dchernay
asked on
VPN issue with 2wire modem/router and AT&T DSL
I have spent about 30 hours total on the phone with Linksys and with AT&T trying to figure this out and I am sure that someone has run accross it before.
I have an office in Cleveland that has a 2wire DSL modem/router (AT&T DSL) in bridge mode with a Linksys RV042 and all is perfect. The PPPoE works perfectly and the Linksys gathers the static IP without issue. I have set up VPN clients and as of now no one using an AT&T DSL connection can connect (using Quick VPN) and anyone using other ISP's have connected fine.
I have an office in Dallas that has the same 2wire devise and the same RV042 and the ONLY thing that works is I can connect to the internet with the 2wire in router mode. When I switch it to Bridge mode I cannot connect (remember Cleveland connects perfectly) therefore I can not create the VPN tunnel, and no one can connect using either QuickVPN or a Cisco VPN Client. I have tried to put the 2wire in bridge mode and use a brand new router (The non VPN Linksys one I forgot the model) and the results were the same.
With Dallas on the internet using the 2wire in Router mode, I opened every port to try using the VPN client to no avail.
I have an office in Cleveland that has a 2wire DSL modem/router (AT&T DSL) in bridge mode with a Linksys RV042 and all is perfect. The PPPoE works perfectly and the Linksys gathers the static IP without issue. I have set up VPN clients and as of now no one using an AT&T DSL connection can connect (using Quick VPN) and anyone using other ISP's have connected fine.
I have an office in Dallas that has the same 2wire devise and the same RV042 and the ONLY thing that works is I can connect to the internet with the 2wire in router mode. When I switch it to Bridge mode I cannot connect (remember Cleveland connects perfectly) therefore I can not create the VPN tunnel, and no one can connect using either QuickVPN or a Cisco VPN Client. I have tried to put the 2wire in bridge mode and use a brand new router (The non VPN Linksys one I forgot the model) and the results were the same.
With Dallas on the internet using the 2wire in Router mode, I opened every port to try using the VPN client to no avail.
ASKER
I just installed the latest firmware and will have an AT&T client try soon.
As far as the WAN section of the RV I have configured it every conceivable way to try and connect, however the proper way is to use PPPoE and put in the username and password and it should connect when i save. If it does not there is a button to click for connect.
thanks
As far as the WAN section of the RV I have configured it every conceivable way to try and connect, however the proper way is to use PPPoE and put in the username and password and it should connect when i save. If it does not there is a button to click for connect.
thanks
Can you successfully put the 2 wire unit in bridge mode? You won't be able to get the Router to make the PPPoE connection without first achieving that.
ASKER
I can alledgedly get the 2wire in bridge mode and it seems to be light up correctly (same as Cleveland 2wire) however I cannot connect with any router (I have tried two different routers that I know work with the 2wire in bridge mode) nothing connects.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Rob,
I am familiar with the modes for the 2wire. I have switched the router to bridge in Cleveland one time (because it worked right the first time) and I have switched the router in Dallas 10x or more. (I am also very familiar with the routers I have used to connect and/or have tried to connect) I am certain that it must be a bad 2wire so that ends that I think. HOWEVER I still should be able to use a VPN client from each workstation to connect to Cleveland and neither the QuickVPN nor MS VPN client can work from the AT&T locations. (I can connect from a COX connection and a Time Warner connection using Quick VPN but have not succeeded with MS VPN client)
Thanks
David
I am familiar with the modes for the 2wire. I have switched the router to bridge in Cleveland one time (because it worked right the first time) and I have switched the router in Dallas 10x or more. (I am also very familiar with the routers I have used to connect and/or have tried to connect) I am certain that it must be a bad 2wire so that ends that I think. HOWEVER I still should be able to use a VPN client from each workstation to connect to Cleveland and neither the QuickVPN nor MS VPN client can work from the AT&T locations. (I can connect from a COX connection and a Time Warner connection using Quick VPN but have not succeeded with MS VPN client)
Thanks
David
Does AT&T assign a true public IP to the router? A few ISP's are NATinig addresses due to a shortage of IP's, which VPN's do not like. I am doubtful that is the case with AT&T. Also some service providers are blocking VPN traffic these days. Some have their own VPN services they want to sell. I'm in Canada so not familiar with the available services, but since AT&T consistently doesn't work, you might want to see if they block any VPN services.
ASKER
Rob,
Thanks again for your time Here is what I did.
Today (after checking everything else and spending hours and hours on the telephone with AT&T and Linksys) I went to Best Buy and bought a speedstreem DSL modem and went from the wall to the new modem to my pc and VIOLA! Instant connection. Then i plugged in my RV082 and bingo all is right. I am able to connect to the internet, I am able to get my static IP and I am able to create the tunnel that I have been working so hard to do.
I am amazed that AT&T would not suggest that the 2wire device was bad when we switched it to bridge mode. I would have saved a week and about 40 hours of billable time.
Thanks again for your time Here is what I did.
Today (after checking everything else and spending hours and hours on the telephone with AT&T and Linksys) I went to Best Buy and bought a speedstreem DSL modem and went from the wall to the new modem to my pc and VIOLA! Instant connection. Then i plugged in my RV082 and bingo all is right. I am able to connect to the internet, I am able to get my static IP and I am able to create the tunnel that I have been working so hard to do.
I am amazed that AT&T would not suggest that the 2wire device was bad when we switched it to bridge mode. I would have saved a week and about 40 hours of billable time.
Excellent. Glad to hear, I was running out of ideas :-)
You must be relieved.
Cheers!
--Rob
You must be relieved.
Cheers!
--Rob
ASKER
Thanks Rob,
It is nice to have a forum like this to bounce things off. I do have a simple question now that my VPN is up. I can only access shares via \\ip address\share name. do I simply need to add a WINS server? or a host file on each remote computer? A host file may be best because I do not know how I can pass WINS thru the VPN. could get hard to manage though.
Thanks
David
It is nice to have a forum like this to bounce things off. I do have a simple question now that my VPN is up. I can only access shares via \\ip address\share name. do I simply need to add a WINS server? or a host file on each remote computer? A host file may be best because I do not know how I can pass WINS thru the VPN. could get hard to manage though.
Thanks
David
Host file works very well, but can be a pain to manage if connecting to numerous systems, or they use DHCP. WINS works well, or it may be a case of DNS can be configured to look after it. I have a NetBIOS "options" list I'll post below.
Yes it is a great forum. Often you may not find a solution here but it gives yo u new approaches to think about.
You are welcome, for the little help I have been.
--Rob
NetBIOS names (computer names) are not broadcast over most VPN's.
You can resolve this in several ways:
1) Use the IP address (of the computer you are connecting to) when connecting to devices such as; \\123.123.123.123\ShareNam
Net Use U: \\123.123.123.123\ShareNam
2) An option is to use the LMHosts file which creates a table of IP's and computer names. LMHosts is located in the Windows directory under c:\Windows (or WINNT)\System32\Drivers\Et
192.168.0.101 CompName #PRE
Hit enter when each line is complete (important), then save the file without a file extension. To be sure there is no extension ,when saving enclose in quotations like "LMHosts". Now when you try to connect to a computer name it should find it as it will search the LMHosts file for the record before connecting.
More details regarding LMHosts file:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/cnet/cnfd_lmh_qxqq.mspx?mfr=true
The drawback of the LMHosts file is you have to maintain a static list of computernames and IP addresses. Also if the remote end uses DHCP assigned IP's it is not a feasible option. Thus in order to be able to use computer names dynamically try to enable with some of the following options:
3) if you have a WINS server add that to the network cards configuration
4) also under the WINS configuration on the network adapter make sure NetBIOS over TCP/IP is selected
5) try adding the remote DNS server to your local DNS servers in your network card's TCP/IP configuration
6) verify your router does not have a "block NetBIOS broadcast" option enabled
7) test if you can connect with the full computer and domain name as \\ComputerName.domain.loca
Yes it is a great forum. Often you may not find a solution here but it gives yo u new approaches to think about.
You are welcome, for the little help I have been.
--Rob
NetBIOS names (computer names) are not broadcast over most VPN's.
You can resolve this in several ways:
1) Use the IP address (of the computer you are connecting to) when connecting to devices such as; \\123.123.123.123\ShareNam
Net Use U: \\123.123.123.123\ShareNam
2) An option is to use the LMHosts file which creates a table of IP's and computer names. LMHosts is located in the Windows directory under c:\Windows (or WINNT)\System32\Drivers\Et
192.168.0.101 CompName #PRE
Hit enter when each line is complete (important), then save the file without a file extension. To be sure there is no extension ,when saving enclose in quotations like "LMHosts". Now when you try to connect to a computer name it should find it as it will search the LMHosts file for the record before connecting.
More details regarding LMHosts file:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/cnet/cnfd_lmh_qxqq.mspx?mfr=true
The drawback of the LMHosts file is you have to maintain a static list of computernames and IP addresses. Also if the remote end uses DHCP assigned IP's it is not a feasible option. Thus in order to be able to use computer names dynamically try to enable with some of the following options:
3) if you have a WINS server add that to the network cards configuration
4) also under the WINS configuration on the network adapter make sure NetBIOS over TCP/IP is selected
5) try adding the remote DNS server to your local DNS servers in your network card's TCP/IP configuration
6) verify your router does not have a "block NetBIOS broadcast" option enabled
7) test if you can connect with the full computer and domain name as \\ComputerName.domain.loca
Thanks David,
--Rob
--Rob
In Dallas, not to state the obvious, but when you switch the 2Wire to Bridge mode are you configuring the WAN section of the RV042? Perhaps Cleavland is dynamically configured and you need to set up Dallas with static, that of course depends on what your ISP has provided you with.