Question about ADC Kentrox Q2300 Router

Open Question

Kentrox Q2300 VPN router: remote clients go through bouts of "invalid remote address" when establishing VPN tunnels. Even happens when the router's vpn tunnel is disabled and re-enabled. Using TheGreenbow VPN client and have this issue with various versions of the client. Suspect a problem with the Kentrox unit, as it doesn't seem to "release" a VPN connection when the user closes their remote end. Any experience with this? Anyone? Any help with this is appreciated!!

Posted by on

Ad

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

1 Answer

Cannot link vpn. direct from internet provider works. when try connection via d-link dir625 does not connect. does allow internet access


Ok to Setup you VPN follow the instructions below. You can configure DI-804HV, DI-808HV, and DI-824VUP+ by web management interface. Type 192.168.0.1 (The LAN IP is 192.168.0.1 by default) in the browser, and then input user name: admin (there is no password by default) to pass authentication of web management interface. Then finish the configurations as showed below on Gateway A and Gateway B. Configurations of Gateway A 􀂾 Model: DI-804HV (DI-808HV, or DI-824VUP+) 􀂾 Firmware version: v1.40 (You can download the latest firmware on D-Link’s website.) 􀂾 WAN IP Address: 14.15.16.17 (Static IP) 􀂾 LAN IP Address: 10.5.6.1 (Subnet Mask: 255.255.255.0) 􀂾 VPN Configurations: 􀂄 Enable VPN function on Gateway A. 􀂄 Tunnel Name: toGatewayB 􀂄 VPN Method: IKE (Main mode) 􀂄 Local Subnet: 10.5.6.0 􀂄 Local Netmask: 255.255.255.0 􀂄 Remote Subnet: 172.23.9.0 􀂄 Remote Netmask: 255.255.255.0 􀂄 Remote Gateway: 22.23.24.25 􀂄 Pre-share Key: hr5xb8416aa9r6 􀂄 IKE Proposal (Please remember to add the correct proposal ID into the list of IKE Proposal Index when you finish inputting the following information.) 􀀹 Proposal Name: toGatewayB 􀀹 DH Group: Group 2 􀀹 Encryption Algorithm: 3DES 􀀹 Authentication Algorithm: SHA1 􀀹 Life Time: 28800 􀀹 Life Time Unit: Second 􀂄 IPSec Proposal (Please remember to add the correct proposal ID into the list of IKE Proposal Index when you finish inputting the following information.) 􀀹 Proposal Name: toGatewayB 􀀹 DH Group: Group 2 􀀹 Encapsulation Protocol: ESP 􀀹 Encryption Algorithm: 3DES 􀀹 Authentication Algorithm: SHA1 􀀹 Life Time: 3600 􀀹 Life Time Unit: Second 4. Verify the VPN connection Before you start to establish VPN connection between Gateway A and Gateway B, please make sure the Internet connection between Gateway A and Gateway B is workable. You can use “Ping Test” tool on Gateway A (or Gateway B), and input the IP address of Gateway B (or Gateway A) to see if there is any response from its peer device. Connect a PC (called PC_A) to the LAN port of Gateway A, and connect another PC (called PC_B) to the LAN port of Gateway B. Start to “Ping” PC_B on PC_A, then Gateway A will start to establish IPSec connection with Gateway B. If you can get “Ping” responses from PC_B on PC_A, then it means the tunnel has been established successfully. You can also check the “VPN Status” page with web management interface to verify the status of VPN connections. Figure 1: VPN status of Gateway A after IPSec connection has been established. Figure 2: VPN status of Gateway B after IPSec connection has been established.
Hope this helps
Here it is in PDF.http://www.vpnc.org/InteropProfiles/D-Link-DI.pdf

Feb 11, 2010 | D-Link DIR-625 (790069292637) Wireless...

Tip

VPN in Microsoft Server 2003


The full form of VPN is Virtual Private Network. VPN gives extremely secure connections between private networks linked through the Internet. It allows remote computers to act as though they were on the same secure, local network. Allows you to be at home and access your company's computers in the same way as if you were sitting at work.

Almost impossible for someone to tap or interfere with data in the VPN tunnel. If you have VPN client software on a laptop, you can connect to your company from anywhere in the world. VPN goes between a computer and a network (client-to-server), or a LAN and a network using two routers (server-to-server). Each end of the connection is a VPN "endpoint", the connection between them is a "VPN tunnel".

When one end is a client, it means that computer is running VPN client software. You can use a virtual private network (VPN) to connect components to one network by using another network. VPN do this by "tunneling" through the Internet or another public network. With a VPN, connections across the public network can transfer data by using the routing infrastructure of the Internet, but to the user, the data seems to travel over a dedicated private link.

A VPN gives you the benefit of a dial-up connection to a dial-up server, plus the flexibility of an Internet connection. Using an Internet connection you can connect to resources all over the world. If you have a high-speed Internet connection at your computer and at your office, you can communicate with your office at full Internet speed. This is much faster than any dial-up connection that uses an analog modem.

VPNs use authenticated links to make sure that only authorized users can connect to your network, and they use encryption to make sure that others cannot intercept and cannot use data over the Internet. A Tunneling Protocol is a technology that helps make the transfer of information over the Internet more secure from one computer to another.

VPN technology also permits a corporation to connect to its branch offices or to other companies over a public network, such as the Internet, while helping to maintain secure communications. The VPN connection across the Internet logically operates as a dedicated wide area network (WAN) link.

VPN in Windows 2003 Server: You need a high speed Internet connection to configure and run VPN server. Two individual lan card must be present in a single system where you want to configure a VPN Server. The lan cards should ping each other. Also need a User which's Dial in allow access should be enable. Microsoft 2003 server two tunnelling protocols for a secure VPN connection, one is PPTP (Point-to-Point Tunnelling Protocol) which Provides data encryption using Microsoft Point-to-Point Encryption. The other is L2TP (Layer Two Tunnelling Protocol) which Provides data encryption, authentication, and integrity using IPSec.

Steps to create VPN Server in 2003 Server: At first I go to Start and point to Administrative Tools, then click Routing and Remote Access. Then I click the server icon that matches the local server name in the left panel of the console. If the Routing and Remote Access service was previously turn on, you may want to reconfigure the server.

To reconfigure the server Right-click the server object, and then click Disable Routing and Remote Access. Click yes to continue when you are prompted with an informational message. Then Right-click the server icon and then click configure and Enable Routing and Remote Access to start the Routing and Remote Access Server Setup Wizard. After that click Remote access (dial-up or VPN) to turn on remote computers to dial in or connect to this network through the Internet. Then I have Click to select VPN. In the VPN Connection window I click the network interface (Lan) which is connected to the Internet and go the IP Address Assignment window, then I click Automatically because there was present a DHCP server in network. However, if DHCP is not available, you must specify a range of static addresses.

If you use from a specified range of addresses, open the Address Range Assignment dialog box and Type the first IP address in the range of addresses that you want to use in the Start IP address box. Type the last IP address in the range in the End IP address box. Windows calculates the number of addresses automatically. After that I have accept the default setting of No, use Routing and Remote Access to authenticate connection request and finally Click Finish to turn on the Routing and Remote Access service and to configure the server as a Remote Access server.
For the remote access server to forward traffic properly inside your network, you must configure it as a router with either static routes or routing protocols, so that all of the locations in the intranet are reachable from the remote access server. It also need for security purpose.<SPAN style="LINE-HEIGHT: 115%; FONT-FAMILY: 'Verdana','sans-serif

on Mar 22, 2011 | Microsoft Windows Server 2003 Enterprise...

Tip

How to setup VPN on a D-link Router.



Ok to Setup you VPN follow the instructions below. You can configure DI-804HV, DI-808HV, and DI-824VUP+ by web management interface. Type 192.168.0.1 (The LAN IP is 192.168.0.1 by default) in the browser, and then input user name: admin (there is no password by default) to pass authentication of web management interface. Then finish the configurations as showed below on Gateway A and Gateway B. Configurations of Gateway A 􀂾 Model: DI-804HV (DI-808HV, or DI-824VUP+) 􀂾 Firmware version: v1.40 (You can download the latest firmware on D-Link’s website.) 􀂾 WAN IP Address: 14.15.16.17 (Static IP) 􀂾 LAN IP Address: 10.5.6.1 (Subnet Mask: 255.255.255.0) 􀂾 VPN Configurations: 􀂄 Enable VPN function on Gateway A. 􀂄 Tunnel Name: toGatewayB 􀂄 VPN Method: IKE (Main mode) 􀂄 Local Subnet: 10.5.6.0 􀂄 Local Netmask: 255.255.255.0 􀂄 Remote Subnet: 172.23.9.0 􀂄 Remote Netmask: 255.255.255.0 􀂄 Remote Gateway: 22.23.24.25 􀂄 Pre-share Key: hr5xb8416aa9r6 􀂄 IKE Proposal (Please remember to add the correct proposal ID into the list of IKE Proposal Index when you finish inputting the following information.) 􀀹 Proposal Name: toGatewayB 􀀹 DH Group: Group 2 􀀹 Encryption Algorithm: 3DES 􀀹 Authentication Algorithm: SHA1 􀀹 Life Time: 28800 􀀹 Life Time Unit: Second 􀂄 IPSec Proposal (Please remember to add the correct proposal ID into the list of IKE Proposal Index when you finish inputting the following information.) 􀀹 Proposal Name: toGatewayB 􀀹 DH Group: Group 2 􀀹 Encapsulation Protocol: ESP 􀀹 Encryption Algorithm: 3DES 􀀹 Authentication Algorithm: SHA1 􀀹 Life Time: 3600 􀀹 Life Time Unit: Second 4. Verify the VPN connection Before you start to establish VPN connection between Gateway A and Gateway B, please make sure the Internet connection between Gateway A and Gateway B is workable. You can use “Ping Test” tool on Gateway A (or Gateway B), and input the IP address of Gateway B (or Gateway A) to see if there is any response from its peer device. Connect a PC (called PC_A) to the LAN port of Gateway A, and connect another PC (called PC_B) to the LAN port of Gateway B. Start to “Ping” PC_B on PC_A, then Gateway A will start to establish IPSec connection with Gateway B. If you can get “Ping” responses from PC_B on PC_A, then it means the tunnel has been established successfully. You can also check the “VPN Status” page with web management interface to verify the status of VPN connections. Figure 1: VPN status of Gateway A after IPSec connection has been established. Figure 2: VPN status of Gateway B after IPSec connection has been established.
Hope this helps
Here it is in PDF.http://www.vpnc.org/InteropProfiles/D-Link-DI.pdf






on Feb 11, 2010 | Computers & Internet

1 Answer

WRT120N doesn;t permit VPN accesses


Most times when VPN is not working is because one of the ports is not forwarding right. Easy fix is to go to router settings and enable DMZ for your computers IP address. Also you can actually find out what are the ports this VPN uses and go to Port Forwarding part of router and open the ports manually. My favorite is DMZ. All this does is open up ports for your computer IP address so there is no blocked pockets. Good luck.

Jan 12, 2010 | Linksys WRT120N Router

1 Answer

Vpn


this is not so much a soloution but an idea!
from memory the netopia devices allow you to configure a dmz device by IP or MAC address.

I have had to do something similar but with a buffalo unit instead of your linksys. I ended up having to place the buffalo unitin into a dmz created on the netopia unit. before VPN tunnles were formed correctly.

Nov 01, 2008 | Netopia 2247NWG-VGx Wireless Router...

1 Answer

Can't ping or see anything on remote LAN


They are defective i have gone through like 5 or 6 of them before sending them all back i would sacrifice the gigabit and go with the RV042

May 21, 2008 | Linksys RVS4000 Router

1 Answer

Gateway to gateway tunneling vpn


can you provide more information:
- WAN IP addresses of both routers
- LAN IP of both routers.
- name of ISP for both


i can provide a solution if i will know these info

Nov 16, 2007 | Linksys RV042 VPN Router

1 Answer

Vpn error. 800


Resolutions: 1) if you have firewall, open TCP Port 1723, IP Protocol 47 (GRE). 2) make sure you can reach the VPN server by using ping. Sometimes, poor connection can cause this issue too. 3) You may need to updated firmware on a router or firewall if other OS (win9x/nt/me/w2k) works except XP. 4) The VPN server may not be able to get IP from DHCP for the VPN client. So, you may want to re-configure VPN host networking settings. For XP pro VPN host, go to the Properties of the VPN>Network, check Specify TCP/IP address and Allow calling computer to specify its own IP address, and uncheck Assign TCP/IP addresses automatically using DHCP. 5) Make sure no other secure software blocks your access, for example, if you use Norton secure software, you may need to add the remote client's IP so that the client can access. 6) If your VPN running on a Windows RRAS with NAT enabled, you may want to check the NAT settings. 7) If you can establish the VPN from the desktop at home but not from the laptop. Make sure no security software like Microsoft OneCare software that blocks the GRE.

Oct 01, 2007 | Acer Aspire 5100 Notebook

1 Answer

VPN


the following is from a nice guide i found on the net, see if it works for you: First thing to check is whether your router has any settings for PPTP or IPsec "pass through". These are commonly found in Linksys routers but you may have to hunt around for them on other makes. All you need to do is enable the setting for the VPN protocol that you're using, reboot your router and, if you're lucky, the VPN connection will come right up. Note: Not all routers have these enables and the lack of them doesn't necessarily mean that you can't get VPN working. Open up that Firewall Still no connection? The next step is to try opening some ports in your router's firewall to get your VPN connection made. In each case, you'll need to open the specific ports (and protocol) to the IP address of the computer that you're running the VPN client on. NOTE that port mappings work with only one computer at a time. If you have multiple VPN clients that you need to connect, your router will have to support the VPN protocol that you're using without requiring ports opened. If you're using Microsoft's PPTP protocol, TCP port 1723 is the port you'll need to forward to allow PPTP control traffic to pass. Figure 2 shows the Forwarding screen on a Linksys BEFSR41 set to forward this port to a client with IP address 192.168.5.100. PPTP also needs IP protocol 47 (Generic Routing Encapsulation) for the VPN data traffic itself, but note that this is a required protocol, not a port. The ability to handle this protocol must be built into the router's NAT "engine"?which is true of most present-generation routers. IPsec-based VPN's need UDP port 500 opened for ISAKMP key negotiations, IP protocol 51 for Authentication Header traffic (not always used), and IP protocol 50 for the "encapsulated data itself. Again, the only "forwardable" item here is UDP port 500, which is also shown programmed in Figure 2 to the same LAN client machine?protocols 50 and 51 must be built into your router. Tip: Not all routers are created equal! Some allow only one VPN tunnel to be opened and used by a single client. Others support multiple tunnels, but with one client per tunnel. Unfortunately, most vendors don't make the VPN pass through capabilities of their products clear in their documentation, nor do they have support staff properly trained to provide this information either. In most cases, your only option is to try a router in your specific application, and make sure you can return it and get your money back if you can't get it working. Still not Working? Getting many IPsec-based VPN setups working can be a black art due to the wide variation in techniques used by various vendors. Although IPsec products have become more uniform as the technology matures, your company may use older, more proprietary products that may not be configured with NAT in mind, or require additional ports to be opened in your firewall.

Feb 19, 2006 | Microsoft MN-700 Wireless Router

1 Answer

Configuring a VPN tunnel


Step 1: Log into the web based configuration of the router by typing in the IP address of the router (default: 192.168.0.1) in your web browser. By default the username is admin and there is no password. Step 2: Click the VPN button on the left column, select the checkbox to Enable the VPN, and then in the box next to Max. number of tunnels , enter the maximum numbers of VPN tunnels that you would like to have connected. Step 3: In the space provided, enter the Tunnel Name for ID number 1, select IKE, and then click More. Step 4: In the Local Subnet and Local Netmask fields enter the network identifier for the local DI-804HV´s LAN and the corresponding subnet mask. Step 5: In the Remote Subnet and Remote Netmask fields enter the network identifier for the remote DI-804HV´s LAN and the corresponding subnet mask. Step 6: In the Remote Gateway field enter the WAN IP address of the remote DI-804HV and in the Preshared Key field, enter a key which must be exactly the same as the Preshared Key that is configured on the remote DI-804HV. Step 7: Click Apply and then click on Select IKE Proposal... Step 8: Enter a name for proposal ID number 1 and select Group 1, 2, or 5 from the DH Group dropdown menu. Step 9: Select DES or 3DES as the Encryption Algorithm and either SHA-1 or MD5 as the Authentication Algorithm. Step 10: Enter a Lifetime value and then either select Sec. or KByte as the unit for the lifetime value. Step 11: Select 1 out of the Proposal ID dropdown menu and click Add To, which will add the proposal that was just configured to the IKE Proposal Index. Click Apply and then click Back. Step 12: Click on Select IPSec Proposal... Step 13: Enter a name for proposal ID number 1 and select Group 1, 2, 5, or None from the DH Group dropdown menu. Step 14: Select ESP or AH as the Encapsulation Protocol. Step 15: Select DES or 3DES as the Encryption Algorithm and either SHA-1, MD5, or None as the Authentication Algorithm. Step 16: Enter a Lifetime value and then either select Sec. or KB as the unit for the lifetime value. Step 17: Select 1 out of the Proposal ID dropdown menu and click Add To, which will add the proposal that was just configured to the IPSec Proposal Index. Click Apply and then click Restart. Step 18: Follow these instructions to configure your Other DI-804HV using the exact same settings for the IKE Proposal and the IPSec Proposal. Also make sure that Step 4 is configured to reflect the LAN settings for what is now the Local DI-804HV and that Steps 5 & 6 are configured to reflect the Subnet and WAN IP of what is now the Remote DI-804HV Step 19: To establish the connection, open a command prompt and ping an IP address of a computer on the remote LAN. Once you receive replies the tunnel has been established.

Feb 16, 2006 | D-Link Express EtherNetwork DI-804HV...

Not finding what you are looking for?
ADC Kentrox Q2300 Router Logo

Related Topics:

108 people viewed this question

Ask a Question

Usually answered in minutes!

Top ADC Kentrox Computers & Internet Experts

Doctor PC
Doctor PC

Level 3 Expert

7733 Answers

kakima

Level 3 Expert

102366 Answers

David Payne
David Payne

Level 3 Expert

14161 Answers

Are you an ADC Kentrox Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...