how-to block ads
|
sgkmills
join:2004-11-09
Brooklyn, NY
|  WRV54G VPN Connection problem
I have been trying to set up a VPN tunnel between two locations. The setup is as follows:
One computer has the WRV54G connected to it. It has a LAN IP of 10.101.22.100 and the router has the an IP of 10.101.22.1. I can get to the internet on this computer and also have set up a DDNS with the real WAN IP address.
The next computer is a Windows XP w/SP1 installed and I try to connect via QuickVPN. The status message gets up to 'veryifying network' and then fails. Then QuickVPN comes back and says something like 'Disconnecting from Server' and then 'The remote gateway is not responding'
From the linksys knowledge base below: »linksys.custhelp.com/cgi-bin/lin···g/ph...=
QuickVPN has established an IPSec tunnel and is trying to reach the remote network, but then they state the last prompt comes from the remote router not being able to be reached.
The subnets are NOT the same on the two networks.
BTW, I must say that Linksys technical support is the worst in the world. They have people who can hardly speak english and cannot problem solve their way out of a mouse maze. I have repeated emails back and forth to their tech support and all they keep worrying about is contact information. Is there a place to make a formal complaint? There are too many people saying the same thing about their tech support so something needs to change. Their products don't seem to be superior to other companies, but I bought them because I know their name and they are associated with Cisco. But this whole purchase is turning out to be a nightmare!!!!
I am no packet analyzer expert, but have used Ethereal to capture the packets and I am posting it now
PACKET ANALYZER
No. Time Source Destination Protocol Info
1 0.000000 192.168.0.4 69.x.x.x TCP 4664 > https [SYN] Seq=0 Ack=0 Win=64440 Len=0 MSS=1432
Frame 1 (62 bytes on wire, 62 bytes captured)
Ethernet II, Src: 00:04:75:87:9a:34, Dst: 00:10:2b:02:da:83
Internet Protocol, Src Addr: 192.168.0.4 (192.168.0.4), Dst Addr: 69.x.x.x (69.x.x.x)
Transmission Control Protocol, Src Port: 4664 (4664), Dst Port: https (443), Seq: 0, Ack: 0, Len: 0
No. Time Source Destination Protocol Info
2 0.025374 69.x.x.x 192.168.0.4 TCP https > 4664 [SYN, ACK] Seq=0 Ack=1 Win=5808 Len=0 MSS=1400
Frame 2 (60 bytes on wire, 60 bytes captured)
Ethernet II, Src: 00:10:2b:02:da:83, Dst: 00:04:75:87:9a:34
Internet Protocol, Src Addr: 69.x.x.x (69.x.x.x), Dst Addr: 192.168.0.4 (192.168.0.4)
Transmission Control Protocol, Src Port: https (443), Dst Port: 4664 (4664), Seq: 0, Ack: 1, Len: 0
No. Time Source Destination Protocol Info
3 0.025435 192.168.0.4 69.x.x.x TCP 4664 > https [ACK] Seq=1 Ack=1 Win=64440 [CHECKSUM INCORRECT] Len=0
Frame 3 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: 00:04:75:87:9a:34, Dst: 00:10:2b:02:da:83
Internet Protocol, Src Addr: 192.168.0.4 (192.168.0.4), Dst Addr: 69.x.x.x (69.x.x.x)
Transmission Control Protocol, Src Port: 4664 (4664), Dst Port: https (443), Seq: 1, Ack: 1, Len: 0
No. Time Source Destination Protocol Info
4 0.026402 192.168.0.4 69.x.x.x SSLv2 Client Hello
Frame 4 (202 bytes on wire, 202 bytes captured)
Ethernet II, Src: 00:04:75:87:9a:34, Dst: 00:10:2b:02:da:83
Internet Protocol, Src Addr: 192.168.0.4 (192.168.0.4), Dst Addr: 69.x.x.x (69.x.x.x)
Transmission Control Protocol, Src Port: 4664 (4664), Dst Port: https (443), Seq: 1, Ack: 1, Len: 148
Secure Socket Layer
No. Time Source Destination Protocol Info
5 0.076138 69.x.x.x 192.168.0.4 TLS Server Hello, Certificate, Server Hello Done
Frame 5 (820 bytes on wire, 820 bytes captured)
Ethernet II, Src: 00:10:2b:02:da:83, Dst: 00:04:75:87:9a:34
Internet Protocol, Src Addr: 69.x.x.x (69.x.x.x), Dst Addr: 192.168.0.4 (192.168.0.4)
Transmission Control Protocol, Src Port: https (443), Dst Port: 4664 (4664), Seq: 1, Ack: 149, Len: 766
Secure Socket Layer
No. Time Source Destination Protocol Info
6 0.079908 192.168.0.4 69.x.x.x TLS Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
Frame 6 (244 bytes on wire, 244 bytes captured)
Ethernet II, Src: 00:04:75:87:9a:34, Dst: 00:10:2b:02:da:83
Internet Protocol, Src Addr: 192.168.0.4 (192.168.0.4), Dst Addr: 69.x.x.x (69.x.x.x)
Transmission Control Protocol, Src Port: 4664 (4664), Dst Port: https (443), Seq: 149, Ack: 767, Len: 190
Secure Socket Layer
No. Time Source Destination Protocol Info
7 0.134484 69.x.x.x 192.168.0.4 TCP https > 4664 [ACK] Seq=767 Ack=339 Win=5808 Len=0
Frame 7 (60 bytes on wire, 60 bytes captured)
Ethernet II, Src: 00:10:2b:02:da:83, Dst: 00:04:75:87:9a:34
Internet Protocol, Src Addr: 69.x.x.x (69.x.x.x), Dst Addr: 192.168.0.4 (192.168.0.4)
Transmission Control Protocol, Src Port: https (443), Dst Port: 4664 (4664), Seq: 767, Ack: 339, Len: 0
No. Time Source Destination Protocol Info
8 0.175374 69.x.x.x 192.168.0.4 TLS Change Cipher Spec, Encrypted Handshake Message
Frame 8 (105 bytes on wire, 105 bytes captured)
Ethernet II, Src: 00:10:2b:02:da:83, Dst: 00:04:75:87:9a:34
Internet Protocol, Src Addr: 69.x.x.x (69.x.x.x), Dst Addr: 192.168.0.4 (192.168.0.4)
Transmission Control Protocol, Src Port: https (443), Dst Port: 4664 (4664), Seq: 767, Ack: 339, Len: 51
Secure Socket Layer
No. Time Source Destination Protocol Info
9 0.176364 192.168.0.4 69.x.x.x TLS Application Data, Application Data
Frame 9 (320 bytes on wire, 320 bytes captured)
Ethernet II, Src: 00:04:75:87:9a:34, Dst: 00:10:2b:02:da:83
Internet Protocol, Src Addr: 192.168.0.4 (192.168.0.4), Dst Addr: 69.x.x.x (69.x.x.x)
Transmission Control Protocol, Src Port: 4664 (4664), Dst Port: https (443), Seq: 339, Ack: 818, Len: 266
Secure Socket Layer
No. Time Source Destination Protocol Info
10 0.215919 69.x.x.x 192.168.0.4 TCP https > 4664 [ACK] Seq=818 Ack=605 Win=5808 Len=0
Frame 10 (60 bytes on wire, 60 bytes captured)
Ethernet II, Src: 00:10:2b:02:da:83, Dst: 00:04:75:87:9a:34
Internet Protocol, Src Addr: 69.x.x.x (69.x.x.x), Dst Addr: 192.168.0.4 (192.168.0.4)
Transmission Control Protocol, Src Port: https (443), Dst Port: 4664 (4664), Seq: 818, Ack: 605, Len: 0
No. Time Source Destination Protocol Info
11 4.855982 69.x.x.x 192.168.0.4 TCP [TCP Previous segment lost] https > 4664 [FIN, ACK] Seq=1172 Ack=605 Win=5808 Len=0
Frame 11 (60 bytes on wire, 60 bytes captured)
Ethernet II, Src: 00:10:2b:02:da:83, Dst: 00:04:75:87:9a:34
Internet Protocol, Src Addr: 69.x.x.x (69.x.x.x), Dst Addr: 192.168.0.4 (192.168.0.4)
Transmission Control Protocol, Src Port: https (443), Dst Port: 4664 (4664), Seq: 1172, Ack: 605, Len: 0
No. Time Source Destination Protocol Info
12 4.856044 192.168.0.4 69.x.x.x TCP 4664 > https [ACK] Seq=605 Ack=818 Win=63623 [CHECKSUM INCORRECT] Len=0
Frame 12 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: 00:04:75:87:9a:34, Dst: 00:10:2b:02:da:83
Internet Protocol, Src Addr: 192.168.0.4 (192.168.0.4), Dst Addr: 69.x.x.x (69.x.x.x)
Transmission Control Protocol, Src Port: 4664 (4664), Dst Port: https (443), Seq: 605, Ack: 818, Len: 0
No. Time Source Destination Protocol Info
13 4.859292 69.x.x.x 192.168.0.4 TLS [TCP Retransmission] Application Data, Application Data
Frame 13 (408 bytes on wire, 408 bytes captured)
Ethernet II, Src: 00:10:2b:02:da:83, Dst: 00:04:75:87:9a:34
Internet Protocol, Src Addr: 69.x.x.x (69.x.x.x), Dst Addr: 192.168.0.4 (192.168.0.4)
Transmission Control Protocol, Src Port: https (443), Dst Port: 4664 (4664), Seq: 818, Ack: 605, Len: 354
Secure Socket Layer
No. Time Source Destination Protocol Info
14 4.859343 192.168.0.4 69.x.x.x TCP 4664 > https [ACK] Seq=605 Ack=1173 Win=63269 [CHECKSUM INCORRECT] Len=0
Frame 14 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: 00:04:75:87:9a:34, Dst: 00:10:2b:02:da:83
Internet Protocol, Src Addr: 192.168.0.4 (192.168.0.4), Dst Addr: 69.x.x.x (69.x.x.x)
Transmission Control Protocol, Src Port: 4664 (4664), Dst Port: https (443), Seq: 605, Ack: 1173, Len: 0
No. Time Source Destination Protocol Info
15 4.860426 192.168.0.4 69.x.x.x TLS Encrypted Alert
Frame 15 (83 bytes on wire, 83 bytes captured)
Ethernet II, Src: 00:04:75:87:9a:34, Dst: 00:10:2b:02:da:83
Internet Protocol, Src Addr: 192.168.0.4 (192.168.0.4), Dst Addr: 69.x.x.x (69.x.x.x)
Transmission Control Protocol, Src Port: 4664 (4664), Dst Port: https (443), Seq: 605, Ack: 1173, Len: 29
Secure Socket Layer
No. Time Source Destination Protocol Info
16 4.884914 192.168.0.4 69.x.x.x TCP 4664 > https [FIN, ACK] Seq=634 Ack=1173 Win=63269 [CHECKSUM INCORRECT] Len=0
Frame 16 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: 00:04:75:87:9a:34, Dst: 00:10:2b:02:da:83
Internet Protocol, Src Addr: 192.168.0.4 (192.168.0.4), Dst Addr: 69.x.x.x (69.x.x.x)
Transmission Control Protocol, Src Port: 4664 (4664), Dst Port: https (443), Seq: 634, Ack: 1173, Len: 0
No. Time Source Destination Protocol Info
17 4.891718 69.x.x.x 192.168.0.4 TCP https > 4664 [RST] Seq=1173 Ack=106186198 Win=0 Len=0
Frame 17 (60 bytes on wire, 60 bytes captured)
Ethernet II, Src: 00:10:2b:02:da:83, Dst: 00:04:75:87:9a:34
Internet Protocol, Src Addr: 69.x.x.x (69.x.x.x), Dst Addr: 192.168.0.4 (192.168.0.4)
Transmission Control Protocol, Src Port: https (443), Dst Port: 4664 (4664), Seq: 1173, Ack: 106186198, Len: 0
No. Time Source Destination Protocol Info
18 19.710380 192.168.0.4 69.x.x.x ISAKMP Identity Protection (Main Mode)
Frame 18 (258 bytes on wire, 258 bytes captured)
Ethernet II, Src: 00:04:75:87:9a:34, Dst: 00:10:2b:02:da:83
Internet Protocol, Src Addr: 192.168.0.4 (192.168.0.4), Dst Addr: 69.x.x.x (69.x.x.x)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
No. Time Source Destination Protocol Info
19 50.728285 192.168.0.4 69.x.x.x ISAKMP Identity Protection (Main Mode)
Frame 19 (258 bytes on wire, 258 bytes captured)
Ethernet II, Src: 00:04:75:87:9a:34, Dst: 00:10:2b:02:da:83
Internet Protocol, Src Addr: 192.168.0.4 (192.168.0.4), Dst Addr: 69.x.x.x (69.x.x.x)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
No. Time Source Destination Protocol Info
20 52.621464 192.168.0.4 69.x.x.x ISAKMP Informational
Frame 20 (98 bytes on wire, 98 bytes captured)
Ethernet II, Src: 00:04:75:87:9a:34, Dst: 00:10:2b:02:da:83
Internet Protocol, Src Addr: 192.168.0.4 (192.168.0.4), Dst Addr: 69.x.x.x (69.x.x.x)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol | |
tshuva
join:2004-10-30
| Frames 18-20 indicate that the isakmp packets from
the win xp are not getting any response. It might
help to understand whether the packets are getting
to the wrv, or if they are dropped on route.
1) Did you sniff the packets before leaving the win xp box? If so, ensure that the xp firewall is off. The firewall blocks IPSec packets.
2) Try sniffing on the wan side of your xp's nat router to see if the isakmp packets leave that router. Perhaps it is blocking port 500. Also, make sure you have ipsec passthrough enabled on that router.
3) If the packets are definately leaving your network, but no response arrives, then perhaps some firewall between your xp network and your wrv network is blocking ipsec. If you can sniff packets in front of your wrv, you can get an indication of whether or not your isakmp packets are arriving there and whether the wrv responds. | |
sgkmills
join:2004-11-09
Brooklyn, NY
| The packets were sniffed from the client machine. There is no firewall enabled on this machine.
I am not sure what you mean by sniff packets in front of the wrv, can you be more detailed.
The setup is as follows:
CableModem-->WRV54G->WinXP w/SP2->Internet--WinXP (client)
The WinXP client machine has QuickVPN and that is where I sniffed the packets.
Do you mean run the packet sniffer on the WinXP w/SP2 machine?
Also, I tried to use QuickVPN on another client machine. This machine was a Windows Server 2003 machine. The same thing happens. | |
DocLarge
Premium
join:2004-09-08
1 edit | Sgkmills, here's the no bullsh*t way on how to communicate with your WRV54G being that the Linksys instructions are trash.
For Linksys Quickvpn Client to WRV54G Connection, do the following:
1) Disable PPTP, L2TP, and IPSEC Passthru
2 Disable VPN Gateway, VPN Tunnels, Key Management, Encryption, Authentication, and PFS Shared Key
3) Until you're able to connect with quickvpn, disable ports 1723, 500, 443, and 4500; these settings "might" disrupt communication between the client and the WRV54g
Quickvpn will make its own secure tunnel with the WRV54g "without" all the following things I just mentioned that you need to disable. The above configuration is what you would do "if" you're WRV54G is acting as an "endpoint" and people are using quickvpn to connect "to" your router. As the VPN termination point, "you" do not need to enable the services in items #1 and #2; if "you" were a quickvpn user who needed to connect "to" a WRV54G vpn router, then "you" would enable pptp, L2tp, and IPSEC Pass-thru on "your" router.
-----------------------------------------------------------
Now, if you want to connect your vpn router to another vpn router, then you would have to open up a tunnel between your router and the other vpn router and slowly start opening "ports" (i.e. 1723 etc...) one by one as a means of process of elimination:
Tunnel: Enabled
Gateway: Disabled
Tunnel Name: Linksys
Local Sec. Grp (Your Lan): 192.168.1.10
255.255.255.0
Remote Sec. Grp (Other Lan) 192.168.2.10
255.255.255.0
Remote Sec. Gtwy (Other Lan's Wan IP) 24.255.34.154
Encryption: 3DES (Suggested)
Authentication: Sha1 (Suggested)
Key Management: Auto(IKE)
PFS: Enabled
Pre-Shared Key: (Enter a password)
Key Lifetime: 3600 (Suggested)
Make sure your settings in the Advanced VPN Configuration Tunnel are similar... | |
sgkmills
join:2004-11-09
Brooklyn, NY
| To all:
I did what DocLarge described to make a connection (#1, #2 and #3) and still cannot connect.
The QuickVPN client program gets to verifying network and just hangs.
Since I only have one router, I am not doing the VPN tunnel setup. | |
DocLarge
Premium
join:2004-09-08
| Fortunately, one router is all you need (the WRV54G is all I'm running for VPN). If I forgot to mention, you can't have any other vpn utility running on your machine while linksys quickvpn is loaded.
Now, if you're still not having any luck connecting, and your ISP is not blcoking VPN traffic, you're problem is simply configuration. I've got a user who connects to my WRV54G using Win XP SP2 along with the linksys quickvpn and he has no problems, and while I'm out of my house, I can connect to my router using linksys quickvpn on my laptop (OS is Win2k Pro).
So, if you've disabled PPTP, L2TP, and IPSec Pass-thru,
are you running Win XP Pro with a personal firewall? If so, turn it off. | |
sgkmills
join:2004-11-09
Brooklyn, NY
| reply to sgkmills
I still cannot connect and I have even turned off the firewall on the router. There are no firewalls enabled on client machines or the server.
How can I check if my ISP is blocking VPN traffic.
The reason I don't think the ISP is blocking is because when I logon to the router I see the status for the user I tried to connect with is 'Online' in the VPN Clients' area.
So I figured I am getting past the ISP upto the router, am I correct in thinking this?
Are there any other checks I can do? | |
tshuva
join:2004-10-30
| said by sgkmills  :How can I check if my ISP is blocking VPN traffic. If you have access to a packet sniffer, you can put it
just in front of the wrv54g internet port. If your
winxp ethereal says that it sends ISAKMP/ESP packets
but you dont see them at the wrv, then something is
blocking VPN traffic.
Or you can just ask your ISP if they block port 500, and/or
protocol 50.
The reason I don't think the ISP is blocking is because when I logon to the router I see the status for the user I tried to connect with is 'Online' in the VPN Clients' area.
So I figured I am getting past the ISP upto the router, am I correct in thinking this?
You are partially correct.
The "Online" status just means that the QuickVpn negotiation
worked. (It means the same thing as the QuickVpn "Verifying Network" message).
Once QuickVpn negotiation is finished, both endpoints start the IPSec negotiations. That is what is failing for you. | |
andy c
@adelphia.net
| reply to sgkmills
I think i found a solution to many of your problems. If your connection gets to "verifying network" then fails, make sure you have the IPSEC service enabled! you can enable this by doing start -> run and type "services.msc" then look for the ipsec service, and make sure it's enabled.
I'm using xp SP2, by the way with the linksys wireless VPN router (the one everyone has the trouble with) | |
DocLarge
Premium
join:2004-09-08
| Mills,
what are your exact settings? Disabling #1, #2, and #3 apply "if" you are using your WRV54G as an endpoint. Now, if you are trying to make a tunnel connection, enable #1, #2 and #3 (just the reverse) and go from there.
Also, try opening ports 1723, 4450, 500. At this point since you're still having problems, a little more trial and error should hurt  | |
sgkmills
join:2004-11-09
Brooklyn, NY
| reply to andy c
Andy C,
I wish it was that easy. I have verified that I have the IPSEC service enabled on both the server and workstation, to no avail. My gut feeling is something on the router is preventing this. I will sniff the packets from the router and post them 2morrow. Hopefully, one of the more network analyzers/specialists on this forum can decipher it. | |
sgkmills
join:2004-11-09
Brooklyn, NY
| reply to DocLarge
DocLarge,
My settings are as follows:
IPSEC Passthrough: Disabled
L2TP Passthrough: Disabled
PPTP Passthrough: Disabled
Tunnel: Disabled
Gateway: Disabled
Tunnel Name: NYC1
Local Sec. Grp (IP Addr.): 0.0.0.0
255.255.255.0
Remote Sec. Grp (IP Addr.): 0.0.0.0
255.255.255.0
Remote Sec. Gtwy (IP Addr.) 0.0.0.0
Encryption: DES
Authentication: Md5
Key Management: Auto(IKE)
PFS: Disabled
Pre-Shared Key: (Nothing)
Key Lifetime: 3600
Port 1723 TCP (computer w/router IP address here) unchecked
Port 1701 UDP (computer w/router IP address here) unchecked
Port 500 UDP (computer w/router IP address here) unchecked
Port 4500 UDP (computer w/router IP address here) unchecked
On the security tab of the router under firewall, the following are enabled:
firewall protection
filter multicast | |
Mandride
@rr.com
| reply to sgkmills
The answer is simple, You have to have a user id and password 7 or more characters for both. I had the same problem and called linksys to get it resolved. This little factoid isn't documented.
Note: ID and Password greater than 7 chars.
| |
sgkmills
join:2004-11-09
Brooklyn, NY
| Mandride,
I wish it was that simple!!! Both my userid/password on the vpn router are more than 7 characters. If possible, can you list your settings on the following areas of the router;
Security | Firewall
Security | VPN
Applications & Gaming | Port Range Forwarding
Plus, any settings unique on the VPN Client, i.e. no firewall, etc.
This would be greatly appreciated.
| |
babbo32
join:2004-11-23
Scottsburg, IN
| I am having the same trouble with a WRV54G. I have changed all of the settings mentioned above, but cannot get a Quick VPN client to connect. When I try to connect, I get a Failed To Establish Connection message. If I look on the Status -> VPN Clients it showed my time of day that I connected, but the status is Offline. Also, the Duration increases even though I am Offline. I do not have a personal firewall on any client PC I am using, I have the IPSEC service running, and I have a username and password both over 7 characters. Any ideas?????? | |
bigmtn
join:2002-12-26
Anaheim, CA
| Before clicking OK on the failed to connect message, open the command prompt and try to ping the remote network. You should be able to do so. Also type ipconfig /all and check to see if the address of the remote router is added to the DNS server list. If the remote router is not in the DNS server list, then you will get the Remote gateway not responding message. | |
babbo32
join:2004-11-23
Scottsburg, IN
| After trying to connect and getting the Failed To Connect error, I tried to ping the LAN of the network I was trying to connect to and failed. I can ping the public address of the router I am connecting to, and I can get into that router's configuration via the web. The Status on my router shows that I connect, but it shows me as Offline. Also, I verified that the IPSEC Service is running on my PC. Any other ideas?? | |
DocLarge
Premium
join:2004-09-08
| reply to sgkmills
Mills,
from what I can see, your settings are pretty much like mine, so let's look at a few other things. For example, on the "setup" tab under "basic settings," this is what I have:
Internet connection type: Automatic Configuration - DHCP
MTU: Manual
MTU Size: 1500 (1500 is the Max)
Setting my MTU to manual and to 1500 stabilized "ALOT" of the problems I was having. Doing this cut down on 98% of the rebooting. You don't have to have the router itself set to a static ip; just make sure your clients are connecting via static ip if they are behind a router on another land or with a WAN ip if connected directly to a cable modem (dhcp might also work). FYI, I got a dynamic ip address "FOR FREE" from www.webreactor.net. I was up and running my ftp server in under 30 mins. I tried setting my wrv54g up with a static setting, but it had a tendency to lose it's WAN connectivity every couple of days in that configuration. So, I leave it set for DHCP (in case the ip happens to change) and I have no problems in that respect anymore.
Make sure the DHCP server feature is enabled so your vpn clients can pull an IP address once they connect. Additionally, make sure all vpn clients connection to your router have a static ip address. Let's try it from this angle and see what happens...
As stated before, the quickvpn client will create its own tunnel with the wrv54g, so don't bother with the directions linksys put out; that appears to be for people using 2000 server.
For those of you who've just joined onto this thread, my WRV54G is running "while utilizing the linksys quickvpn client" with all the settings mentioned in my posts. Prior to getting Linksys to send me beta firmware 2.36.5, I was able to connect via vpn with firmware 2.36. | |
sgkmills
join:2004-11-09
Brooklyn, NY
| DocLarge,
I have verified all of the things you said, and have the same settings. I am including a snippet of the log files I captured from LogViewer, (the linksys log utility). Maybe this will help, because it is cryptic to me.
Note: DABASH is the computer name and 10.248.134.1 is the ip address of the router.
From Logviewer
1 � Nov 27 1:53:44 2004 10.248.134.1 Nov 27 06:53:40 2004 DABASH add_bidir_rule:80: RGFW-CONF: Failed to add rule (File exists)
2 � Nov 27 1:53:44 2004 10.248.134.1 Nov 27 06:53:40 2004 DABASH add_bidir_rule:80: RGFW-CONF: Failed to add rule (File exists)
3 � Nov 27 1:53:44 2004 10.248.134.1 Nov 27 06:53:40 2004 DABASH add_bidir_rule:80: RGFW-CONF: Failed to add rule (File exists)
4 � Nov 27 1:53:44 2004 10.248.134.1 Nov 27 06:53:41 2004 DABASH ipnat_add_rule:693: RGFW-CONF: Failed nat control (SIOCADNAT - File exists)
These are from wallwatcher log utility
2004/11/27 02:07:02.16 M Nov 27 07:06:58 2004 DABASH add_bidir_rule:80: RGFW-CONF: Failed to add r ule (File exists)
2004/11/27 02:07:02.16 M Nov 27 07:06:58 2004 DABASH add_bidir_rule:80: RGFW-CONF: Failed to add r ule (File exists)
2004/11/27 02:07:02.16 M Nov 27 07:06:58 2004 DABASH add_bidir_rule:80: RGFW-CONF: Failed to add r ule (File exists)
2004/11/27 02:07:02.21 M Nov 27 07:06:58 2004 DABASH ipf_check_interface:306: RGFW-CONF: Failed io ctl (SIOCADDDV -
No such device) on dev 'ips1'
2004/11/27 02:07:02.21 M Nov 27 07:06:58 2004 DABASH ipf_check_interface:306: RGFW-CONF: Failed io ctl (SIOCADDDV - No such device) on dev 'ips0'
2004/11/27 02:07:02.21 M Nov 27 07:06:58 2004 DABASH ipf_check_interface:306: RGFW-CONF: Failed io ctl (SIOCADDDV - No such device) on dev 'ips54'
2004/11/27 02:07:02.21 M Nov 27 07:06:58 2004 DABASH ipf_check_interface:306: RGFW-CONF: Failed io ctl (SIOCADDDV -
No such device) on dev 'ips53'
2004/11/27 02:07:02.21 M Nov 27 07:06:58 2004 DABASH ipf_check_interface:306: RGFW-CONF: Failed io ctl (SIOCADDDV - No such device) on dev 'ips52'
2004/11/27 02:07:02.21 M Nov 27 07:06:58 2004 DABASH ipf_check_interface:306: RGFW-CONF: Failed io ctl (SIOCADDDV - No such device) on dev 'ips51'
2004/11/27 02:07:02.21 M Nov 27 07:06:58 2004 DABASH ipf_check_interface:306: RGFW-CONF: Failed io ctl (SIOCADDDV - No such device) on dev 'ips50'
2004/11/27 02:07:02.22 M Nov 27 07:06:58 2004 DABASH ipf_check_interface:306: RGFW-CONF: Failed io ctl (SIOCADDDV -
No such device) on dev 'ppp0'
2004/11/27 02:07:02.22 M Nov 27 07:06:58 2004 DABASH ipf_check_interface:306: RGFW-CONF: Failed io ctl (SIOCADDDV - No such device) on dev 'ixp0.3'
Hopefully, someone knows what this means. | |
JohnLouis
@bellsouth.ne | reply to DocLarge
DocLarge, I'm a new to VPN. On what device do you disable ports 1723, 500, 443, and 4500? And How? | |
|
