VPN: Linksys WRV54G to Pix

Discussion in 'Cisco' started by BG, Oct 11, 2004.

  1. BG

    BG Guest

    I've got a Linksys WRV54G at home with VPN abilities. I was wondering if
    it's possible to connect to my workplace (Cisco 506) with it? Anybody tried
    this?

    BG
    BG, Oct 11, 2004
    #1
    1. Advertising

  2. BG

    Craig B. Guest

    You just need to make sure that NAT passthru is enabled...which is the
    default for the Linksys.

    I've done it to a 501 at my work with no problems.

    Craig

    "BG" <> wrote in message news:<4ktad.1517$>...
    > I've got a Linksys WRV54G at home with VPN abilities. I was wondering if
    > it's possible to connect to my workplace (Cisco 506) with it? Anybody tried
    > this?
    >
    > BG
    Craig B., Oct 11, 2004
    #2
    1. Advertising

  3. In article <>,
    Craig B. <> top-posted:
    :"BG" <> wrote in message news:<4ktad.1517$>...
    :> I've got a Linksys WRV54G at home with VPN abilities. I was wondering if
    :> it's possible to connect to my workplace (Cisco 506) with it? Anybody tried
    :> this?

    :You just need to make sure that NAT passthru is enabled...which is the
    :default for the Linksys.

    :I've done it to a 501 at my work with no problems.

    Chris, I'm not sure that you answered the question that the OP asked.
    Are you saying that:

    a) you have been able to get the Cisco VPN client to work through
    a Linksys device to a PIX 501?

    b) you have been able to get the internal IP address range of your
    LAN through a VPN tunnel between a Linksys and a PIX 501, over to the
    remote LAN?

    c) you have been able to use "lan extension mode" (L2TP) to have
    your local LAN be a part of the remote LAN on a VPN tunnel built
    between a Linksys and a PIX 501?

    d) you have been able to have your local LAN NAT'd as you go through
    a VPN tunnel built between a Linksys and a PIX 501 (such as would
    be needed if the local LAN and the remote LAN used the same internal
    address ranges)?

    e) you have been able to have your Linksys build a VPN tunnel to a PIX 501
    complete with using NAT-T (NAT Traversal) in order to support end-to-end
    AH, or in order to have ESP get through a network that filters ESP,
    or through a network that would otherwise interfere with IPsec?


    I'm not sure exactly what you mean by "NAT passthru": it sounds more
    like NAT Traversal to me than it sounds like "turn off NAT'ing so that
    local IP addresses get through to the remote end", but as shown above
    I can see other potential meanings as well. As I interpret things,
    the OP is asking whether an IPSec tunnel can be built between a
    Linksys WRV54G and a PIX 506; I'm not sure from your terminology
    whether you answered that or not?
    --
    Studies show that the average reader ignores 106% of all statistics
    they see in .signatures.
    Walter Roberson, Oct 11, 2004
    #3
  4. BG

    BG Guest

    Chris, I assume you meant you have stablished a tunnel between the Linksys
    and the 501, not just using a Cisco VPN client through it? The reason I ask
    is that I see that WRV54G "is capable of 50 VPN tunnels" and that I can set
    algorithms like IKE and IPSEC lifetime, preshared keys etc....



    BG

    --



    Regards,
    Bjorn G
    "Walter Roberson" <-cnrc.gc.ca> wrote in message
    news:ckf37j$iba$...
    > In article <>,
    > Craig B. <> top-posted:
    > :"BG" <> wrote in message
    > news:<4ktad.1517$>...
    > :> I've got a Linksys WRV54G at home with VPN abilities. I was wondering
    > if
    > :> it's possible to connect to my workplace (Cisco 506) with it? Anybody
    > tried
    > :> this?
    >
    > :You just need to make sure that NAT passthru is enabled...which is the
    > :default for the Linksys.
    >
    > :I've done it to a 501 at my work with no problems.
    >
    > Chris, I'm not sure that you answered the question that the OP asked.
    > Are you saying that:
    >
    > a) you have been able to get the Cisco VPN client to work through
    > a Linksys device to a PIX 501?
    >
    > b) you have been able to get the internal IP address range of your
    > LAN through a VPN tunnel between a Linksys and a PIX 501, over to the
    > remote LAN?
    >
    > c) you have been able to use "lan extension mode" (L2TP) to have
    > your local LAN be a part of the remote LAN on a VPN tunnel built
    > between a Linksys and a PIX 501?
    >
    > d) you have been able to have your local LAN NAT'd as you go through
    > a VPN tunnel built between a Linksys and a PIX 501 (such as would
    > be needed if the local LAN and the remote LAN used the same internal
    > address ranges)?
    >
    > e) you have been able to have your Linksys build a VPN tunnel to a PIX 501
    > complete with using NAT-T (NAT Traversal) in order to support end-to-end
    > AH, or in order to have ESP get through a network that filters ESP,
    > or through a network that would otherwise interfere with IPsec?
    >
    >
    > I'm not sure exactly what you mean by "NAT passthru": it sounds more
    > like NAT Traversal to me than it sounds like "turn off NAT'ing so that
    > local IP addresses get through to the remote end", but as shown above
    > I can see other potential meanings as well. As I interpret things,
    > the OP is asking whether an IPSec tunnel can be built between a
    > Linksys WRV54G and a PIX 506; I'm not sure from your terminology
    > whether you answered that or not?
    > --
    > Studies show that the average reader ignores 106% of all statistics
    > they see in .signatures.
    BG, Oct 12, 2004
    #4
  5. On Mon, 11 Oct 2004 12:33:35 +0200, "BG" <> wrote:

    ~ I've got a Linksys WRV54G at home with VPN abilities. I was wondering if
    ~ it's possible to connect to my workplace (Cisco 506) with it? Anybody tried
    ~ this?
    ~
    ~ BG
    ~

    You should be able to set up a static IPsec tunnel between a Linksys
    VPN router and a PIX. Our websites don't have an examples of
    this per se, but you can see a discussion at http://www.experts-exchange.com/Networking/Q_21144451.html .

    Cheers,

    Aaron
    Aaron Leonard, Oct 12, 2004
    #5
  6. BG

    speakeasy Guest

    Re: Linksys WRV54G to Pix

    I've set up tunnels between my Linksys befvp41 and a pix 525, nortel
    contivity 1700, nokia ip330/checkpoint and native MS ipsec with no problems.
    Here's the pix side of the tunnel.

    ---172.26.4.0 net in my house
    ---192.168.101.0 net in remote location
    ---XX.XX.XX.XX is ip address of my house

    access-list nonat_vpn permit ip 192.168.101.0 255.255.255.0 172.26.4.0
    255.255.255.0

    access-list 20 permit ip 192.168.101.0 255.255.255.0 172.26.4.0
    255.255.255.0

    nat (inside) 0 access-list nonat_vpn

    crypto ipsec transform-set hogan esp-3des esp-sha-hmac
    crypto map wtmap 1 ipsec-isakmp
    crypto map wtmap 1 match address 20
    crypto map wtmap 1 set pfs
    crypto map wtmap 1 set peer XX.XX.XX.XX
    crypto map wtmap 1 set transform-set hogan
    crypto map wtmap interface outside

    isakmp enable outside
    isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255
    isakmp identity address
    isakmp policy 1 authentication pre-share
    isakmp policy 1 encryption 3des
    isakmp policy 1 hash sha
    isakmp policy 1 group 1
    isakmp policy 1 lifetime 28800

    I can post screenshots from the Linksys if you want. Just make sure isakmp
    group matches, authentication and encryption match, and PFS matches.

    "BG" <> wrote in message
    news:4ktad.1517$...
    > I've got a Linksys WRV54G at home with VPN abilities. I was wondering if
    > it's possible to connect to my workplace (Cisco 506) with it? Anybody

    tried
    > this?
    >
    > BG
    >
    >
    speakeasy, Oct 12, 2004
    #6
  7. BG

    BG Guest

    Re: Linksys WRV54G to Pix

    Thanks!

    I'll start working on it tonight....



    BG


    "speakeasy" <paul@> wrote in message
    news:...
    > I've set up tunnels between my Linksys befvp41 and a pix 525, nortel
    > contivity 1700, nokia ip330/checkpoint and native MS ipsec with no
    > problems.
    > Here's the pix side of the tunnel.
    >
    > ---172.26.4.0 net in my house
    > ---192.168.101.0 net in remote location
    > ---XX.XX.XX.XX is ip address of my house
    >
    > access-list nonat_vpn permit ip 192.168.101.0 255.255.255.0 172.26.4.0
    > 255.255.255.0
    >
    > access-list 20 permit ip 192.168.101.0 255.255.255.0 172.26.4.0
    > 255.255.255.0
    >
    > nat (inside) 0 access-list nonat_vpn
    >
    > crypto ipsec transform-set hogan esp-3des esp-sha-hmac
    > crypto map wtmap 1 ipsec-isakmp
    > crypto map wtmap 1 match address 20
    > crypto map wtmap 1 set pfs
    > crypto map wtmap 1 set peer XX.XX.XX.XX
    > crypto map wtmap 1 set transform-set hogan
    > crypto map wtmap interface outside
    >
    > isakmp enable outside
    > isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255
    > isakmp identity address
    > isakmp policy 1 authentication pre-share
    > isakmp policy 1 encryption 3des
    > isakmp policy 1 hash sha
    > isakmp policy 1 group 1
    > isakmp policy 1 lifetime 28800
    >
    > I can post screenshots from the Linksys if you want. Just make sure
    > isakmp
    > group matches, authentication and encryption match, and PFS matches.
    >
    > "BG" <> wrote in message
    > news:4ktad.1517$...
    >> I've got a Linksys WRV54G at home with VPN abilities. I was wondering if
    >> it's possible to connect to my workplace (Cisco 506) with it? Anybody

    > tried
    >> this?
    >>
    >> BG
    >>
    >>

    >
    >
    BG, Oct 13, 2004
    #7
  8. BG

    DAMnet

    Joined:
    Aug 11, 2006
    Messages:
    1
    Hello,

    I have also a PIX 501 and a WRV54G.
    When I connect to the PIX with Cisco's VPN client it works fine.

    I'll connect two domains with VPN, the WRV54G needs to be connecting to the PIX and set-up a VPN tunnel.
    I have used the settings that U have post but the WRV54G sty saying Waiting for connection .
    My Tunnel config in the WRV is:
    VPN Tunnel: Enabled

    Local Secure Group (subnet)
    192.168.1.0
    255.255.255.0

    Remote Secure Group (subnet)
    172.16.23.0
    255.255.255.0

    Remote Secure Gateway (IP addr.)
    Public IP address of the PIX

    Encryption:
    3DES

    Authentication:
    SHA1

    Key Exchange Method:
    AUTO(IKE)

    PFS:
    Enabled

    Pre-Shared Key:
    Some key...... (the same ass in the PIX)

    Key Lifetime :
    28000

    Advanced VPN Tunnel Setup:
    Nothings changed

    Phase 2:
    Group 768-bit (is group 1 like PIX settings)


    What’s the config for the WRV? Or what can be wrong??

    Dennis
    DAMnet, Aug 12, 2006
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?SmVycnk=?=

    linksys wrv54g

    =?Utf-8?B?SmVycnk=?=, Jan 11, 2005, in forum: Wireless Networking
    Replies:
    4
    Views:
    1,019
    =?Utf-8?B?U2t1bGxib25l?=
    Jan 12, 2005
  2. mbike
    Replies:
    0
    Views:
    2,420
    mbike
    Feb 1, 2004
  3. Linksys WRV54G

    , May 25, 2005, in forum: Cisco
    Replies:
    0
    Views:
    482
  4. spencerwill.com
    Replies:
    2
    Views:
    4,163
    Peter
    May 26, 2005
  5. philbert66
    Replies:
    0
    Views:
    375
    philbert66
    Feb 13, 2008
Loading...

Share This Page