[vpn-help] Trendnet BRV324 VPN router(solved)

Wed Jun 29 20:57:52 CDT 2011

On Wed, 29 Jun 2011 09:44:25 -0400
charles morrison <charlie2 at ledgible.com> wrote:

> 
> 
> On 6/28/2011 4:03 PM, charles morrison wrote:
> >
> >> Hi Charlie,
> >>
> >> Good to hear you're making progress!
> >>
> >> The VPN Trace Utility is part of the Shrew Soft install.  You
> >> should be able to pick it from the Programs ->  ShrewSoft VPN
> >> program group. Remember to right-click and Run As Administrator if
> >> User Access Control does not prompt you.
> >>
> >> The problem browsing the network may be related to DNS settings if
> >> you've got the Policy set to Tunnel All.  You can specify DNS
> >> settings to use through the VPN in the site configuration.
> >>
> >> The problem with the ATT aircard may be related to lack of support
> >> for UMTS devices.  Try upgrading to the Shrew 2.2.0 beta to see if
> >> that helps.
> >> _______________________________________________
> >> vpn-help mailing list
> >> vpn-help at lists.shrew.net
> >> http://lists.shrew.net/mailman/listinfo/vpn-help
> >>
> > Kevin,
> >
> > Well, after about 20 or 30 hours, I finally solved the problem the
> > old fashioned way: *I bought a Cisco router.
> > *
> > I bought a Cisco RV 120W and configured it according to the 
> > instructions I found at:
> >
> > http://www.robdyke.com/noc/2011/04/24/using-shrew-soft-vpn-client-with-a-cisco-rv-120w/
> >
> > I had a few problems even then, but I did get it to work.
> >
> > Problems encountered were not realizing I had to enable the WAN in
> > the router from the status screen, and figuring out that I needed
> > to use X-Auth. Rob Dykes version of Shrewsoft is unknown, so the
> > screens didn't quite match the version I am using.
> >
> > My advice to all those with a Trendnet is to buy something else.
> > It's not worth the amount of time to get it to work. They don't
> > seem to have any updates for more than 4 years, so I would guess
> > that the firmware is out of date.
> >
> > Shrewsoft VPN trace utility is great. I used it to see if multiple
> > ike requests were being made which indicated a failure at the ike
> > level. I could also see the Dead Peer Detection working. I could
> > then focus my attention on the Shrewsoft area where ike is
> > involved: (authentication and phase 1). Once that is resolved, I
> > could look at phase 2 and then the DNS stuff.
> >
> > Thanks,
> >
> > Charlie Morrison
> Kevin,
> 
> Follow up question.
> 
> The Cisco router works fine and I can browse the network server 
> directories. What I cannot do is resolve dns.
> 
> If I ping a computer on the network by name, it fails: if I ping by
> IP address, it is successful.
> 
> I am using the latest Shrewsoft beta version, and have dns and wins 
> enabled with predefined IP addresses. When I switch to get wins and
> dns automatic, I can no longer browse. The ipv4 isatap on the client
> says disconnected. If I attempt to use DHCP over ipsec, the
> connection fails stating there is no DHCP response from the VPN.
> 

Hi Charles,

DNS is sometimes tricky.  The first thing to check is, when you have
Shrew configured to receive DNS and WINS, whether the Cisco is actually
delivering it.  You can use the Trace utility and examine the iked
output, it will echo the configuration response from the gateway.

Another problem may be that Cisco provides DNS and WINS settings that
are unreachable through the tunnel.  That sometimes happens when public
(or Internet) DNS IP settings are delivered, but the VPN configuration
only allows access to the private (internal) network.