Solved

VPN issue with 2wire modem/router and AT&T DSL

Posted on 2006-11-07
12
1,966 Views
Last Modified: 2012-05-05
I have spent about 30 hours total on the phone with Linksys and with AT&T trying to figure this out and I am sure that someone has run accross it before.

I have an office in Cleveland that has a 2wire DSL modem/router (AT&T DSL) in bridge mode with a Linksys RV042 and all is perfect. The PPPoE works perfectly and the Linksys gathers the static IP without issue. I have set up VPN clients and as of now no one using an AT&T DSL connection can connect (using Quick VPN) and anyone using other ISP's have connected fine.

I have an office in Dallas that has the same 2wire devise and the same RV042 and the ONLY thing that works is I can connect to the internet with the 2wire in router mode. When I switch it to Bridge mode I cannot connect (remember Cleveland connects perfectly) therefore I can not create the VPN tunnel, and no one can connect using either QuickVPN or a Cisco VPN Client. I have tried to put the 2wire in bridge mode and use a brand new router (The non VPN Linksys one I forgot the model) and the results were the same.

With Dallas on the internet using the 2wire in Router mode, I opened every port to try using the VPN client to no avail.


0
Comment
Question by:dchernay
  • 7
  • 5
12 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17892215
As for the Cleavland office, you could try installing the latest RV042 Firmware which will allow you to use the Windows VPN client and PPTP, as an option. QuickVpn can be a little unpredictable behind some hardware.

In Dallas, not to state the obvious, but when you switch the 2Wire to Bridge mode are you configuring the WAN section of the RV042? Perhaps Cleavland is dynamically configured and you need to set up Dallas with static, that of course depends on what your ISP has provided you with.
0
 

Author Comment

by:dchernay
ID: 17892765
I just installed the latest firmware and will have an AT&T client try soon.

As far as the WAN section of the RV I have configured it every conceivable way to try and connect, however the proper way is to use PPPoE and put in the username and password and it should connect when i save. If it does not there is a button to click for connect.

thanks
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17895641
Can you successfully put the 2 wire unit in bridge mode? You won't be able to get the Router to make the PPPoE connection without first achieving that.
0
 

Author Comment

by:dchernay
ID: 17895684
I can alledgedly get the 2wire in bridge mode and it seems to be light up correctly (same as Cleveland 2wire) however I cannot connect with any router (I have tried two different routers that I know work with the 2wire in bridge mode) nothing connects.

0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 17895696
I wonder if you might have a 'bad' unit. If i doubt about configuring, perhaps one of the following may help, though it sounds like you are familiar with the process.
http://www.dslreports.com/faq/10495
http://www.tek-tips.com/viewthread.cfm?qid=1212752&page=1
0
 

Author Comment

by:dchernay
ID: 17900238
Thanks Rob,

I am familiar with the modes for the 2wire. I have switched the router to bridge in Cleveland one time (because it worked right the first time) and I have switched the router in Dallas 10x or more. (I am also very familiar with the routers I have used to connect and/or have tried to connect) I am certain that it must be a bad 2wire so that ends that I think. HOWEVER I still should be able to use a VPN client from each workstation to connect to Cleveland and neither the QuickVPN nor MS VPN client can work from the AT&T locations. (I can connect from a COX connection and a Time Warner connection using Quick VPN but have not succeeded with MS VPN client)

Thanks
David
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 77

Expert Comment

by:Rob Williams
ID: 17902696
Does AT&T assign a true public IP to the router? A few ISP's are NATinig addresses due to a shortage of IP's, which VPN's do not like. I am doubtful that is the case with AT&T. Also some service providers are blocking VPN traffic these days. Some have their own VPN services they want to sell. I'm in Canada so not familiar with the available services, but since AT&T consistently doesn't work, you might want to see if they block any VPN services.
0
 

Author Comment

by:dchernay
ID: 17934983
Rob,

Thanks again for your time Here is what I did.

Today (after checking everything else and spending hours and hours on the telephone with AT&T and Linksys) I went to Best Buy and bought a speedstreem DSL modem and went from the wall to the new modem to my pc and VIOLA! Instant connection. Then i plugged in my RV082 and bingo all is right. I am able to connect to the internet, I am able to get my static IP and I am able to create the tunnel that I have been working so hard to do.

I am amazed that AT&T would not suggest that the 2wire device was bad when we switched it to bridge mode. I would have saved a week and about 40 hours of billable time.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17935097
Excellent. Glad to hear, I was running out of ideas :-)
You must be relieved.
Cheers!
--Rob
0
 

Author Comment

by:dchernay
ID: 17935686
Thanks Rob,

It is nice to have a forum like this to bounce things off. I do have a simple question now that my VPN is up. I can only access shares via \\ip address\share name. do I simply need to add a WINS server? or a host file on each remote computer? A host file may be best because I do not know how I can pass WINS thru the VPN. could get hard to manage though.

Thanks
David
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17935798
Host file works very well, but can be a pain to manage if connecting to numerous systems, or they use DHCP. WINS works well, or it may be a case of DNS can be configured to look after it. I have a NetBIOS "options" list I'll post below.

Yes it is a great forum. Often you may not find a solution here but it gives yo u new approaches to think about.
You are welcome, for the little help I have been.
--Rob

NetBIOS names  (computer names) are not broadcast over most VPN's.
You can resolve this in several ways:
1) Use the IP address (of the computer you are connecting to) when connecting to devices such as;   \\123.123.123.123\ShareName   or map a drive at a  command prompt using  
 Net  Use  U:  \\123.123.123.123\ShareName
2) An option is to use the LMHosts file which creates a table of IP's and computer names. LMHosts is located in the Windows directory under c:\Windows (or WINNT)\System32\Drivers\Etc\LMHosts.sam , instructions are included within the file. Any line starting with # is just a comment and is ignored. Open the file with Notepad and add entries for your computers as below;
192.168.0.101      CompName       #PRE
Hit enter when each line is complete (important), then save the file without a file extension. To be sure there is no extension ,when saving enclose in quotations like "LMHosts". Now when you try to connect to a computer name it should find it as it will search the LMHosts file for the record before connecting.
More details regarding LMHosts file:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/cnet/cnfd_lmh_qxqq.mspx?mfr=true
The drawback of the LMHosts file is you have to maintain a static list of computernames and IP addresses. Also if the remote end uses DHCP assigned IP's it is not a feasible option. Thus in order to be able to use computer names dynamically try to enable with some of the following options:
3) if you have a WINS server add that to the network cards configuration
4) also under the WINS configuration on the network adapter make sure NetBIOS over TCP/IP is selected
5) try adding the remote DNS server to your local DNS servers in your network card's TCP/IP configuration
6) verify your router does not have a "block NetBIOS broadcast" option enabled
7) test if you can connect with the full computer and domain name as  \\ComputerName.domain.local  If so, add the suffix DomainName.local to the DNS configuration of the virtual private adapter/connection [ right click virtual adapter | properties | TCP/IP properties | Advanced | DNS | "Append these DNS suffixes (in order)" | Add ]
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17961375
Thanks David,
--Rob
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Cisco Routers 17 76
Cisco 800 Internet Uptime 3 62
Printer locally over VPN 2 54
Cisco VPN Client and Windows 10 9 33
Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now