![]() | ||||||||
|
|
![]() |
![]() |
![]()
You have a Linksys Etherfast Cable / DSL router and are having problems with:
You can also try the Linksys Support page and Tech Helper for the router, or contact Linksys support via one of the following methods:
Open ports on WAN side (security issues) To fix the above security problem, download and install the firmware update, if your router has firmware earlier than V1.22. Upgrade instructions are in a ReadME doc that comes with the update. Updated 9/3/01 Problems using PPPoE AND VPN If you are trying to use either PPTP or IPsec tunnels over a PPPoE connection, you may have problems establishing a connection. In some firmware versions there is a problem with the router's ability to properly adjust the packet size for a connection that uses BOTH PPPoE and one of the VPN protocols. Upgrading to version 1.39 or higher firmware will fix the packet size problem. You then may need to forward ports to your VPN client, based on the type of VPN connection you are using. Updated 9/23/00 Using PPPoE If you are having problems maintaining a PPPoE connection, try V1.35 or higher firmware. See more firmware info on this page. There's also a Windows application you can try. Go here for more info. Also see the PPPoE help information on this page.
You now should be able to connect to the Internet and the router will take care of managing the PPPoE login. Updated 2/24/01 Using PPTP (MS VPN)
PPTP is Microsoft's protocol for Virtual Private Networks (VPN). If you have PPTP Clients on your LAN, you just need to enable PPTP pass-thru as noted above. You also need to properly configure a VPN connection profile in each of your PPTP clients.
Many users have reported problems accessing a PPTP server on the LAN side of the router from the Internet. This problem was fixed as of the V1.23 firmware update, so just upgrade to the latest firmware if your firmware revision is lower than 1.23.
You can find more general PPTP information on this page, and general VPN help on this page. 9/8/01 Using IPsec
IPSec support was added in 1.30. We've received successful reports of the following IPSec clients working with the new firmware:
Compatible Systems (now a part of Cisco) IntraPort VPN client, which is IPSec based, will work, even without IPsec forwarding turned on.
5/22/00 Try this if you're having problems getting the IntraPort VPN working: At first I couldn't get VPN to work. I tried all sorts of things and no luck. I was able to watch packets go out through the router to the VPN server at our site, but no packets made it back through the router. I actually started up a tech support call with Linksys when I decided to check the VPN client code to see if there was some sort of configuration switch that was obvious. Lucky me, there was exactly such a switch. It was labled "Use NAT Transparency Mode". Since the router does NAT, it seemed like the thing to try. Turned it on, VPN circuit came up and runs fine. 8/2/00 Still having problems getting IPsec to work? Check this. General VPN help can be found on this page, including a link to a very complete Checkpoint Firewall-1 FAQ page. Getting a "stealth" ShieldsUP report. The Linksys responds to a port probe by replying with an "open" or "closed" status. This reply (vs. not replying at all) keeps you from getting a "stealth" result from the ShieldsUp port probe test. Although "stealth" isn't a important as you might think (especially if you then are opening ports or using the DMZ mode for special applications... read this for more info), you can get a "stealth" report by using the DMZ feature and entering an IP address for a computer that doesn't exist. If you are using the built-in DHCP server, then use an address between 192.168.1.2 and 192.168.1.99 so that you don't accidently collide with a DHCP served address. Updated 4/6/00 The V1.22 firmware update adds a "Block WAN Request" Enable/Disable option. This is found on the bottom of the Filters page of the Router Admin pages (access it via the "Advanced" tab). Here's what the Help button description says: This feature is designed to prevent users from attacking through the Internet. While enabled, the router will drop both the unaccepted TCP request and ICMP packets from the WAN side. The hacker will not find the router by pinging the WAN IP address. Using SSH Info on ssh clients can be found on this page. Here's one reader's report on using SSH with the router: Flashed the latest firmware (1.22). It was shipped with 1.21.1. SSH connected through the router first time, no sweat. Using the F-Secure SSH 1 implementation. 3 key DES encryption. Password visible in admin page source code security vulnerability Earlier versions (1.36 for example) of Linksys router firmware embed the router admin password and PPPoE account information in plain text in the HTML code for the admin and password pages. Access to the router's LAN and a network "sniffer" are required for the vulnerability to be seen. The vulnerability can be fixed by upgrading to the latest firmware. See this SecurityFocus article for details.
|
Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums |