Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1701
  • Last Modified:

VPN tunneling on linksys where there is no static ip for client

OK Experts, can this be solved?

I have a Linksys RV082 VPN Router that claims to have the ability to create
50 VPN tunnels. I want to create a tunnel for an offsite laptop to
communicate through the tunnel and work on line utilizing Windows 2K or XP
on the offsite laptop.

XP and Windows 2K have an internal component called IPSEC that you can use
as the "client" to connect to the VPN router. It requires a static IP in
order to work. In the setup for the router, there is a selection for a
dynamic IP with email authentication. You must select that. No one in
Linksys can tell me how to make it work. No one can tell me if it has ever
been tested.

I have found a VBS script on the Internet that someone uses to make the
connection. It reads the dynamic IP and goes into IPSEC and enters it as a
static IP and then queries the router. There is a problem in the script.
(script attached as a text file). When you click on it, you get an error
message.  

the script i found:
lanAddress = GetLANAddress()

if trim(lanAddress) = "" then
set shell = createobject("wscriptshell")

'Set up the connection Make sure you change the 666.666.666.666 to the correct server side IP.
shell.run """ipseccmd"" -f 192.168.1.*=0 -t " & lanAddress & " -1s 3DES-SHA-2 -n ESP[3DES,SHA]480SP1NPASS -1p -a P:""vpn!!!medex7"" -w reg -p WORK -r servertome -x",0,1
shell.run """ipseccmd"" -f 0=192.168.1.* -t 199.227.120.242 -1s 3DES-SHA-2 -n ESP[3DES,SHA]480SP1INPASS -1p -a P:""vpn!!!medex7"" -w reg -p WORK -r metosever -x",0,1

'Ping the VPN server's internal ip address
shell.run "ping 192.168.1.1"0,1

set shell = nothing
msgbox "VPN setup complete"
else
msgbox "Unable to set up VPN security policy" & vbCr & "Unable to determine IP address" & vbCr & "Please verify that your dial-up connection is established"
end if

Function GetLANAddress()

LANFound = False

set sh = createobject("wscript.shell")
set fso = createobject("scripting.filesystemobject")

Set Env = sh.Environment("PROCESS")

if ENV("OS") =Windows_NT" then
workfile = fso.gettempname
sh.run "%comspec% /c ipconfig > "& workfile,0,true
else
msgbox "This script is intended to run on NT/2K/XP only"
end if

set sh = nothing
set ts = fso.opentextfile(workfile)
data = split(ts.readall,vbcrif)
ts.close
set ts = nothing
fso.delete workfile
set fso = nothing

for n = 0 to unbound(data)
if LANFound then
if instr(data(n),"IP Address") then
parts = split(data(n),":")
GETLANAddress = trim(cstr(parts(1)))
msgbox GetLANAddress
Exit For
end if
else
if instr(lcase(data(n)),"ethernet adapter local area connection:") then LANFound = True
end if
next
End Function
0
Quadeeb2003
Asked:
Quadeeb2003
  • 4
  • 3
  • 3
  • +1
1 Solution
 
ewtaylorCommented:
First you need to make sure that the router firmware is up to date. Then with this particular router I believe you must disable firewall functions in order for the vpn to work. It seems you could connect using the dynamic ip and email ( I would assume the email is the password.
0
 
wildroot4Commented:
The router firmware is up to date. I spoke with questioner and confirmed it. Shutting off the firewall defeats the purpose of the VPN router. Linksys has a probloem and they are ignoring it. I have the same router and am experiencing the same problem.
0
 
ewtaylorCommented:
Yup, I have seen it on numerous news groups.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
wildroot4Commented:
ewtaytor,

I tried that VBS script but keep gettng an error on line 40 in the script. If it works, I can't tell. No experience with VB scripting. maybe someone can check it out
0
 
ewtaylorCommented:
Maybe this site can help ya some also http://routerworld.dyndns.org/
0
 
ysageevCommented:
Linksys has a knowledgebase article for doing exactly this, although with a different router of theirs.  It should almost certainly work with the RV082:

<href = "http://kb.linksys.com/cgi-bin/om_isapi.dll?clientID=1363806&QuestionText=windows&SelectName1=&advquery=%5bs%5d%5bRank%2c%2050%3a%5bSum%3a%20windows%5d%5bMerge%3a%20%5bThesaurus%3a%20windows%5d%5d%5d&infobase=linksysrev.nfo&record={3BB}&softpage=IKW_ENU_JDocView">Configuring IPsec Between a Microsoft Windows 2000 or XP and the BEFVP41</a>
0
 
ysageevCommented:
0
 
ysageevCommented:
0
 
wildroot4Commented:
To all of you who have made suggestions, Thank you! to Linksys, BITE MINE!

0
 
ryapeterCommented:
All right guys.  It is agreed that this a linksys issue that they are kindof ignoring.  In actuality, the MS IPSEC client is not equipped to work with Dynamic Endpoints.  This was the intent of that persons script they wrote, but the reason it doesnt work, it because 99% of the time you are behind a NAT.

This solution will work for single clients connecting to an RV082, but if mutiple people try to connect from the same location, only the first will recieve data.

First off, a little lesson about IPSEC.  IPSEC must have two endpoints.  The server either has to know where you are, or you have to tell the server where you are, plus you must know where the server is.

Second, DYNDNS.org and other Dynamic DNS clients are the solution to your problem.  This will allow you to know the outside of your NAT and use that to tunnel back to.

Third, you must use a VPN client software that will allow you to use Aggresive mode, since the Linksys forces Aggresive mode for every connection.  This rules out the typical client.  Our company has this solution working perfectly for about 100 laptops in a test environment.

We are currently finishing development of our own Dynamic Endpoint software and will present it to Linksys very soon.  

Any questions, let me know.

Ryan
0
 
wildroot4Commented:
Thank youi for your comment. I finally got Linksys to state that CheckPoint VPN Client works with this router. When I called CheckPoint to order it. They had absolutely no Knowledge of their software working with the RV082. I have since learned that Sentinal SSh also has problems with it. I am going to try "ProSafe VPN Client and will report back.
Again, thanks.
Wildroot4
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 3
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now