-
January 9th, 2008, 10:06 PM
#1
VPN over Linksys Issue
Ok, been working on this one all frickin' day, and I'm firmly stuck.
Got a user at home with a Linksys wrt54g wireless router. Uses PPTP VPN to connect to us remotely. Usually, with most wireless setups, our users don't have any issue connecting unless, say, they're at a hotel where port 1723 is blocked on the firewall. Not the case here -- home user with brand spankin' new Linksys router.
Might I add the user is pretty clueless too, doesn't know the first thing about configuring a router, so for the most part it's running on factory default settings.
So disregard even working with wireless just yet -- connected to the router via ethernet cable, has Internet connection just fine, tries to connect to VPN, and gets error 619, which is usually indicative of port 1723 being blocked -- but just with linksys factory default settings? Surely not. I've never heard of Linksys devices blocking VPN connections right out of the box.
Now that router is in turn connected to a Speedstream modem, ISP is SBC. According to this article, that means I'm in for some real fun. However, I'm staying in denial as long as I can before even trying that -- It was everything I could do to walk the user through locating the C: drive, much less resetting his modem and reinstalling his router. Surely there must be a simpler solution?
I did try a firmware update from version 8.0 to 8.0.2, the latest release, and it worked great for maybe an hour or two. But then he tried to set up encryption on the wireless, and we're back to 619 errors, wired or wireless.
Doesn't make a lotta sense huh?
So I'm about to call up Linksys and see if they can offer any actual advice on this issue.
In the meantime...any ideas?
FYI googling has turned up that a ton of people have had the same problem with no solution...let's see if AO can deliver the answer.
Last edited by AngelicKnight; January 9th, 2008 at 10:16 PM.
-
January 9th, 2008, 10:18 PM
#2
A couple questions come to mind...
1. Can the customer connect to the VPN with out the router in place?
2. Could they connect before they got this router?
Similar question differnt way of asking
Its also a possibility that the ports might need forwarding from exteranal to his internal IP.
another thing you could have him do would be to login and enable remote admin and you could connect to the router and configure it? I would assume that the last option depens on your companies security policy.
LOGIN: yes
PASSWORD: I dont have one
"Login Failed"
-
January 9th, 2008, 10:24 PM
#3
I could never get VPN to work with MS servers and low end linksys....dlinks yes...linksys no
You also need the IP Protocol 47 GRE (Generic Router Encapsulation Protocol).
Some routers handle GRE forwarding and others dont
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
January 9th, 2008, 10:50 PM
#4
1. Can the customer connect to the VPN with out the router in place?
2. Could they connect before they got this router?
Yes! And sorry, should have mentioned that earlier. Bypassing the router and going straight through modem works without a hitch, so it's definitely the router.
Just finished talking to Linksys support, and I think I have the solution. I must've been lucky and just landed a fully competent tech. In any case, gonna try it soon as I can hook up with the user again.
Basically I'm going to have the user enable remote management, then get in from here and tweak some settings --
According to support, I'm supposed to manually set his computer's IP address to, say, 192.168.1.10 (given router's set to default 192.168.1.1), then go to Applications and Gaming tab in router configuration and under the Port Range Forwarding tab, forward ports 1723, 500, 50, and 47.
Then enter 1723 in both start and end fields, set protocol to "Both", enter 10 for the IP adddress, and enable it. Repeat for the remaining ports.
If that doesn't work, I'm supposed to disable the ports then and enable DMZ instead, still using the same IP address. (Eh, though wouldn't hat negate the purpose of wanting security in place?!)
I also bumped into this while googling:
So I'm going to check on that too.
So we'll see what happens. I'll give a full report when I have some results.
Last edited by AngelicKnight; January 9th, 2008 at 10:53 PM.
-
January 11th, 2008, 04:40 PM
#5
Sorry A.K. I didn't see this sooner.
log in to the router 192.168.1.1 via web browser and in setup / networking IPSec, PPTP, and other VPN traffic types are disabled by default.
You have to set them to allow.
09:F9:11:02:9D:74:E3:5B 8:41:56:C5:63:56:88:C0
-
January 11th, 2008, 05:05 PM
#6
Hey dinowuff,
Is what you're referring to?
I had heard/read about that elsewhere, but also read that at least in once case it didn't work. So that's Plan A, the rest Plan B.
But for now, the user sent his laptop in so I can fix a corrupt profile issue on there, so until I get that shipped back to him next week, working on this is on hold...
Similar Threads
-
By Viper2026 in forum General Computer Discussions
Replies: 3
Last Post: June 15th, 2005, 10:03 PM
-
By thehorse13 in forum Network Security Discussions
Replies: 31
Last Post: June 8th, 2004, 08:19 AM
-
By OverdueSpy in forum Network Security Discussions
Replies: 0
Last Post: June 7th, 2004, 01:57 PM
-
By dolemite in forum Network Security Discussions
Replies: 2
Last Post: November 15th, 2002, 09:50 PM
-
By Noble Hamlet in forum AntiOnline's General Chit Chat
Replies: 1100
Last Post: March 17th, 2002, 09:38 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|