Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

VPN tunneling on linksys where there is no static ip for client

Posted on 2004-04-26
11
Medium Priority
?
1,694 Views
Last Modified: 2010-04-12
OK Experts, can this be solved?

I have a Linksys RV082 VPN Router that claims to have the ability to create
50 VPN tunnels. I want to create a tunnel for an offsite laptop to
communicate through the tunnel and work on line utilizing Windows 2K or XP
on the offsite laptop.

XP and Windows 2K have an internal component called IPSEC that you can use
as the "client" to connect to the VPN router. It requires a static IP in
order to work. In the setup for the router, there is a selection for a
dynamic IP with email authentication. You must select that. No one in
Linksys can tell me how to make it work. No one can tell me if it has ever
been tested.

I have found a VBS script on the Internet that someone uses to make the
connection. It reads the dynamic IP and goes into IPSEC and enters it as a
static IP and then queries the router. There is a problem in the script.
(script attached as a text file). When you click on it, you get an error
message.  

the script i found:
lanAddress = GetLANAddress()

if trim(lanAddress) = "" then
set shell = createobject("wscriptshell")

'Set up the connection Make sure you change the 666.666.666.666 to the correct server side IP.
shell.run """ipseccmd"" -f 192.168.1.*=0 -t " & lanAddress & " -1s 3DES-SHA-2 -n ESP[3DES,SHA]480SP1NPASS -1p -a P:""vpn!!!medex7"" -w reg -p WORK -r servertome -x",0,1
shell.run """ipseccmd"" -f 0=192.168.1.* -t 199.227.120.242 -1s 3DES-SHA-2 -n ESP[3DES,SHA]480SP1INPASS -1p -a P:""vpn!!!medex7"" -w reg -p WORK -r metosever -x",0,1

'Ping the VPN server's internal ip address
shell.run "ping 192.168.1.1"0,1

set shell = nothing
msgbox "VPN setup complete"
else
msgbox "Unable to set up VPN security policy" & vbCr & "Unable to determine IP address" & vbCr & "Please verify that your dial-up connection is established"
end if

Function GetLANAddress()

LANFound = False

set sh = createobject("wscript.shell")
set fso = createobject("scripting.filesystemobject")

Set Env = sh.Environment("PROCESS")

if ENV("OS") =Windows_NT" then
workfile = fso.gettempname
sh.run "%comspec% /c ipconfig > "& workfile,0,true
else
msgbox "This script is intended to run on NT/2K/XP only"
end if

set sh = nothing
set ts = fso.opentextfile(workfile)
data = split(ts.readall,vbcrif)
ts.close
set ts = nothing
fso.delete workfile
set fso = nothing

for n = 0 to unbound(data)
if LANFound then
if instr(data(n),"IP Address") then
parts = split(data(n),":")
GETLANAddress = trim(cstr(parts(1)))
msgbox GetLANAddress
Exit For
end if
else
if instr(lcase(data(n)),"ethernet adapter local area connection:") then LANFound = True
end if
next
End Function
0
Comment
Question by:Quadeeb2003
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
  • +1
11 Comments
 
LVL 11

Expert Comment

by:ewtaylor
ID: 10930871
First you need to make sure that the router firmware is up to date. Then with this particular router I believe you must disable firewall functions in order for the vpn to work. It seems you could connect using the dynamic ip and email ( I would assume the email is the password.
0
 

Expert Comment

by:wildroot4
ID: 10938686
The router firmware is up to date. I spoke with questioner and confirmed it. Shutting off the firewall defeats the purpose of the VPN router. Linksys has a probloem and they are ignoring it. I have the same router and am experiencing the same problem.
0
 
LVL 11

Accepted Solution

by:
ewtaylor earned 1500 total points
ID: 10939045
Yup, I have seen it on numerous news groups.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Expert Comment

by:wildroot4
ID: 10942087
ewtaytor,

I tried that VBS script but keep gettng an error on line 40 in the script. If it works, I can't tell. No experience with VB scripting. maybe someone can check it out
0
 
LVL 11

Expert Comment

by:ewtaylor
ID: 10943209
Maybe this site can help ya some also http://routerworld.dyndns.org/
0
 
LVL 3

Expert Comment

by:ysageev
ID: 11183291
Linksys has a knowledgebase article for doing exactly this, although with a different router of theirs.  It should almost certainly work with the RV082:

<href = "http://kb.linksys.com/cgi-bin/om_isapi.dll?clientID=1363806&QuestionText=windows&SelectName1=&advquery=%5bs%5d%5bRank%2c%2050%3a%5bSum%3a%20windows%5d%5bMerge%3a%20%5bThesaurus%3a%20windows%5d%5d%5d&infobase=linksysrev.nfo&record={3BB}&softpage=IKW_ENU_JDocView">Configuring IPsec Between a Microsoft Windows 2000 or XP and the BEFVP41</a>
0
 
LVL 3

Expert Comment

by:ysageev
ID: 11183299
0
 
LVL 3

Expert Comment

by:ysageev
ID: 11183314
0
 

Expert Comment

by:wildroot4
ID: 11185045
To all of you who have made suggestions, Thank you! to Linksys, BITE MINE!

0
 

Expert Comment

by:ryapeter
ID: 11404833
All right guys.  It is agreed that this a linksys issue that they are kindof ignoring.  In actuality, the MS IPSEC client is not equipped to work with Dynamic Endpoints.  This was the intent of that persons script they wrote, but the reason it doesnt work, it because 99% of the time you are behind a NAT.

This solution will work for single clients connecting to an RV082, but if mutiple people try to connect from the same location, only the first will recieve data.

First off, a little lesson about IPSEC.  IPSEC must have two endpoints.  The server either has to know where you are, or you have to tell the server where you are, plus you must know where the server is.

Second, DYNDNS.org and other Dynamic DNS clients are the solution to your problem.  This will allow you to know the outside of your NAT and use that to tunnel back to.

Third, you must use a VPN client software that will allow you to use Aggresive mode, since the Linksys forces Aggresive mode for every connection.  This rules out the typical client.  Our company has this solution working perfectly for about 100 laptops in a test environment.

We are currently finishing development of our own Dynamic Endpoint software and will present it to Linksys very soon.  

Any questions, let me know.

Ryan
0
 

Expert Comment

by:wildroot4
ID: 11405196
Thank youi for your comment. I finally got Linksys to state that CheckPoint VPN Client works with this router. When I called CheckPoint to order it. They had absolutely no Knowledge of their software working with the RV082. I have since learned that Sentinal SSh also has problems with it. I am going to try "ProSafe VPN Client and will report back.
Again, thanks.
Wildroot4
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question