mhwolog
asked on
Having trouble setting up QuickVPN connection to cisco RVS4000 router
Hi, I'm having trouble setting up either a quickVPN connection or VPN tunnel from home to work - whichever is easier to setup is fine. I have gone through various troubleshooting guides but can't get it working. I have previously had the quickVPN working, but have changed ISP at both ends and added a router at home. Current setup is:
Remote setup: Static IP from ISP -> tp link td8810 modem/router (192.168.1.1) -> cisco RVS4000 (192.168.0.1) -> linksys portswitch -> server (192.168.0.2) + network
Local setup: Dynamic IP from ISP -> tp link td8810 modem/router (192.168.1.1) -> cisco RVS4000 (192.168.2.1) -> linksys portswitch -> Dlink wireless router (192.168.2.3) -> laptop (192.168.2.108) + network
- ISP instructions are for PPPoA setup in modem, and i've read about needing to put the modem on bridging mode when used in conjunction with a router, but in bridging mode there is no option in the modem to put in username and password for the internet connection - so then I'm not sure to allow internet access to the home network.
- I have also tried just connecting via quickVPN with just the modem connected directly to my laptop, but that doesn't work either.
I also can't ping the remote internet IP from local, and the other way around. I don't want to make any assumptions and miss out on a possible solution, so I might just start with that info. I have some IT knowledge but am not an expert so please provide detailed info if possible. Thanks.
Remote setup: Static IP from ISP -> tp link td8810 modem/router (192.168.1.1) -> cisco RVS4000 (192.168.0.1) -> linksys portswitch -> server (192.168.0.2) + network
Local setup: Dynamic IP from ISP -> tp link td8810 modem/router (192.168.1.1) -> cisco RVS4000 (192.168.2.1) -> linksys portswitch -> Dlink wireless router (192.168.2.3) -> laptop (192.168.2.108) + network
- ISP instructions are for PPPoA setup in modem, and i've read about needing to put the modem on bridging mode when used in conjunction with a router, but in bridging mode there is no option in the modem to put in username and password for the internet connection - so then I'm not sure to allow internet access to the home network.
- I have also tried just connecting via quickVPN with just the modem connected directly to my laptop, but that doesn't work either.
I also can't ping the remote internet IP from local, and the other way around. I don't want to make any assumptions and miss out on a possible solution, so I might just start with that info. I have some IT knowledge but am not an expert so please provide detailed info if possible. Thanks.
In details, it all depends what you want to do and also the type of service you are getting from the service provider.Using the bridge mode on the modem allows you to use another router (maybe with more features) to terminate the connection. Now, to be able to use the bridge mode, the modem needs to receive ethernet frames on the DSL/ATM interface, for instance PPPoE. If standard PPPoA is used by the provider, then bridge mode will not help you. In that case, you could connect the 1841 directly to the provider using a DSL or keep your current modem in routed mode.
If you are receiving ethernet frames from the provider (PPPoE for instance), then configure the modem in bridge mode and configure the 1841 with a dialer interface.
With regards to LLC or VC-MUX, it will again depend on what your service provider is using to encapsulate its frames in ATM: AAL5MUX (VC-MUX) or AAL5SNAP (LLC)
What is the current modem configuration (I guess it currently works in routed mode) ?
Vikrant
If you are receiving ethernet frames from the provider (PPPoE for instance), then configure the modem in bridge mode and configure the 1841 with a dialer interface.
With regards to LLC or VC-MUX, it will again depend on what your service provider is using to encapsulate its frames in ATM: AAL5MUX (VC-MUX) or AAL5SNAP (LLC)
What is the current modem configuration (I guess it currently works in routed mode) ?
Vikrant
ASKER
Sorry a lot of that previous discussion was to complicated for me. But I can give you details of the existing setup:
current Modem settings at the home/local/client end:
- VPI 8, VCI 35, UBR without PCR, QoS disabled
- PPPoA, VC/MUX (I can't remember whether ISP specified this or LLC/encapsulation but its working at the moment)
- then I put username and password in the modem, AUTO authentication,
- PPP IP extension off, Use static IP address off, PPP Debug mode disabled
- MTU 1480, not dial on demand, IGMP multicast disabled, WAN service enabled.
Other settings in Modem - Enable UPnP, IGMP snooping disabled,
- Standard mode enabled not blocking mode,
- DHCP server is enabled however the IP address range is 192.168.1.100 - 192.168.1.200 and everything in my home network (apart from the modem) is in the range of 192.168.2.1 - 192.168.2.50 controlled by the cisco router.
- MAC clone has nothing in it, NAT - virtual servers has nothing in it,
- NAT - port triggering has QuickVPN TCP/UDP trigger port range 60443 - 60443 Open port range 60443 - 60443 and QuickVPN TCP/UDP trigger port range 443 - 443 Open port range 443 - 443.
- DMZ host has nothing in it. IP filtering has nothing in it outgoing or incoming
Routing - Default Gateway has automatic assigned default gateway assigned
Routing static route has nothing in it
Enable Automatic assigned DNS
Dynamic DNS has nothing in it
DSL settings, G.DMt Enabled, G.lite enabled, T1.413 enabled, ADSL2 enabled, AnnexL enabled, ADSL2+ enabled, AnnexM disabled. Phone line inner pair, Bitswap enabled, SRA disabled.
In Diagnostics everything has passed except ATM OAM F5 segment ping.
In the modem if I select Bridging mode, I can still plug modem directly to my laptop and through the vista connect to the internet through PPPoE - but obviously if I do it this way then the rest of my network has no internet. I'm not sure if there is another way of having the modem in bridging mode and still get the internet to the whole network. I have just read that sometimes having modem/router and router will stop VPN connections.
current Modem settings at the home/local/client end:
- VPI 8, VCI 35, UBR without PCR, QoS disabled
- PPPoA, VC/MUX (I can't remember whether ISP specified this or LLC/encapsulation but its working at the moment)
- then I put username and password in the modem, AUTO authentication,
- PPP IP extension off, Use static IP address off, PPP Debug mode disabled
- MTU 1480, not dial on demand, IGMP multicast disabled, WAN service enabled.
Other settings in Modem - Enable UPnP, IGMP snooping disabled,
- Standard mode enabled not blocking mode,
- DHCP server is enabled however the IP address range is 192.168.1.100 - 192.168.1.200 and everything in my home network (apart from the modem) is in the range of 192.168.2.1 - 192.168.2.50 controlled by the cisco router.
- MAC clone has nothing in it, NAT - virtual servers has nothing in it,
- NAT - port triggering has QuickVPN TCP/UDP trigger port range 60443 - 60443 Open port range 60443 - 60443 and QuickVPN TCP/UDP trigger port range 443 - 443 Open port range 443 - 443.
- DMZ host has nothing in it. IP filtering has nothing in it outgoing or incoming
Routing - Default Gateway has automatic assigned default gateway assigned
Routing static route has nothing in it
Enable Automatic assigned DNS
Dynamic DNS has nothing in it
DSL settings, G.DMt Enabled, G.lite enabled, T1.413 enabled, ADSL2 enabled, AnnexL enabled, ADSL2+ enabled, AnnexM disabled. Phone line inner pair, Bitswap enabled, SRA disabled.
In Diagnostics everything has passed except ATM OAM F5 segment ping.
In the modem if I select Bridging mode, I can still plug modem directly to my laptop and through the vista connect to the internet through PPPoE - but obviously if I do it this way then the rest of my network has no internet. I'm not sure if there is another way of having the modem in bridging mode and still get the internet to the whole network. I have just read that sometimes having modem/router and router will stop VPN connections.
ASKER
When you select bridging mode on the modem, it no longer gives you an option to enter the user name and password for the isp.
Can you Please check if Modem has any dynamic routing Protocol, Like RIP
ASKER
What am I looking for? There is a section under Device Info/Route/ that has listed Destination//Gateway//Subn
I need more detail for help you,
Please give me detail of your Modem also IP's of Modem & Cisco router
Are you able to access internet from your Laptop when u plugged direct into Modem ?
Vikrant
Please give me detail of your Modem also IP's of Modem & Cisco router
Are you able to access internet from your Laptop when u plugged direct into Modem ?
Vikrant
ASKER
Modem is TP Link ADSL2+ TD-8810 IP 192.168.1.1 Cisco Router is RVS4000 ip 192.168.2.1.
Yes I can access internet when directly plugged directly to modem
Yes I can access internet when directly plugged directly to modem
Can you please post You SH run of CIsco ?
ASKER
Sorry what is SH run?
Running Configuration of Cisco Router ?
ASKER
Cisco firmware version V1.3.1.0
LAN IP 192,168.2.1
WAN IP 192.168.1.100
DNS 192.168.1.1
DDNS off
Mode Gateway
DMZ off
DoS on
Block WAN request On
Remote managment off
Wan Internet connection type Auto config DHCP, MTU auto
LAN Subnet mask 255.255.255.0
- DHCP enabled
Mac Address Clone disabled
Advanced Routing - Operation mode Gateway
- Dynamic routing Disabled
- Static routing nothing entered really
- Inter-VLAN routing enabled
IP mode - IPv4 only
Firewall enabled, multicast passthrough disabled, SIP Application layer gateway disable
SNMP disabled, UPnP enabled
IPS enabled
Anything else you need to know?
LAN IP 192,168.2.1
WAN IP 192.168.1.100
DNS 192.168.1.1
DDNS off
Mode Gateway
DMZ off
DoS on
Block WAN request On
Remote managment off
Wan Internet connection type Auto config DHCP, MTU auto
LAN Subnet mask 255.255.255.0
- DHCP enabled
Mac Address Clone disabled
Advanced Routing - Operation mode Gateway
- Dynamic routing Disabled
- Static routing nothing entered really
- Inter-VLAN routing enabled
IP mode - IPv4 only
Firewall enabled, multicast passthrough disabled, SIP Application layer gateway disable
SNMP disabled, UPnP enabled
IPS enabled
Anything else you need to know?
ASKER
Also IPSec Passthrough enabled, PPTP Passthrough enabled, L2TP pass through enabled
Again this is settings only on client end.
Remote end has DoS off, Block Wan request off, multicast passthrough enabled but otherwise probably similar setup.
Again this is settings only on client end.
Remote end has DoS off, Block Wan request off, multicast passthrough enabled but otherwise probably similar setup.
Bro,
It's not Running Configuration,
You need to login into router through CLI & type sh run & post me a out put of this,
It's not Running Configuration,
You need to login into router through CLI & type sh run & post me a out put of this,
ASKER
Sorry I don't understand the abbreviations,
What's CLI? sh run?
Sorry I need detailed explanation I don't understand
What's CLI? sh run?
Sorry I need detailed explanation I don't understand
I think u r getting difficulties to understand me
anyway, If u hace Console cable for Cisco so pls attached cisco into your Computer through Console cable & open Cisco router from Hyperterminal or
I am not sure if CIsco has been configured for Telnet
pls try
open command prompt ---> telnet 192.168.2.1 & try to login cisco
anyway, If u hace Console cable for Cisco so pls attached cisco into your Computer through Console cable & open Cisco router from Hyperterminal or
I am not sure if CIsco has been configured for Telnet
pls try
open command prompt ---> telnet 192.168.2.1 & try to login cisco
ASKER
command prompt doesn't work
I downloaded a hyperterminal program for vista
options are: connect by TCP/IP winsock port 23 - says unable to connect to port
and connect by TCP/IP SSH port 22 - says network error, connection refused
I downloaded a hyperterminal program for vista
options are: connect by TCP/IP winsock port 23 - says unable to connect to port
and connect by TCP/IP SSH port 22 - says network error, connection refused
ASKER
Do I have to open the port in the router?
I went to single port forwarding enabled port 23 for telnet tcp for my laptops Local IP but it still didn't connect
I went to single port forwarding enabled port 23 for telnet tcp for my laptops Local IP but it still didn't connect
Do you have SDM ?
How did u access Cisco ?
How did u access Cisco ?
Do you have Console Port on your Computer also Need Console Cable ?
ASKER
No sorry I've researched these things now and looked at all my cables, I don't have a console cable.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi, This is what I have. I have the same setup at both the local and remote ends of the VPN. Do I have to put the modem in bridging mode at both ends?
ASKER
I think I had tried rectifying every other possible cause of the problem, this was the one that was still needed in the end to get it working!
U Need to configure Dialer Intrface on Cisco router ?
Please let me know about your Modem,
Vikrant