FW: [VPN] Ciscon 3060 and Linksys or Netgear or Dlink or.....

Fri Jan 23 12:07:59 EST 2004

We found for the SX41, when the tunnel was up which came up fairly
easily; the packets took a long time to finally understand the tunnel
was present. 
If it wasn't for the 3005 interface, we would never have know they were
up.
Might have been my poor understanding of how the Linksys routes. The
Linksys support official response on "advanced routing issues" was we
don't support "advanced routing over the phone". I have still have the
Ticket numbers if there are any Linksys support people listening. 
We have started working with WRV54G and it has the same issue. Tunnel
comes up pretty easily but packets between take easily 60 minutes before
the routes are fully understood. The ping diagnostic doesn't work very
well beyond the endpoints of the tunnels. At least the remote management
is 100x faster than with the SX41.

For the DI-804HV, it must be rebooted after every setting change and we
spent nearly 4 weeks working with the Taiwan R&D people from Dlink
building tunnels back and forth to capture packets and then testing the
beta bins.
There was no "connected" or "successful connection" alert anywhere (the
linksys has one) so the Syslog capture telling of Phase 2 completion was
the only means of tunnel success other than the 3005 interface. That was
a big request on our wish list. When we finally gave up on the 804HV,
the R&D engineers still couldn't provide us with a number of things
including most of OID stuff and Error codes. The ping function did not
work to the endpoints, and you have to reset the clock every 24 hours or
it loses up to 60 minutes a day.
This info is all 4 months old now WRT the 804. While we have some lying
around still, we don't use them much. If the 804 will be remote, include
a cheap external modem for reset and the bin code handy local to the
804. Using the ADSL setting and static routes commands together hard
boiled them instantly to the point we had to manual reset and reload the
bin.

The Syslog from both is almost (not quite) useless. Both devices spend a
great deal of time attempting the quick mode (QM) connections. So far
only the WRV54G has been able to send the Syslog through the tunnel for
central logging.

That being said the some of the DLink techs raised the bar so far above
the Linksys tech support people that I should not say any more or I
would sound too biased.

Finally I would be happy to send the bin files (SX41 doesn't have a
backup bin function) for the 804HV and WRV54G, they might be useful are
our central concentrator is 3005 VPN with 64 MB and 4 code.

HTH
Regan Smith

enTrac Technologies Inc.

-----Original Message-----
From: Walt Reynolds [mailto:waltr at umich.edu] 
Sent: January 22, 2004 7:47 AM
To: vpn at lists.shmoo.com
Subject: [VPN] Ciscon 3060 and Linksys or Netgear or Dlink or.....

Howdy,

I am wondering if anyone out there has set up a tunnel between a cisco
concentrator and one of the smaller hardware VPN boxes (IPSec).  A few
examples are as follows:

Linksys BEFSX41
DLink DI-804HV
Netopia R910
NetGear FVS318

Any informational feedback would be appreciated.  Both pros and cons.

-- Walt Reynolds
   University of Michigan
_______________________________________________
VPN mailing list
VPN at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn

********************************************************************************************************* 

This e-mail and any attached files may contain confidential and/or privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited.  If you are not the intended recipient (or authorized to receive this e-mail for the recipient), please contact the sender by reply e-mail and destroy all copies of this e-mail. Unless otherwise stated, opinions expressed in this e-mail are those of the author and are not endorsed by the author's employer. 

********************************************************************************************************* 