I'm trying desperately to get my RV120W to establish a VPN connection. The goal is to let clients access via VPN client - do not need to do anything site to site.
Due to constraints at the site, our only option is to place the RV120W behind a DSL modem, which is an Actiontec PK5000 provided by Qwest.
Nuts and bolts of what I've done so far;
DSL modem has its own LAN side, obviously - its living at 192.168.0.x. LAN side of the RV120W is 192.168.3.x
enabled IPSEC passthrough in the DSL modem to the RV120W's IP address (192.168.0.2)
used the VPN Wizard to create the IPSEC policies, including a shared key.
Created a username/pw
attempted to connect to the VPN through QuickVPN client (from Win7-64bit, for what its worth). Failed to connect. Firewall is enabled, so its not an issue of IPSEC being disabled.
Enabled RIP v2 on the DSL modem (as suggested by the modem configuration in situations where there is a gateway behind the dsl modem)
So - I'm not sure what I'm doing wrong, or if I'm battling a situation where it simply cannot be done. This seemed like a pretty simple configuration - I'm kind of perplexed as to why I'm having so much trouble with it.
I've attached screenshots of what my IPSEC policy settings are. I've left everything at the defaults (this was at the suggestion of the telephone support from Cisco).
Some questions that I'm not able to understand from the documentation - in the policy settings, the remote endpoint defaults to a FQDN, then enters remote.com - is that simply a placeholder text that should be replaced with the actual FQDN of my site? Or, should I be using "Local WAN IP" since I'm behind the DSL modem?
Hopefully that's enough to get started with what the situation is - I would greatly appreciate anyone who can help me walk through this. Definitely hit one of those walls where its beyond the knowledge that I had in my head.
Is it possible in your situation to put your DSL modem into "Bridge Mode"? This will essentially turn your DSL modem into a pass through modem and pass the Public IP address over to the RV120W. This is how we resolve these issues here at the Support Center.
The problem with the RV120W recieving a private IP address is that address is not publically routable on the internet. If your client tries to connect to 192.168.0.2, the ISP on that remote side is going to drop the outbound attempt due to the fact that the private IP scheme is not publically routable.
Some ISP's and Modem vendors have also tried to resolve this by port forwarding these requests to the WAN side of the router. What we have found is that that works in some instances but is not reliable so we do not recommend it and persue putting the modem in Bridge Mode.
Another thing you can do to try and determine why it's not connecting is a port scan. Connect a PC directly to the modem and then go to https://www.grc.com/x/ne.dll?bh0bkyd2 Click on the Proceed button. The following screen will have a link that says All Service Ports. Click on this link. This will now scan port 1-1025. Use the key at the top to determine if ports 443 and 500 are being blocked via your ISP. If they are, you will need to contact your ISP and have these unblocked. Stealth or Filtered ports can also cause issues. What stealth means is that the port doesn't respond to a connection with a Source IP address outside your network. It functions similar to a firewall in that "unknown" or "unsecure" requests are denied. However if the traffic initiates on your LAN, outbound it will allow the traffic to pass.
Lastly, if you are still having trouble please feel free to contact us at anytime at 1-866-606-1866.
Putting the DSL modem into bridge mode is what I was able to do about a week ago that finally worked. I had my ISP assign an static IP, and things work well now.
One concern I had is that even after doing this, I was unable to get the Cisco QuickVPN client to connect (on Win7 x64). The document in the FAQ seems to point to the Greenbow client, so I installed that and was able to get it to work very well. I guess I was wondering if using an external IPSEC client is how Cisco would recommend connecting, or if I should theoretically be able to connect with the Cisco client.
Thanks for the suggestion on Bridge mode. FWIW - that seems like it would be extremely valid advice to put in the documentation of the RV120W - as a device that is sold to small businesses, I'd say that 50% or more of small businesses are going to have DSL modems as their primary source of connectivity.
In regards to the Cisco Quick VPN software and Windows 7 x64, it should work. With Win 7 and Vista, the IPSec service has to be started and running on the PC and the windows default firewall should also be enabled. If the service is disabled, or the firewall is off you will not be able to connect. Please also make sure to upgrade to the latest QVPN client for x64 support.
If all else fails, please do not hesitate to call in for support at 1-866-606-1866.
I will certainly pass along your suggestion as well for the documentation of DSL modems in bridge mode.
Hi Ryan, My name is Eric Moyers. I work in the Small business Support Center with Dave. If you will go to the Cisco.com website and in the search bar in the upper RH corner input "QVPN 22.214.171.124" then click search, it will bring you back several results that say Download Software for ************* Router:QVPN_UTIL_126.96.36.199.zip. (Where ************* is several of our routers) you can actually download any of these, does not have to say RV120W because the same QVPN works on all of our routers. Hope this helps. Let us know if you encounter any problems.
Hello, This article will describe how to configure PPTP VPN on the new
RV340/345 routers from the Small Business series. RV340/345
Configuration The first step is to enable the PPTP Server: Go to VPN ->
PPTP Server Change PPTP Server: from Off to On Selec...
Article ID:5748 Use TheGreenBow VPN Client to Connect with RV34x Series
Router Introduction A Virtual Private Network (VPN) connection allows
users to access, send, and receive data to and from a private network by
means of going through a public or share...
Article ID:5728 Configure a Teleworker VPN Client on the RV34x Series
Router Objective The Teleworker VPN Client feature minimizes the
configuration requirements at remote locations by allowing the device to
work as a Cisco VPN hardware client. When the T...