I've been struggling with Client VPN on WRVS4400Nv2 (fw. V1.00.09-ETSI) and the QuickVPN 1.2.11 software. These problms are still present with QVPN / Quick VPN client version 18.104.22.168.
The problem was, that I couldn't connect to the router with QuickVPN (the classic "Remote gateway not responding" error). I found a way to debug from the command line from experts-exchange.com (I think it was this link). So here goes...
This is what I found:
If I used the 123456789.dnsalias.net (number represent the lenght not the real hostname) the client didn't work, but once I changed to using the IP address it worked. The reason seem to be, that the server address in ipsec is LIMITED TO 16 CHARACTERS or it should be an IP address.
The command string with problems when running "c:\Program Files\Linksys\Linksys VPN Client>ipsec -debug":
As you can see the server address is truncated to just "123456789.dnsali". The generated ipsec.conf-file has the whole address. The QuickVPN FRONTEND for the console program should do it's job correctly. Latest version also has the bug. Got my VPN working today by using IP-address instead of remote.verylongdomain.com.
THE BUGS - SUMMARY:
1. QVPN doesn't handle long hostnames - MUST USE IP address (sadly this is not a joke - ).
2. Client doesn't give ANY errors from that part of the execution, but only later when the ping doesn't work.
3. Client doesn't give spesific errors (example. It should say if the problem was the password, or the gateway, etc., not combine them all)
4. Client doest run on Windows 7 without compatibility mode (in the Vista SP2 compatibility mode it works as well as in native Vista)
4.b Error message is flawed "This only works in Windos 2000 / XP" - It does work on vista....
The Real problem IMHO:
If Cisco decides to create a quickly ductaped piece of software that is a combination of OpenSSL, GNU Wget and Marcus Muellers IPSEC-tool, you should give them credit, distribute the source code (Don't know really if open source principles apply here), or maybe hire them to do the job correctly
This is basically the same info as my old post here.
PS. Who got the great idea of minimum 9 character usernames and the n+1 step software download process
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...