VPN problem...

Alex Hewitt hewitt_tech at comcast.net
Thu Oct 1 16:59:52 EDT 2009 

I recently was relating on the list how a client was having a problem 
with their Linksys BEFSX41 router and the solution was that Linksys 
RMA'd the router. They apparently have removed the BEFSX41 model from 
their active product list so they sent me a BEFVP41 v2 model. I received 
it yesterday, configured it and tested it from my office network. The 
router was set to obtain it's WAN address dynamically from it's WAN 
connection. It connected fine to a wireless bridge that I use for this 
purpose and I could surf the web from behind it with a PC. I then 
configured the VPN tunnel exactly as the old router was set up and it 
immediately connected to the customer's end point and I could ping 
systems located at the end point LAN. I tore down the setup and put the 
router in a container to set up at my client's location this morning.

I got to the client site and thought that all that was going to be 
necessary was to set the WAN address of the Linksys router to match the 
static address being provided by Comcast at the customer location. As 
soon as I did that I was able to connect to the internet from behind the 
router. But I then noticed that the VPN was not connected. Since the VPN 
settings were identical to the previous router there shouldn't have been 
a problem. For the fun of it I set the router to obtain it's WAN address 
dynamically and immediately the VPN tunnel connected. I checked the logs 
but didn't see anything obviously wrong. I did notice that when the 
router is setup to use a dynamic address, it has the correct date and 
time. When it's set up with a static address the status page says "time 
unavailable". I think this might be part of the problem. If the router 
doesn't know the time (perhaps the clock can't be used?) then the VPN 
connection might not work. I'm also puzzled as to what server it's 
requesting date/time data from. It has the ability to manually set the 
time zone but doesn't give any choices as to which ntp server to use.

Does anyone have any ideas? So far Linksys support hasn't been very useful.

-Alex

More information about the gnhlug-discuss mailing list