dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
4980
share rss forum feed


talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

Cisco RV180 VPN Router

Click for full size
Network Layout
I have a Cisco RV180 VPN router.
The network is set up as described in the attached picture.
I can have someone from outside my network connect to the VPN router at xxx.xxx.xxx.21 and it shows them as connected using Cisco Quickconnect and they can login to the RV180 from there computer using the 192.168.100.204 address but they cannot see anything on the network. I have a printer at 192.168.100.205 and a computer at 192.168.100.68 they cannot ping them. Any ideas on what I can do? I really need them to be able to access network shares and printers using the VPN. I called Cisco Small Business help and they say the VPN is set up correct and that something on my network is blocking them from being able to see anything past the VPN router.

Thanks for any help!
--
I am here, although I may not know where “HERE” is…

rfnut
Premium
join:2002-04-27
Fisher, IL
kudos:2

What address is assigned to the client by the router? Is it on the 100.xxx net ? If not do you have a manual route to the 100.x net for the vpn from the clients range?



talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

Well... considering I don't know what you're taking about here (I don't see anything in the instructions about it either) I am assuming I don't.
--
I am here, although I may not know where “HERE” is…


rfnut
Premium
join:2002-04-27
Fisher, IL
kudos:2
Reviews:
·Mediacom

I can understand that, since the QuickVPN setup does not explicitly say what is doing, nor is it changeable. Ping could be blocked locally or on their end. Can they acces the share even though they can not ping it? Can you ping them? Can you ping the devices from the diagnostic page in the router?
I have always found QuickVpn to be a support nightmare, for me anyway. Also I do not use the 180, but assume it is same/similar enough to the 082 based on support pages. Personally, I use the PPTP vpn server in the router. I have had much better stability/usability ( If Windows, have the outside person use the network wizard to connect to a workplace. No additional software neccesary).



talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

1 edit

The router says they are connected but they can not ping anything on my network (past the RV180), I have not tried to ping them when connected.
--
I am here, although I may not know where “HERE” is…


HELLFIRE
Premium
join:2009-11-25
kudos:15
reply to talligewi62

said by rfnut:

What address is assigned to the client by the router? Is it on the 100.xxx net ? If not do you have a manual route to the 100.x net for the vpn from the clients range?

said by talligewi62:

Well... considering I don't know what you're taking about here (I don't see anything in the instructions about it either) I am assuming I don't.

Try the following to answer this :

a) have user do a "ipconfig /all" while connected via QuickConnect

b) have user do a "route print" while connected via QuickConnect

My 00000010bits

Regards


talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

downloadvpn.txt 3,415 bytes
VPN route print
A change in plans…

Turns out the Fortinet also has the ability to run a VPN, and this is the approach we are trying now. I can get connected via the Froticlient software and I can ping address on my network from the computer on the VPN connection: 192.168.100.205(Printer), 192.168.100.68(computer) and such but I cannot get to the network devices like drives and such. When I ping a server such as: abellvault I do not get a response but if I ping the same device via its IP: 192.168.100.75 then I get a response.

Any ideas?

Attached is a route print from the computer using the VPN connection.
--
I am here, although I may not know where “HERE” is…


talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

Update!

We have the VPN working, had to call Windstream and get them to configure the DNS server in the VPN.

It works!
--
I am here, although I may not know where “HERE” is…


HELLFIRE
Premium
join:2009-11-25
kudos:15
reply to talligewi62

Taking a look at the route print, don't see a 192.168.100.x anything... which kinda lends credence to the "no route
to the 192.168.100.x" theory. Somewhat annoyed that Cisco SB decided to leave you in the cold like that; I
normally deal with the Enterprise end of things and they're MUCH more helpful.

Good news that it's working now... this is on the QuickConnect or the FortiNet?

Regards



talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

Well... it's kinda working.........

This is on the Fortinet, when I connect I can ping IP address but not host names. If I have the computer on the local network first, disconnect it and then connect it via the VPN everything works OK, but if I take a computer that has not been connected to the network beforehand and connect it to the VPN and try to access a mapped drive it fails. From talking to Windstream it looks like everything is set up correctly on the VPN side and that it is more then likely a problem with our DNS server (192.168.100.4 - abellfps).

Does anyone know of a solution to this?

Thanks!
--
I am here, although I may not know where “HERE” is…


rfnut
Premium
join:2002-04-27
Fisher, IL
kudos:2
Reviews:
·Mediacom

Does your DNS server have name entries for these other computers?
Is the client computer getting the above DNS address assigned when connecting? ( ipconfig /all , while connected)
Also if you are connecting from inside the network, things can be different causing cached name lookups to make you think dns is working. Even when disconecting/reconnecting to VPN. Testing should be done from outside the local network.



talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

downloadroute print.txt 3,242 bytes
Route Print
downloadping.txt 765 bytes
Ping
downloadipconfig.txt 4,556 bytes
IPConfig
The laptop we were using was being tested from a different internet connection, I just did not shut it down before changing connections (my fault).

Attached are the print outs from:
ipconfig/all
ping
route print

In the ping you can see that when I ping: 192.168.100.4 I get the success reply, yet when I ping the same server as "abellfps" I get no reply. It should also be noted that 192.168.100.4 (abellfps) is our DNS server.

Thanks
--
I am here, although I may not know where “HERE” is…

rfnut
Premium
join:2002-04-27
Fisher, IL
kudos:2
Reviews:
·Mediacom

"Ping request could not find host abellfps. Please check the name and try again."... Dns entry to you dns server exists, so:
This leads me to believe that there are no DNS entries on your dns server for the local names.

On the computers that are going to be using the VPN, modify the hosts file to include what you want. Probably easier than trying to modify your DNS server based on the questions.



talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

However, when I do the same ping on a computer located on my network this is what I get:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
 
C:\Users\NBradley>ping abellfps
 
Pinging AbellFPS.abellelevator.com [192.168.100.4] with 32 bytes of data:
Reply from 192.168.100.4: bytes=32 time<1ms TTL=128
Reply from 192.168.100.4: bytes=32 time<1ms TTL=128
Reply from 192.168.100.4: bytes=32 time<1ms TTL=128
Reply from 192.168.100.4: bytes=32 time<1ms TTL=128
 
Ping statistics for 192.168.100.4:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
C:\Users\NBradley>
 
 

--
I am here, although I may not know where “HERE” is…

rfnut
Premium
join:2002-04-27
Fisher, IL
kudos:2

As you can see it is not pinging abellfps. It is pinging the FQDN.



talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

So, how would I go about fixing this as I do not have access to some of these computers several states away from me?

Thanks!
--
I am here, although I may not know where “HERE” is…



talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY
reply to talligewi62

Just FYI...

Turns out this is not a DNS issue (I know, I know; I've got a whole lot of things that I said this about), the true issue is that netbios is not working across the VPN. And from what I can see this is a common issue. As it stands now we have changed the remote users to connect via IP address so instead of mapping these drives like this: \\abellfps\software they are mapped like this: \\192.168.100.4\software and that works just fine. However I would like to get netbios working across the VPN so that if IPs were to ever change we would not have problems.

Thanks for your help everybody!
--
I am here, although I may not know where “HERE” is…



craig70130
Premium
join:2004-04-27
New Orleans, LA

Why aren't you using DNS?



talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

1 edit

we are

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
 
C:\Users\ANCAssistant.DOMAIN>ipconfig/all
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : ANCAssistant-PC
   Primary Dns Suffix  . . . . . . . : abellelevator.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : linksys
 
PPP adapter fortissl:
 
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : fortissl
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 172.31.101.10(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . : 0.0.0.0
   DNS Servers . . . . . . . . . . . : 192.168.100.4
                                       166.102.165.11
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : Cisco
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : A4-1F-72-53-C0-64
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a48c:2534:c361:5802%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.122(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, May 09, 2013 8:39:12 AM
   Lease Expires . . . . . . . . . . : Friday, May 10, 2013 1:29:06 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 245636978
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-FE-AF-68-A4-1F-72-53-C0-64
 
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 

192.168.100.4 is one of our 2 DNS servers, 192.168.100.3 is the other


craig70130
Premium
join:2004-04-27
New Orleans, LA

Then I'd go back to what someone mentioned above - DNS seems to resolve the FQDN's but not the server name by itself without the rest of the address. That's what I'd focus on.



talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

Would a WINS server help?



talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

I think I fixed it!

I needed to add the DNS suffixes of abellelevator.com in the advanced TCP/IP Settings of the IP V.4 properties of the Local Area Connection in Network Connections.

So now the everything works, the computer is adding abellelevator.com to abellfps to get abellfps.abellevelator.com when you ping abellfps or try to connect to \\abellfps\software.

Thanks!
--
I am here, although I may not know where “HERE” is…



craig70130
Premium
join:2004-04-27
New Orleans, LA

said by talligewi62:

I think I fixed it!

I needed to add the DNS suffixes of abellelevator.com in the advanced TCP/IP Settings of the IP V.4 properties of the Local Area Connection in Network Connections.

Thanks!

You can have that assigned via DHCP.


talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

Can you provide a link to instructions for this?

Thanks
--
I am here, although I may not know where “HERE” is…



craig70130
Premium
join:2004-04-27
New Orleans, LA

said by talligewi62:

Can you provide a link to instructions for this?

Thanks

It's #15 in the Scope Options for each subnet - DNS Domain Name.


talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

So, I can set this setting on my DNS server and it should take care of the problem.
--
I am here, although I may not know where “HERE” is…



craig70130
Premium
join:2004-04-27
New Orleans, LA

said by talligewi62:

So, I can set this setting on my DNS server and it should take care of the problem.

You got it!


talligewi62
Dazed And Confused
Premium
join:2004-07-20
Elizabethtown, KY

Thanks