No, it still doesn't work.
Do you think all the setting that I mentioned above are correct?
Main Topics
Browse All TopicsI was trying to setup a VPN on RVS4000.
I configured a below VPN setting on RVS4000 but the status says it is down.
Can anyone tell me what is wrong and how to configure correctly?
Thanks
Local Group Setup Local Security Gateway Type: IP Only
IP address: xxx.xxx.160.99
Local Security Group Type: Subnet
IP Address: 192.168.0.1
Subnet Mask: 255.255. 255.0
--------------------------
Remote Group Setup Remote Security Gateway Type: Any
Remote Security Group Type: IP Addr
IP Address: 192.168.2.0
This Gateway accepts requests from any IP address.
Subnet Mask: 255.255.255.0
--------------------------
IPSec Setup Keying Mode: IKE with Preshared keyl
Phase 1:
Encryption: 3DES
Authentication: MD5
Group: 768-bit
Key Life Time: 28800Sec.
Phase 2:
Encryption: 3DES
Authentication: SHA1
Perfect Forward Secrecy: Enable
Status Down
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
Actually the 2.x is not real one I just put the number since it was mandatory field even though I selected the Any for gateway type.
Here is what I'm trying to do.
This RVS4000 router is in the office(T1) and I want to connect to the office network from my home(DSL).
RVS4000 IP: xxx.xxx.160.99 (Wan)
RVS4000 IP: 192.168.0.1 (Lan)
Home 192.168.1.8 (Lan)
Thanks
IP Address: 192.168.2.0
0.0.0.0 = any
I would change that.
As SysExpert stated it will show status down unless a remote user is connected.
Based on your configuration I assume you are using an IPSec VPN client for remote users to connect. If so which client? Your configuration is not for use with Linksys Quick VPN or Windows clients, nor another remote VPN router. The only one I know that will work for sure is www.TheGreenBow.com
Instructions: http://www.thegreenbow.com
Thanks for your reponse.
I thought nobody is going to answer my question.
Fiirst, there is a summary status screen that shows connect button which it will change to disconnect after the connection so I think something is wrong with my setting.
Second, to use Quick VPN how the configuration need to be changed.
Thanks
None of that page need be configured for the QuickVPN client. It is on a different configuration page and basically only needs a user name and password. You must also use the matching version of the QuickVPN client.
From the RVS4000 manual:
1.Click the VPN tab.
2. Click the VPN Client Accounts tab.
3. Enter the username in the Username field.
4. Enter the password in the Password field, and enter it again in the Re-enter to confirm field.
5. Click the Add/Save button.
6. Click the Active checkbox for VPN Client No. 1.
Click the Save Settings button.
All you have to do on the RVS4000 is username and password. I have done lots of them.
However the QuickVPN client is the most troublesome VPN client available today. There are pages of blogs outlining potential issues.
For starters:
-The RVL4000 must have a public IP assigned to it
-The client can only be behind a single routing device. i.e. it cannot be behind a modem that is a combined modem and router, in conjunction with a standard router
-it does not work at all behind some routers
-the site from which you are connecting cannot use the same subnet as the suite to which you are connecting
-the VPN client must match the version of the firmware on the router. Some versions require exporting a certificate from the router and installing on the client
http://www.linksys.com/ser
-the traffic can be blocked by software such as Symantec anti-virus with Internet worm protection enabled, McAfee security suite, ZoneAlarm, Windows Live One Care, and others.
Some sample sites:
http://www.experts-exchang
http://www.linksysinfo.org
http://www.linksysinfo.org
It is very difficult for us to isolate the problem. As mentioned though the QuickVPN works well there can be many issues that can block the VPN traffic. The links provided earlier list dozens of possible causes It is a case of addressing each one at a time. Also "still doesn't work" doesn't give us much to go on.
In the log "home" cannot initiate the connection without knowing peer ip address.
And from the summary screen, the tunnel test button remains "connect" after I click.
And My answers for RobWill
-The RVL4000 must have a public IP assigned to it - Yes
-The client can only be behind a single routing device. i.e. it cannot be behind a modem that is a combined modem and router, in conjunction with a standard router - Tried at work and home
-it does not work at all behind some routers - ???
-the site from which you are connecting cannot use the same subnet as the suite to which you are connecting - Tried different subnet
-the VPN client must match the version of the firmware on the router. Some versions require exporting a certificate from the router and installing on the client - Tried both xp and vista version
-the traffic can be blocked by software such as Symantec anti-virus with Internet worm protection enabled, McAfee security suite, ZoneAlarm, Windows Live One Care, and others. - Disabled all
Some sample sites: - I've tried belows before I post the question here.
http://www.experts-ex
http://ww
htt
Thanks for your help
>>"In the log "home" cannot initiate the connection without knowing peer ip address."
Sounds as if the RVS4000 public IP is not accessible.
-Is it possible it is not assigned a true public IP ( you mention it is) or it is behind a router or modem that is a combined modem and router?
-The client is using the wrong IP?
-The client is using a FQDN that does not properly resolve to the correct IP?
>>"the VPN client must match the version of the firmware on the router."
By this I mean the Quick VPN has multiple version numbers such as 1.1.10, 1.2.8 They must be the appropriate version for your router and firmware. I would make sure you have the latest firmware for your router and matching VPN client from:
http://www.linksys.com/ser
>>"the traffic can be blocked by software such as Symantec anti-virus "
Some, I don't recall have to be uninstalled, not just disabled. Also it will not work if many of the other IPSec VPN clients are installed on the same machine.
My answers are in Bold.
Sounds as if the RVS4000 public IP is not accessible. - It is accessable since port forwarding is working.
-Is it possible it is not assigned a true public IP ( you mention it is) or it is behind a router or modem that is a combined modem and router? - I'm using T1 Cisco 1720 router.
-The client is using the wrong IP? - What do you mean wrong IP?
-The client is using a FQDN that does not properly resolve to the correct IP? - I don't get it. why FQDN is related with this issue since we are using IP
>>"I'm using T1 Cisco 1720 router"
Why not use the Cisco VPN client to connect to that directly?
I assume then you have Internet=>Cisco=>Linksys. VERY doubtful this will work.
>>"What do you mean wrong IP?"
The IP in the client needs to match the public IP of the RVS4000.
>>"why FQDN is related with this issue since we are using IP"
Correct if not using FQDN for client it doesn't matter.
Currently, I don't have any information on this Cisco 1720 because the person who installed left nothing.
And I don't have the password to check what kind of settings we have.
Currently we don't use Cisco 1720 as a router we're using is as T1 modem I think.
But 5 public IPs are assigned to this Cisco 1720 and I'm using one of them for Linksys RVS4000.
Business Accounts
Answer for Membership
by: SysExpertPosted on 2009-04-02 at 12:46:46ID: 24053751
IP Address: 192.168.0.1 should be
IP Address: 192.168.0.0 probably
I hope this helps !