cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
64496
Views
0
Helpful
32
Replies

Basic example for IPSec VPN for RV220W

aghiondea
Level 1
Level 1

Hi all

I have been reading about this and trying things for the last couple of days. With no luck.

I am trying to setup IPSec VPN on the router so that I can use the QuickVPN tool (horrible app btw) to connect my laptop to my network.

My question is this - what should I put instead of remote.com and local.com when setting up VPN using the Basic VPN setup page?!

The help page only describes the entry page - not explaining what I should put there.

If anyone can send me an example of how to set it up I would really appreciate it.

Note - I was able to setup PPTP VPN but now I want to try IPSec VPN.

Thanks,

Alex

32 Replies 32

From: mpyhala

Sent: Fri, 9/16/2011 8:06pm

To: fwofford

Subject: - Re: Basic example for IPSec VPN for RV220W

Cisco Support Community

Re: Basic example for IPSec VPN for RV220W

created by mpyhala in Small Business Routers - View the full discussion

Alex,

I was browsing this thread and noticed your question. The answer is yes, you need to be outside the network to connect. Also, make sure that the Windows Firewall is enabled on Windows Vista and 7. Turn off or uninstall any third party antivirus or firewall software. If you continue to have issues, please call Cisco Small Business Support. We are very good at troubleshooting and fixing QuickVPN issues and will be happy to assist. You can find a number here: www.cisco.com/go/sbsc

Reply to this message by going to Cisco Support Community

Start a new discussion in Small Business Routers at Cisco Support Community

Hi ,

Did you activate Remote Management (RMON) in tab "Firewall -> Remote Management" ????.

Look at page 172 of the administration guide :

"The QuickVPN program only works with a router that is properly configured to

accept a QuickVPN connection. You must perform the following steps:

STEP 1 Enable remote management. See Configuring Remote Management, page 97...."

Be careful, only port number 443 or 60443 !!!

Yes,

I have that enabled.

Thanks,

Alex

If you have the time you may want to give us a call at the Cisco Small Business Support Center (1-866-606-1866)

and let us create you a case and assist you in setting up QVPN.

THANSK

Rick Roe

Cisco Small Business Support Center

Hi everyone,

I'm having exactly the same issue with my recently purchases Cisco RV220W router as the thread creator. PPTP is working fine, but I cannot get connected from an Internet client using UMTS and either "Layer 2 Tunneling Protocol with IPSec (L2TP/IPSec) or Secure Socket Tunneling Protocol (SSTP) or even IKEv2. I just want to use the standard Microsoft VPN client protocols to securly connect to my network using VPN and RV220W.

So, what do I have to configure on both, router and client side?

The documents given with the router are really not self explaining - so I'm a little bit frustrated, too.

On the RV220W I configured:

  • WAN PPoE connection through my DSL modem to the Internet (works fine, easy to configure)
  • Enabled VPN - IPSec - VPN Users - PPTP Server and assigned a user to PPTP (connecting from the Windows Client using PPTP works fine, easy to configure)
  • Tryed to set up a more secure connection: Selected VPN - IPSec - Basic VPN Setup
    • Selected VPN Client (as the Client should be able to connect to my RV220W router)
    • Selected a new connection name, e.g. VPNSEC
    • Selected a preshared key
    • Struggeled with Endpoint Information: I don't know WANs IP Address / FQDN because
      • The IP Address will be dynamically assigned every time I establish my UMTS connection
      • The FQDN won't be unique, because I want to be able to establish the VPN connection from several different clients
      • Therefore I tryed to type the FQDN of the client I want to establish the connection now, e.g. name.domain.com
    • For local FQDN I selected the dyndns FQDN I assigned to my RV220W router
    • As Local LAN Address I selected 192.168.1.1 the default of VLAN 1
    • As Subnet Mask I selected 255.255.255.0
    • Encryption is set to default 3DES
    • Authentication is set to default SHA-1

How to assign a VPN user to that new created IPSec connection?

What else must be configured especially on client side to get

  • L2TP/IPSec
  • SSTP
  • IKEv2

running properly?

Any help appreciated!

Regards,

Thomas

Thanks Rick

I will find the time to call. I was hoping that would not be necessary .

Alex

Hi Alexandru,

Did you find any solution?

I'm in the same problem with my newly bought RV220W. I wuold like to set it up to IPsec with QUICKvpn.

I had use this weekend witout any lock....

So if you have some information you would like to share, please let us know.

Best regards

Mik

Hi

I have not yet figured this out... And I did not yet find time to call Cisco support.

Alex

Hi all

Using SSL would be a fine idea if it were working on Win 7 and be easy to install on a Mac. On the Mac I neded to login as root to get it installed (regular user with admin priviledges was not enough) and the GUI is ugly at best.

What to I need to configure to use the Mac builtin IPSec or a genuine Cisco IPSec-VPN Client?

Yours

mpyhala
Level 7
Level 7

Hi Alexandru,

It is VERY easy to set up QuickVPN users on the RV220W. Whether you will be able to connect or not is another story. Make sure that Remote Management is enabled on port 443 before you start. I will give you the exact steps to create an account:

  1. In the web interface, browse to VPN-> IPSec-> IPSec Users.
  2. Change the User Type: to Cisco QuickVPN (Dropdown)
  3. Input the new Username and Password. Confirm the Password.
  4. Save

That is ALL you need to do to create an account. Do not change any other VPN settings. If your router has a WAN IP address and ports 443, 500, 60443 and 4500 are not being blocked by your ISP, you should have no problem connecting from OUTSIDE the network. Make sure you have the latest version of QuickVPN installed (v1.4.2.1) On Windows Vista and 7 the Windows Firewall MUST be enabled and any antivirus or third party firewall software disabled or removed.

Please let us know if you have any further questions.

Hi,

I have succesfully done that.

Next question is the ertificate issue. Do you have a guide for creating this as well.

/Mik

Hi Mik,

To export the certificate from the RV220W:

  1. Browse to Security-> SSL Certificate. Scroll to the very bottom of the page.
  2. Press "Export for Client" and download the .pem file.
  3. Copy or move that file to: C:\Program Files\Cisco Small Business\QuickVPN Client (Windows XP example)

That's it. You should not see the certificate warning anymore when connecting from the PC with the certificate. Please reply if you have any further questions or issues connecting.

Thank you for your reply.

I have setup the user and now I need to find a network where I can try this from . Does the local IP address matter in this case? Like if the local ip from the foreign network happens to match with my internal IP address range?

What are the other setting for then? If not for the QuickVPN settings?

Thanks,

Alex

Hi Alex,

The local IP address does matter. If the LAN IP on the RV220W is 192.168.1.1 and you try to connect from a location with a router that has the same IP address, the connection will fail. The reason is that the remote router will not know to send traffic destined for 192.168.1.x through the tunnel. It will keep all such traffic local. You should change the LAN IP of the RV220W to 192.168.2.1 or 192.168.100.1 to avoid this problem.

The other settings are for connecting using a third party VPN client or if connecting two routers to each other. (Gateway to Gateway VPN tunnel)

Hi mpyhala,

On my router I have setup two VLANs, 192.168.1.0 and 192.168.2.0 . How can I setup the VPN connection with 192.168.2.0? Also on mobile devices such as iPad and iPhone how can I setup the VPN conncetion?

Thank you.

Reza

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: