Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

RV042 Client setup

I am having trouble setting up a Cisco RV042 router which I want to use because of its dual WAN feature to replace a DLink-615.

I use the router to connect from Israel to a VPN provider in the UK.

The settings that presently work on the Dlink that I need to replicate for the RV042 are as follows:

Connection Type - PPTP with Dynamic IP

Obtain DNS server address automatically

Username,Password and VPN server address

Encryption MPPE 128 bit

Authentification algorithm – MS-CHAP-V2

The RV042 has firmware V4.2.2.08 and the settings I have used so far are as follows:

WAN1 connection type  PPTP

WAN IP address to the UK VPN server address .

I have left the subnet Mask as 255.255.255.0 and the default Gateway Address as 0.0.0.0

My VPN username and password

The DHCP setup is set to enable DHCP Server

I set the DNS Server (required) 1: to 8.8.8.8 and leave everything else blank

This does not connect

Is it possible to setup the RV042 to work in the way the Dlink-615 works?

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
Gold

Re: RV042 Client setup

Geoffrey,

The RV042 does not support IPSec/L2TP. More importantly, it cannot function as a VPN client so there is no place to enter a username or password. It is strictly a VPN server for IPSec Gateway to Gateway, IPSec VPN client access and PPTP client access.

- Marty

20 REPLIES
New Member

RV042 Client setup

According to Cisco technical support what I want to do is impossible.  The problem seems to be that since I cannot do an encrypted PPTP connection with the RV042 even establishing a L2TP connection will not be possible.  For secure VPN operation this router seems to depend on being attached to a computer running encryption software rather than it working on its own.  Please tell me if I am wrong.

Green

RV042 Client setup

Hi Geoffrey, the router on the far end, is this a VPN server?

The PPTP WAN option on the router is expecting to authenticate ISP connection to provide internet connectivity, much like PPPoE.

I also wouldn't be surprised if you see log message from attempts to connect. "pptpd" would be considered a server error while "pppd" is client error message. The router is not designed to work as VPN client capacity. It is designed to be VPN server for IP client connection, PPTP client connection and IPSEC gateway to gateway connection.

If your goal is to interconnect 2 remote site, you may want to try IPSEC gateway to gateway VPN if the far end router supports this.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
New Member

RV042 Client setup

Tom

Many thanks for your response.

The far end server does support either straight PPTP or IPSec/L2TP clients but I have been told that authentication and encryption are needed for the PPTP connection.

I am not clear whether this would also be needed for a IPSec/L2TP connection - can you please clarify re this.

Should I be able to use the RV042's built in  Gateway to do an IPSec/L2TP connection?

Gold

RV042 Client setup

Geoffrey,

The RV042 does not have L2TP functionality, either for site to site or client VPN. For site to site VPN, IPSec is the only option. You should check if the other end supports IPSec tunnels.

- Marty

New Member

RV042 Client setup

Marty

If the other end will support IPSec tunnels would I be able to use this using what is built into the RV042 without needing PPTP encryption ?

Gold

RV042 Client setup

Geoffrey,

Yes, most site to site tunnels use IPSec as it has stronger security than PPTP.

- Marty

Bronze

RV042 Client setup

The other thing you can do is just leave the Dlink in place and set the rv042 in the Dlink's DMZ.  This way, the dlink will handle the PPTP and just provide and IP address to the rv042.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
New Member

RV042 Client setup

Using the rv042 on its own I thought that I just needed to go to the VPN Gateway to Gateway menu and fill in only these fields?

So far this has not worked.

My far end server people have told me what is needed for most of the fields but I notice that there is nowhere where I fill in my user password.

This does not seem correct.

Am I missing something ?

Gold

RV042 Client setup

Geoffrey,

For a site to site tunnel you should use a preshared key. It sounds like you are attempting to set the RV042 up as a VPN client. It should be set up as a Gateway to Gateway VPN tunnel, not Client to Gateway. Was the D-Link set up as a PPTP client? The RV042 does not have settings for that.

- Marty

New Member

Re: RV042 Client setup

Marty

I am setting the RV042 as a Gateway to Gateway VPN tunnel with a pre shared key.

The server people have only told me this:

Local net/mask: Remote IP: Remote local net/mask: 192.168.100.0/24

He has to enter somewhere his username and password. But where exactly

- I don't know, as I don't have that router handy.

However on the Gateway to Gateway screens  there seems to be no way of entering the password that the distant server needs.

Do I need to be filling in the VPN Client Access screen which does have password fields?

Gold

Re: RV042 Client setup

Geoffrey,

The VPN Client screens are for if you want to set up the RV042 as a server for clients to connect to from other locations. The remote router is set up for client connections only, not gateway to gateway.

On the gateway to gateway setup page, you will see all of the information that you need to match on the remote router. Some of the information that you will need to match EXACTLY on the remote router:

IPSec Setup

Keying Mode

Phase1 DH Group

Phase1 Encryption

Phase1 Authentication

Phase1 SA Life Time

seconds

Perfect Forward Secrecy

Phase2 DH Group

Phase2 Encryption

Phase2 Authentication

Phase2 SA Life Time

seconds

Preshared Key

- Marty

New Member

Re: RV042 Client setup

Marty

My server people say :

Unfortunately this router does not support the type of IPSec connection we are  supporting, which is IPSec/L2TP

Is this really true ?

If I am only able to fill in the IPSec screen there seems to be no way of entering my name and password.

Is this the problem ?

Geoffrey

Gold

Re: RV042 Client setup

Geoffrey,

The RV042 does not support IPSec/L2TP. More importantly, it cannot function as a VPN client so there is no place to enter a username or password. It is strictly a VPN server for IPSec Gateway to Gateway, IPSec VPN client access and PPTP client access.

- Marty

Bronze

Re: RV042 Client setup

There's a couple of different ways to implement a VPN:  Site-to-Site, Client-to-Site, and a few others I can't think of immediately.

Anyways, the rv042 is deisnged for site-to-site and client to site on certain protocols.  The dlink is doing a client to site using pptp, which is not a supported implementation by the rv042.

A way around this issue is to use the dlink as a 'modem' to connect to the vpn via pptp and then connect the rv042 behind the dlink as your main router.

You mentioned you were replacing the dlink because of the dual wan feature of the rv042.  If you only have this one wan, and it's connected to your vpn via pptp, there's no reason to even have the rv042 as the dual wan will do nothing more than the dlink can.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
New Member

Re: RV042 Client setup

Samir

The reason for wanting a dual WAN replacement was because my vpn server times out every 8 hours but allows two connections to be active.  I was therefore going to use both connections starting 4 hours apart.

I got the RV042 from eBay and you may be interested to see the listing to understand why I was mislead into thinking that the RV042 was suitable:

http://www.ebay.co.uk/itm/BrandNew-Cisco-RV042-4-Port-VPN-Firewall-Dual-WAN-Router-PPTP-IPsec-/261361448308?ssPageName=ADME:X:RTQ:GB:1123

Geoffrey

Bronze

Re: RV042 Client setup

Yes, I can see why this was misleading.   Unfortunately, the rv042 is only good for incoming pptp vpn sessions, not outgoing.

One thing you could do is get a second Internet connection with another dlink and then put the rv042 behind both of those to balance the bandwidth.  If the dlinks have a way of auto-connecting, this will solve any problems of dropped sessions except in the case of https logins.

This is one of the reasons I always download a product's owners manual and read it to make sure it will do what I need.  I've saved myself from buying a lot of useless gear over the years.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
New Member

Re: RV042 Client setup

Sarnir

The problem with using the DLink  - and another reason for wanting to replace the DLink 615K2-  is that despite months of complaining about the firmware of the DLink they have still not been able to get PPTP Keep Alive to work.

Regarding the product manual - I did download and read this but the way the manual is presented conceals the special features (limitations) of the RV042.

Geoffrey

Bronze

Re: RV042 Client setup

Bummer.   Is there a command-line interface for the dlink where you could set up a script to automatically disconnect and reconnect the pptp?

If the dlink will automatically re-establish a connection upon reboot, and reboots fairly quickly, maybe a reboot script or external rebooter might be the solution?

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
New Member

SamirThis thread has got a

Samir

This thread has got a bit tangled with the introduction of the new format - but if you recall I had to give up on the RV042 (I got a refund).  I have still not found a reliable replacement for the DLink - even an Asus RT-N16 with and without Asus, Tomato or Merlin firmware will not give a reliable PPTP connection.  I am thinking that I need a L2TP/IPsec connection to get reliability.  Can you please suggest routers that can act as L2TP/IPsec remote clients with the appropriate encryption and pre shared key.

New Member

SamirThis thread has got a

Samir

This thread has got a bit tangled with the introduction of the new format - but if you recall I had to give up on the RV042 (I got a refund).  I have still not found a reliable replacement for the DLink - even an Asus RT-N16 with and without Asus, Tomato or Merlin firmware will not give a reliable PPTP connection.  I am thinking that I need a L2TP/IPsec connection to get reliability.  Can you please suggest routers that can act as L2TP/IPsec remote clients with the appropriate encryption and pre shared key.

2418
Views
5
Helpful
20
Replies
CreatePlease to create content