Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2047
Views
0
Helpful
5
Replies

RV180 VPN and QuickVPN

scot00001
Level 1
Level 1

‎09-13-2013 12:58 PM

I just bought a Cisco RV180 router for the sole purpose of setting up a secure VPN connection from my home computer, office computer, and ipad to my PLC network. PPTP connections work fine but I can not get the more secure IPsec connections to work. The reason I went with Cisco was for an IPsec VPN connection.

I've updated the firmware. I've tried using the default VPN settings in the basic VPN setup and setting up users accounts with the connection type set to QuickVPN. I've tried following several dozen guides and tips found on these forums. From changing windows firewall settings to setting up users with XAUTH settings. I've also copied the router's certificate to the QuickVPN installation folder.

From a PC with Vista x64 and service pack 2, I can get QuickVPN to connect to the router just fine. After that, I am able to ping and even manage the router (192.168.100.1 in my case) but I can not ping any other computers or devices on the remote network.

I don't see anything Quick about QuickVPN. The reason I bought a Cisco VPN router was for IPsec and it does not work. Default settings should work but they don't. There doesn't seem to be any shortage of people with this exact same problem but every thread I've read on it is full of people saying they have the same problem - can connect to the router but nothing else on the remote subnet - and nobody with an answer.

Here's the detail:

I have a range of static IP address. The router is set up with a WAN addres of xxx.xxx.xxx.219, subnet 255.255.255.248, gateway of xxx.xxx.xxx.217

The router LAN address is 192.168.100.1, subnet 255.255.255.0

DHCP server set to assign address from 192.168.100.200 to 249.

Everything currently on the 192.168.100.xxx subnet has static addresses.

My home network is 192.168.2.xxx

I setup a user in the router with QuickVPN the QuickVPN protocol, then go through the basic VPN setup, set to VPN Client, give it a name and key, leaving everything else at default, set local lan address to 192.168.100.0, local lan subnet to 255.255.255.0.

I can then install QuickVPN and connect to the router just fine using the username and password.

But, I can not connect to any resources on the 192.168.100.xxx network except for the router at 192.168.100.1

Labels:
0 Helpful
5 Replies 5

mpyhala
Level 7
Level 7

‎09-13-2013 04:25 PM

Hi Scot,

How many and what type of devices are you trying to access on the remote LAN? If they are PCs it is likely that either the built-in or a third party firewall/antivirus software is blocking the connections. If you are talking about a "dumb" device such as a printer or IP camera, make sure that the default gateway of that device is the RV180 LAN IP. (192.168.100.1) If the device does not have a default gateway or it is incorrect there is no way to reach it using QuickVPN.

Were you able to reach all of the devices using PPTP?

What is the DHCP scope for PPTP clients?

Please provide the details so we can help you proceed further. QuickVPN normally works quite well although there are some things that can get in the way.

- Marty

0 Helpful

scot00001
Level 1
Level 1
In response to mpyhala

‎09-16-2013 05:09 AM

Thanks for the help.

There is 1 PC on the network. The rest is PLCs and C-More touch panels. The PC has 2 network adapters and is physically connected to both the 192.168.2.xxx and 192.168.100.xxx networks (office and plant using 2 NICs) and is running Windows XP Pro.

I tried adding the gateway 192.168.100.1 to the remote computer in the TCP IP4 advance settings panel and I tried disabling it's firewall completely. QuickVPN still lets me connect but I'm still only able to get a response from the router LAN address - 192.168.100.1. I also was able to edit the default gateways on the touch panels but that didn't make a difference.

With PPTP, I am able to reach all of the devices. The most important devices I need to reach are the C-More panels with the Remote Access program and that works just fine with PPTP. But, I'm a little wary of logging into the PPTP connection from a public WiFi.

The DHCP scope for PPTP clients is set to Starting: 192.168.100.120, Ending: 192.168.100.129.

Another thing about this network is all the devices have static IP addresses. The PC is set to automatically obtain and IP address on that NIC but this new Cisco router is set (under Networking->LAN->Static DHCP) to always use 192.168.100.119 for that MAC address. It's set that way so that I can always find that PC for a TightVNC connection in case I need to remotely work on a PLC (that PC is used to program the PLCs and touch panels) when there is a problem.

But, I really don't think it has anything to do with the PC on that network. With a PPTP connection I can ping all the devices on it, not just the PC. But with a QuickVPN connection the only address that responds is 192.168.100.1.

0 Helpful

mpyhala
Level 7
Level 7
In response to scot00001

‎09-16-2013 11:13 AM

Scot,

I just noticed that in your first post you wrote:

"I setup a user in the router with QuickVPN the QuickVPN protocol, then go through the basic VPN setup, set to VPN Client, give it a name and key, leaving everything else at default, set local lan address to 192.168.100.0, local LAN subnet to 255.255.255.0."

Do you mean that you gave your PC a LAN address in the 192.168.100.0/24 subnet before connecting to the remote router? If that is the case then that is why you are having trouble. The PC you are connecting from should have a 192.168.2.0/24 address and the VPN router will NAT the traffic.

When you connect using PPTP the VPN router actually assigns your PC an IP address in the same subnet. With QuickVPN it does not and you should retain the IP address of the network that you connect from.

- Marty

0 Helpful

scot00001
Level 1
Level 1
In response to mpyhala

‎09-16-2013 12:08 PM

The PC I'm connecting with uses the 192.168.2. subnet.

I was referring to the settings on the VPN Basic Setup screen on the RV180, I've attached a picture of an example.

Edit: I forgot to mention, I've tried addresses not ending in 0 here. Both 192.168.100.1 and 192.168.100.130.

Ideally, I want to connect with an IPsec connection using a preshared key but if I can't even get QuickVPN to work then there's no sense trying to do that yet.

Preview file
166 KB
0 Helpful

mpyhala
Level 7
Level 7
In response to scot00001

‎09-16-2013 12:21 PM

Scot,

There is nothing on that page that has anything to do with QuickVPN. The only settings are adding a username and password under "VPN Users" and enabling Remote Management. If you have made any changes to the Basic VPN settings please delete them.

We are back to square one regarding the issue you are experiencing. There are many things that could be wrong and I recommend that you call support at this point. Support is available 9am-6pm M-F local time. You can find a number to call at the following page: www.cisco.com/go/sbsc

- Marty

0 Helpful
Customers Also Viewed These Support Documents