Solved

Connecting a Linksys WRV54G to an IPCop

Posted on 2006-06-27
11
1,717 Views
Last Modified: 2008-02-01
I am trying to make a VPN tunnel between a Linksys WRV54g connected to cable modem to an IPCop firewall connected to a T1.  I am using the Linksys BEFSX41 connecting to an IPCop with no problems, but if i set the WRV54G with the same settings, it is not working.  The only difference I see in the set up between the two Linksys routers is that the BEFSX41 has SHA encryption for the authentication and the WRV54G has SHA1 for the authentication.  I have tried using both types on the IPCop with no change.  Any help would be greatly appreciated.
0
Comment
Question by:adbinc
  • 6
  • 5
11 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16995086
I am not familiar with IPCop but I assume it performs NAT. If so, I don't believe the WRV54G will work as it does not support NAT-T (Network Address Translation - Traversal). The BEFSX41 and BEFV41 do support NAT-T.
0
 

Author Comment

by:adbinc
ID: 16996285
The WRV54G is connecting to a BEFSX41 right now but disconnects probably once a week so we wanted to upgrade the SX41 to an IPCop.  By what you said, if the IPCop supports NAT-T, then the WRV54G should connect to the IPCop just like it does to the SX41, correct?
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16996365
I am confused  :-)
In the first post it sounded like you have:  LAN=>BEFSX41=>IPCop=>Internet  working OK
Wanting to change to:  LAN=>WRV54G=>IPCop=>Internet   not working
Which is why I thought you ere having problems, as the WRV54G supposedly will not work behind a NAT device.

In your second post it sounds like: LAN=>WRV54G=>BEFSX41=>Internet  working intermittently
Wanting to change to:  LAN=>WRV54G=>IPCop=>Internet   not working

Could you confirm set up?

>>"if the IPCop supports NAT-T, then the WRV54G should connect to the IPCop just like it does to the SX41, correct?"
Concern is WRV54G doesn't support NAT-T rather than IPCop.


0
 

Author Comment

by:adbinc
ID: 16996423
Sorry for the confusions.  
Current setup: remote office LAN=>WRV54G=>VPN tunnel through Internet=>BEFSX41=>main office LAN:  disconencting once a week

Upgraded setup where the WRV54G will not establish VPN tunnel to IPcop:  
Remote office LAN=>WRV54G=>VPN tunnel through Internet=>IPCop=>main office LAN

I hope that clears things up:~)

0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16997081
Sorry I was assuming all one end. That makes more sense. Where I am not familiar with IPCop I will not be much help. The security protocols will have to match exactly. If using SHA-1 on one end it will have to be SHA-1 on the other. If that is not an option can you use MD5 on both ends instead?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:adbinc
ID: 16997200
SHA1 and MD5 are both options.  I tried both and neither will work.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17000758
Not being familiar with the IPCop, I am afraid I don't know. I am quite familiar with the WRV54G and I just had a look at the BEFSX41 on-line manual, and I have to agree I would think configuration would be identical. I don't see any reason why with your configuration it will not work, but have no suggestions assuming the configuration is identical.
Two notes though:
1) for some unexplained reason I have had problems on occasion with the WRV54G and the RV042 when "NetBIOS broadcast" is enabled in the advanced VPN configuration section. Try disabling if enabled.
2) there seem to be some subtle differences with the WRV54G. I have set them up with 100% success except I have never been able to get VoIP systems to work with them. Identical configurations as the RV042 and VPN works great but blocks part of the VoIP connection.  If you have the option the RV042/82 seem to be the favorites as far as Linksys professional routers go.
0
 

Author Comment

by:adbinc
ID: 17005735
In your opinion, is the RV042 a much more reliable VPN gateway instead of the SX41?  I'm trying to find a solution to fix the VPN disconnecting all the time.  I wouldn't mind trying something different for the gateway at the main office if it will work.  About the VoIP system, my client at the remote office with the WRV54G is using VoIP for their phone, so I was curious if you think that could causing the VPN disconnection.  Also, I was confused if you meant if the VoIP system is behind the WRV54G router or the RV042 router or both where you have seen problems.  Thanks.
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 17005831
>>"In your opinion, is the RV042 a much more reliable VPN gateway instead of the SX41? "
I really don't know. The RV series are considered to be their commercial grade and offer more features and configuration options, but as for dependability I couldn't say. I must say, I have  about 5 SOHO Watchguards, a Cisco, 3 Netgear FVS318, at least a dozen RV042's and numerous others, and the RV042's for me have been as dependable as any.
In my opinion if you want to spend a little more you can't beat a Cisco, such as the PIX 501. Just starting to switch to these now.
I haven't had any problems with dropped connections with VoIP over VPNs, but did anticipate that I would with the increased bandwidth requirements. The only problems I had were with the WRV54G, the RV042's have worked flawlessly. I have one site with an RV042 and 6 VPN tunnels, each with an RV042, an Avaya IP phone, and 1 or 2 users, and connections are only lost randomly about every 6-8 weeks which is pretty normal with any Internet connection.
I have found most often dropped connection are more the ISP or their modem configurations. Also the tunnel usually needs some form of keep alive feature. Either an automatic, occasional ping, or the RV042's and some others have this built-in. This keeps the tunnel and the ISP connection "awake"
0
 

Author Comment

by:adbinc
ID: 17022016
Thanks for your help.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17022174
Very welcome.
Thank you  adbinc,
--Rob
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
For a while, I have wanted to connect my HTC Incredible to my corporate network to take advantage of the phone's powerful capabilities. I searched online and came up with varied answers from "it won't work" to super complicated statements that I did…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now