Seting up an IP Sec VPN
I want to set up an IP Sec VPN over the internet, between a VR042 VPN router and a windows-7 lap-top.
-
One aim is to view IP-WEB camera (DLink DCS 930L)
-
Also test how IPSec VPN can be used to reach local files, manage devices etc
These are how I set up the parameters
-
Camera, DLink DCS 930L,
-
RV042 VPN Router,
-
ADSL Router,
-
Dynamıc DNS (Dyndns.org),
-
VPN (on W7):
-
Camera, DLink DCS 930L
Static IP: p.q.b.2
Subnetmask: 255.255.255.0
Primary/Secondary DNS: p.q.a.1
Port settings: 80
UPnP: Disable
UPnP Port forwarding: Disable
Bonjour: Disable
Dyndns: Disable
I also tried with
Server address: www.dyndns.org
xxxx.dyndns-office.com
user name: yyyy
password: zzzz
timeout: 576 hours
-
RV042 VPN Router
WAN IP: p.q.a.2
Default Gateway: p.q.a.1
DNS: p.q.a.1
Stateful Packet Inspection: On
DoS: On
Block WAN request: Off
Block: Access to HTTP Proxy Servers
Access rule: 0 rules set
LAN: p.q.b.1
Subnetmask: 255.255.255.0
UPnP function: No
One-to-one NAT: Not enabled
Dynamic DNS
Dyndns.org:
Password: xxxx
Host name: zzzz.dyndns-office.com
IP Address: p.q.b.2
Status: Successfully updated with dyndns.org
Static routing:
Destination IP: p.q.a.0
Subnetmask: 255.255.255.0
Default Gateway: p.q.a.1
Interface: WAN1
Dyndns.org
Obtained -
xxxx.dyndns-office.com
Host with IP address selected
Not selected WebHop Redirect –URL forwarding service)
Not selected Offline HostName
IP address: x.y.z.t
System detected my dynamic WAN IP address as x.y.z.t
ADSL Router:
IP Address: p.q.a.1
Home network IP Address: p.q.a.0
LAN servers: What ıs LAN servers ?
Firewall:
Typical security: Inbound policy Reject, Remote admin settings will override the security inbound policy, Outbound Policy: reject
Block IP fragmentation: Selected
DNS Rebinding Protections
Activate DNS Relay Protection- Not selected
Act,vate Web Management protection: Selected
No access control
No port triggering set
No website restrictions
No advance filtering
Routing: LAN Bridge p.q.b.0 Netmask 255.255.255.0, Gateway p.q.a.2, metric=3,
No Dynamic DNS set up on ADSL router
Also tried with dyndns set up together with dyndns on VR042 at the same time
VPN Set up on LAP TOP
Host name or IP: Tried p.q.a.2 (VR042 WAN port towards the ADSL router)
And
xxx.dyndns-office.com
Options: Display progress while connecting, Prompt for name and password, certificate etc, İnclude Windows domain name
PPP Settings: Enable LCP extensions
Security
Type of VPN Automatic (tries both PPTP and L2TP)
Data encryption: Optional encryption, connect even if no encryption
Authentication:
Use Extensible Authentication Protocol (EAP) not selected
Allow these protocols:
EAP-MSCHAPV2 will be sued for IKEv2 VPN type
User name and password for dyndns account entered to connect to the VPN
When connecting to VPN
Connection verifies the User name and password,
Then tries PPTP and fails
Then tries L2TP and fails
Connecting to
xxx.dyndns-office.com using WAN miniport (PPTP)’…then trıed connection using WAN miniport (L2TP)’…
or for local trial it tried to connect to p.q.a.2 using WAN miniport (PPTP)’… then tried using WAN miniport (L2TP)’…
Both cases gave the following error message:
Error 800 The remote connection was not made because the VPN tunnels failed. The VPN server might be unreachable. If this connection is attempting to use an L2TP/IPSec tunnel, the security parameters required for the IPSec negotiator might not be configured properly.
VPN
Client to gateway
Local security gateway type: dynamic IP + Domain name (FQDN) Authentication
Domain name: xxx.dyndns-office.com
Local security group Type: Subnet
IP Address: p.q.b.1
Subnetmask: 255.255.255.0
Remote client type: dynamic IP + Domain name (FQDN) Authentication
Domain name: xxx.dyndns-office.com
Keying mode: IKE with Pre-shared key
Phase 1 DH Group: Group 1-768 bit
Phase 1 Encryption: DES
Phase 1 Authentication: MD5
Phase 1 SA Life Time: 28800
Perfect Forward Secrecy: selected
Phase 2 DH Group: Group 1-768 bit
Phase 2 Encryption: DES
Phase 2 Authentication: MD5
Phase 2 SA Life time: 3600
Pre-shared key: xxxx
NAT Traversal: selected
Share with your friends: |