Connecting to xxx.dyndns.org[ww.xx.yy.zz]:60443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]

    0K                                                         155.27 KB/s

00:51:56 (155.27 KB/s) - `C://Programme//Cisco Small Business//QuickVPN Client//vpnserver.conf' saved [159]

2. In log.txt it looks differently, there are some warnings:

2010/04/27 00:51:40 [STATUS]OS Version: Windows XP
2010/04/27 00:51:40 [STATUS]Windows Firewall is OFF
2010/04/27 00:51:40 [STATUS]One network interface detected with IP address 192.168.1.104
2010/04/27 00:51:40 [STATUS]Connecting...
2010/04/27 00:51:40 [STATUS]Connecting to remote gateway with IP address: neps.dyndns.biz
2010/04/27 00:51:50 [WARNING]Remote gateway wasn't reached...
2010/04/27 00:51:50 [WARNING]Failed to connect.
2010/04/27 00:51:56 [STATUS]Remote gateway was reached by https ...
2010/04/27 00:51:56 [STATUS]Provisioning...
2010/04/27 00:52:03 [STATUS]Success to connect.
2010/04/27 00:52:03 [STATUS]Tunnel is configured. Ping test is about to start.
2010/04/27 00:52:03 [STATUS]Verifying Network...
2010/04/27 00:52:07 [WARNING]Failed to ping remote VPN Router!
2010/04/27 00:52:08 [WARNING]Failed to ping remote VPN Router!
2010/04/27 00:52:09 [WARNING]Failed to ping remote VPN Router!
2010/04/27 00:52:10 [WARNING]Failed to ping remote VPN Router!
2010/04/27 00:52:11 [WARNING]Failed to ping remote VPN Router!
2010/04/27 00:52:22 [WARNING]Ping was blocked, which can be caused by an unexpected disconnect.
2010/04/27 00:52:24 [STATUS]Disconnecting...
2010/04/27 00:52:31 [STATUS]Success to disconnect.

What do you think?

Thanks,

Frank

Te-Kai Liu Mon, 04/26/2010 - 16:10

>I enabled "Remote management" because it was mentioned in a posting (found via Google),

Remote management does not need to be enabled, but HTTPS has to be enabled for QuickVPN to work.

Did you specify Port 60443 on the QuickVPN Client window?

chasster123 Mon, 04/26/2010 - 17:13

I've been trying to get VPN running on two RV042's.

Had some "help" and had pptp and https operating at one point but now do not.

Is there a straight forward description of what to have ON and OFF in order to get the RV042 VPN connection working?

I'm wanting to use VPN over PPTP due to better security wherein protecting the client site.

I have the latest version of QuickVPN and firmware on the routers.

Is there a reason why VPN would not work if there is a tunnel established between two RV042's?

frankneps Mon, 04/26/2010 - 23:16

Hello Securityrouter,

sorry, forgot to answer the second message with your questions:

What do you mean by "https has to be enabled"?  I think, I have that enabled as I have a forwarding rule to a web server. Is that what you mean?  Is that possible and VPN additionally configurable?

In the QuickVPN client I specified "Auto", should I try with 60443 explicitly?

Thank you,

Frank

frankneps Mon, 04/26/2010 - 23:31

One more information, that may be helpful. I just looked into the Incoming log of the RV042. There are several (about 30 or so) entries like that:

Apr 27 08:26:19 2010        Connection Accepted        UDP first_IP:500->second_IP:500 on ppp0

Where the first IP is mine here at home, the second is the one in the office.

Does that help?

thanks,

Frank

jasbryan Tue, 04/27/2010 - 09:01

Usually Xp doesn't have any problems with running the Qvpn utility but i would look at 3rd party firewalls that will usually block the incoming icmp packet which is why you are getting the remote gateway not responding. I have seen on certain PC that it has been a registery error and after a clean format it worked great, not saying to do that here, but an option. Also i would verify that if you are running with windows firewall is on please make sure that you allow the incoming icmp packets over the windows firewall, and also if you are running any other third party firewalls, the programs uses port 443,500,4500,60443 make sure those ports are allowed. but it seems that the ICMP packet is getting blocked on the incoming so usually points back to the PC. Make sure the the IPsec services are running on the machine. The programs uses the Ipsec services in windows.

Thanks,

  Jason

chasster123 Wed, 04/28/2010 - 09:09

I normally run Sunbelt Software's Viper Premium which includes firewall.

Have found that something in Viper (not specifically the firewall) is stopping QuickVPN from working correctly.

Turned W7's firewall on (with Public settings activated) and it also failed.

Turned the Public related firewall settings OFF and W7 and QVPN worked.

Not clear as yet to what is exactly the issue.

cs

frankneps Fri, 05/07/2010 - 07:04

Hello,

sorry for the delay in getting back to you - I was on a business trip and couldn't continue to test.

I think I have a basic problem to understand what happens here... is there a step-by-step guide or a tutorial how to setup such a VPN connection?

I thought, I could connect with the QuickVPN client from my regular broadband network at home to the RV042 in the office. And I thought that I could get an access to the RV042 as if I were connected with a cable.

What I don't understand in Jason's answer:

1. From where to where must the ping be possible?   Who pings whom?

2. What do you mean by writing that the ports 443,500,4500,60443 must be "allowed"?  Must they be forwarded on RV042? Does there have to be a computer, to which these ports are forwarded? What should happen with requests to these ports?

Thanks for that much patience and all your help so far.

Best regards,

Frank

frankneps Fri, 05/07/2010 - 15:34

I tried the following this evening:

- I added rules to the firewall on the destination to accept traffic on the above ports

- I switched off the firewalls on both the source at home and at the destination in the office

  Result: i can ping both IP addresses.  --> still no success

I still get the error: "The remote gateway is not responding. Do you want to wait?"

In the log file log.txt still the same errors:

- [WARNING]Failed to ping remote VPN Router! (5 times)

- [WARNING]Ping was blocked, which can be caused by an unexpected disconnect.

And wget_error.txt looks like this:

--00:24:00--  https://frank:[email protected]:[email protected]word*?USER=frank[email protected]:[email protected]word*?USER=frank
           => `C://Programme//Cisco Small Business//QuickVPN Client//vpnserver.conf'
Resolving xxx.dyndns.org... 79.210.236.39
Connecting to xxx.dyndns.org[79.210.236.39]:60443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]

    0K                                                         155.27 KB/s

00:24:04 (155.27 KB/s) - `C://Programme//Cisco Small Business//QuickVPN Client//vpnserver.conf' saved [159]

Any ideas?

Thanks and best regards,

Frank

frankneps Fri, 05/07/2010 - 15:44

One more additional information. The log file on the destination RV042 says (many times):

May 8 00:03:51 2010        Connection Accepted        TCP 79.210.225.101:33454->79.210.236.39:60443 on ppp0

Actions

This Discussion