Solved

VPN tunneling on linksys where there is no static ip for client

Posted on 2004-04-26
11
1,683 Views
Last Modified: 2010-04-12
OK Experts, can this be solved?

I have a Linksys RV082 VPN Router that claims to have the ability to create
50 VPN tunnels. I want to create a tunnel for an offsite laptop to
communicate through the tunnel and work on line utilizing Windows 2K or XP
on the offsite laptop.

XP and Windows 2K have an internal component called IPSEC that you can use
as the "client" to connect to the VPN router. It requires a static IP in
order to work. In the setup for the router, there is a selection for a
dynamic IP with email authentication. You must select that. No one in
Linksys can tell me how to make it work. No one can tell me if it has ever
been tested.

I have found a VBS script on the Internet that someone uses to make the
connection. It reads the dynamic IP and goes into IPSEC and enters it as a
static IP and then queries the router. There is a problem in the script.
(script attached as a text file). When you click on it, you get an error
message.  

the script i found:
lanAddress = GetLANAddress()

if trim(lanAddress) = "" then
set shell = createobject("wscriptshell")

'Set up the connection Make sure you change the 666.666.666.666 to the correct server side IP.
shell.run """ipseccmd"" -f 192.168.1.*=0 -t " & lanAddress & " -1s 3DES-SHA-2 -n ESP[3DES,SHA]480SP1NPASS -1p -a P:""vpn!!!medex7"" -w reg -p WORK -r servertome -x",0,1
shell.run """ipseccmd"" -f 0=192.168.1.* -t 199.227.120.242 -1s 3DES-SHA-2 -n ESP[3DES,SHA]480SP1INPASS -1p -a P:""vpn!!!medex7"" -w reg -p WORK -r metosever -x",0,1

'Ping the VPN server's internal ip address
shell.run "ping 192.168.1.1"0,1

set shell = nothing
msgbox "VPN setup complete"
else
msgbox "Unable to set up VPN security policy" & vbCr & "Unable to determine IP address" & vbCr & "Please verify that your dial-up connection is established"
end if

Function GetLANAddress()

LANFound = False

set sh = createobject("wscript.shell")
set fso = createobject("scripting.filesystemobject")

Set Env = sh.Environment("PROCESS")

if ENV("OS") =Windows_NT" then
workfile = fso.gettempname
sh.run "%comspec% /c ipconfig > "& workfile,0,true
else
msgbox "This script is intended to run on NT/2K/XP only"
end if

set sh = nothing
set ts = fso.opentextfile(workfile)
data = split(ts.readall,vbcrif)
ts.close
set ts = nothing
fso.delete workfile
set fso = nothing

for n = 0 to unbound(data)
if LANFound then
if instr(data(n),"IP Address") then
parts = split(data(n),":")
GETLANAddress = trim(cstr(parts(1)))
msgbox GetLANAddress
Exit For
end if
else
if instr(lcase(data(n)),"ethernet adapter local area connection:") then LANFound = True
end if
next
End Function
0
Comment
Question by:Quadeeb2003
  • 4
  • 3
  • 3
  • +1
11 Comments
 
LVL 11

Expert Comment

by:ewtaylor
ID: 10930871
First you need to make sure that the router firmware is up to date. Then with this particular router I believe you must disable firewall functions in order for the vpn to work. It seems you could connect using the dynamic ip and email ( I would assume the email is the password.
0
 

Expert Comment

by:wildroot4
ID: 10938686
The router firmware is up to date. I spoke with questioner and confirmed it. Shutting off the firewall defeats the purpose of the VPN router. Linksys has a probloem and they are ignoring it. I have the same router and am experiencing the same problem.
0
 
LVL 11

Accepted Solution

by:
ewtaylor earned 500 total points
ID: 10939045
Yup, I have seen it on numerous news groups.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Expert Comment

by:wildroot4
ID: 10942087
ewtaytor,

I tried that VBS script but keep gettng an error on line 40 in the script. If it works, I can't tell. No experience with VB scripting. maybe someone can check it out
0
 
LVL 11

Expert Comment

by:ewtaylor
ID: 10943209
Maybe this site can help ya some also http://routerworld.dyndns.org/
0
 
LVL 3

Expert Comment

by:ysageev
ID: 11183291
Linksys has a knowledgebase article for doing exactly this, although with a different router of theirs.  It should almost certainly work with the RV082:

<href = "http://kb.linksys.com/cgi-bin/om_isapi.dll?clientID=1363806&QuestionText=windows&SelectName1=&advquery=%5bs%5d%5bRank%2c%2050%3a%5bSum%3a%20windows%5d%5bMerge%3a%20%5bThesaurus%3a%20windows%5d%5d%5d&infobase=linksysrev.nfo&record={3BB}&softpage=IKW_ENU_JDocView">Configuring IPsec Between a Microsoft Windows 2000 or XP and the BEFVP41</a>
0
 
LVL 3

Expert Comment

by:ysageev
ID: 11183299
0
 
LVL 3

Expert Comment

by:ysageev
ID: 11183314
0
 

Expert Comment

by:wildroot4
ID: 11185045
To all of you who have made suggestions, Thank you! to Linksys, BITE MINE!

0
 

Expert Comment

by:ryapeter
ID: 11404833
All right guys.  It is agreed that this a linksys issue that they are kindof ignoring.  In actuality, the MS IPSEC client is not equipped to work with Dynamic Endpoints.  This was the intent of that persons script they wrote, but the reason it doesnt work, it because 99% of the time you are behind a NAT.

This solution will work for single clients connecting to an RV082, but if mutiple people try to connect from the same location, only the first will recieve data.

First off, a little lesson about IPSEC.  IPSEC must have two endpoints.  The server either has to know where you are, or you have to tell the server where you are, plus you must know where the server is.

Second, DYNDNS.org and other Dynamic DNS clients are the solution to your problem.  This will allow you to know the outside of your NAT and use that to tunnel back to.

Third, you must use a VPN client software that will allow you to use Aggresive mode, since the Linksys forces Aggresive mode for every connection.  This rules out the typical client.  Our company has this solution working perfectly for about 100 laptops in a test environment.

We are currently finishing development of our own Dynamic Endpoint software and will present it to Linksys very soon.  

Any questions, let me know.

Ryan
0
 

Expert Comment

by:wildroot4
ID: 11405196
Thank youi for your comment. I finally got Linksys to state that CheckPoint VPN Client works with this router. When I called CheckPoint to order it. They had absolutely no Knowledge of their software working with the RV082. I have since learned that Sentinal SSh also has problems with it. I am going to try "ProSafe VPN Client and will report back.
Again, thanks.
Wildroot4
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question