Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

quickvpn connects but cannot access remote LAN

I am running a RV 120W wireless N router here in Japan on an ADSL circuit from Softbank BB. I have set the interal IP address range of the router away from default to be Below are the VPn Deafult settings.

PN Wizard Default Values for IKE:
Gateway PoliciesClient Policies
Exchange Mode:MainAggressive
Local WAN ID:Local WAN
Remote WAN ID:N/
Encryption Algorithm:3DES3DES
Authentication Algorithm:SHA-1SHA-1
Authentication Method:Pre-Shared KeyPre-Shared Key
Key-Group:DH-Group 2 (1024 Bit)DH-Group 2 (1024 Bit)
Lifetime:8 Hours8 Hours
VPN Wizard Default Values for VPN:
Encryption Algorithm:3DES
Authentication Algorithm:SHA-1
Lifetime:1 Hours
PFS Key Group:DH-Group 2 (1024 Bit)
NETBIOS:Enabled (Gateway Policies)
Disabled (Client Policies)

IKE Policy

Policy Name:jmXXXXXXX
Direction / TypeBoth
Exchange Mode:Aggresive
Enable XAUTH Client:
Local Identification
Identifier Type:Local Wan IP
Local Wan IP:
Peer IKE Identification
Identifier Type:FQDN
Local Wan
IKE SA Parameters
Encryption Algorithm:3DES
Authentication Algorithm:SHA-1
Authentication Method:Pre-shared key
Diffie-Hellman (DH) Group:2
SA-Lifetime:28800 Seconds

System fireware =

I updated tp the latest firmware which is RV120W_FW_1.0.1.3 and that made things even worse as I could not ;longer PING the external IP address even with the Firewall's basic settings turned all to "off". Since I was unaable to remote into the router I reverted back to version

When I remote inusing QuickVPN I am not on the same subnet as the router. I am able to connect, establish the vpn tunnel, and remote access the router; but I am unable to see any resource computer or otherwise.

Below is an exerpt from the IPsec VPN log

2010-11-15 14:55:09: INFO:  Received unknown Vendor ID
2010-11-15 14:55:09: INFO:  For[500], Selected NAT-T version: RFC 3947
2010-11-15 14:55:09: INFO:  NAT-D payload matches for[500]
2010-11-15 14:55:09: INFO:  NAT-D payload does not match for[500]
2010-11-15 14:55:09: INFO:  NAT detected: PEER
2010-11-15 14:55:10: INFO:  Floating ports for NAT-T with peer[4500]
2010-11-15 14:55:10: INFO:  ISAKMP-SA established for[4500][4500] with spi:33a0aa37181469aa:abab0fc0aa120f7a
2010-11-15 14:55:10: INFO:  Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2010-11-15 14:55:10: INFO:  Responding to new phase 2 negotiation:[0]<=>[0]
2010-11-15 14:55:10: INFO:  Using IPsec SA configuration:<->
2010-11-15 14:55:10: INFO:  Adjusting peer's encmode 3(3)->Tunnel(1)
2010-11-15 14:55:11: INFO:  IPsec-SA established[UDP encap 4500->4500]: ESP/Tunnel> with spi=127988341(0x7a0f275)
2010-11-15 14:55:11: INFO:  IPsec-SA established[UDP encap 4500->4500]: ESP/Tunnel> with spi=4139774728(0xf6bff308)

I have created a Self Activatedcertificated and loaded it successfully into the trusted certificates table. I have loooked into issues with port 500 as a possible cause but I am unable to get the port fully open on any computer connected to or remoting into the RV 120W. This router will be relocated to my customers site who is using PPPoE authencation on a shared fiber line later this week. Any assistance to resolve or mitigate this issue would be appreciated.



  • Small Business Routers
New Member

Re: quickvpn connects but cannot access remote LAN

Hi Scott

It seems you are having very similar issues to me!

It also seems that Cisco seem reluctant to come up with an answer.

Tomorrow I'm going to start looking for something else to swap this unit out, my customer's patience is starting to wear thin. I recommended this product to my customer because it had  a good name.

Let's hope that they come up with an answer for you PDQ!



New Member

Re: quickvpn connects but cannot access remote LAN

Hello Barry,

  I called Cisco in the USa and raised a ticket with them. The Cisco engineers we very helpfull and they were able to login using QuickVPN to my router. We were able to figure out that if any PC on the remote LAN that has a firewall running on it musteither be disabled or create some rulles as follows:

open Inbound TCP port 50, 445, 500, 4500.

open Inbound ICMPv4 that will allow you to PING the remote LAN IP address.

This worked for me.