Cisco 877?

I have a Cisco 877 I’m trying to connect to this service without success.

For starters, I can’t import the certificate, have converted to PEM, will not import for some reason.

Is it possible at all to set this up? Any success stories?

Dan

Hello @dtm37,

Our VPN has only been tested on routers that are running the DD-WRT or Tomato Firmware. For information regarding setting the VPN up on the DD-WRT firmware, you may visit

OpenVPN protocol - https://support.goldenfrog.com/hc/en-us/articles/204102956-OpenVPN
PPTP protocol - https://support.goldenfrog.com/hc/en-us/articles/203815646-PPTP

For information regarding setting the VPN up on the Tomato firmware, you may visit

VyprVPN Router App - https://support.goldenfrog.com/hc/en-us/articles/204103006-VyprVPN-Router-App
OpenVPN protocol - https://support.goldenfrog.com/hc/en-us/articles/204088603-OpenVPN

I noticed that your router isn’t compatible with either DD-WRT or Tomato according to their prospective websites. Thus I assume that you are setting the VPN up using the native firmware on the router. This has not been tested and we cannot guarantee it to work. However, we would be glad to assist you to the best of our abilities. Please note that support will be limited in this case.

  1. Please provide us with the exact error message that you are receiving upon attempting to import the VPN certificate.
  2. What protocol are you attempting to setup the VPN using? PPTP, L2TP, or OpenVPN?
  3. Are you able to setup the VPN using any of the available protocols?
  4. Which server location are you attempting to setup the VPN to connect to?
  5. Are you able to setup the VPN to connect to any of the VPN servers?

Thank you for your patience and cooperation in this matter!

Samuel
Golden Frog Support

I think the problem here is my Cisco skills are pretty minimal.

  1. Trying to use pre-shared key now instead of certificate.
  2. Tried L2TP/IPSec, too difficult with my knowledge, so i’m trying PPTP.
  3. Not yet. I think progress is being made though!
  4. Seattle
  5. Yes, but this isn’t the issue at the moment, my dialer isn’t connecting for some reason now.

Will post the config if I can get the thing to work.

Ok, ended up giving up on Cisco, using my Synology NAS instead.

Thanks for the help, if anyone gets their Cisco working, I’d like to hear from you :smile:

Hello @dtm37,

I am glad to hear that you were able to get connected to the VPN through your Synology NAS device instead. Regarding connecting on the Cisco 877 router, please provide us with a screenshot of your current settings for us to review, should you wish for us to assist you to the best of our ability.

Regards,
Samuel
Golden Frog Support

Hi Samuel,

The Synology NAS VPN connection isn’t really working out. I’ve decided to give the Cisco another crack. After a few weeks of failing now, I can’t lose much by posting what I have. Hopefully someone can assist.

Below is partial config, I’m not going to post the full config, but if required parts are missing I can post them.

!
crypto isakmp policy 10
 encr 3des
 authentication pre-share
 group 2
 lifetime 4000
!
crypto isakmp key thisisourkey address **TARGET_SERVER**
!
crypto ipsec transform-set ESP-AES256-SHA1 esp-aes 256 esp-sha-hmac
 mode transport
!
! Crypto map that will catch our L2TP Traffic defined in the L2TP_TRAFFIC ACL.
!
crypto map L2TP_VPN 10 ipsec-isakmp
 set peer **TARGET_SERVER**
 set transform-set ESP-AES256-SHA1
 match address L2TP_TRAFFIC
!
! Match the L2TP traffic.
!
ip access-list extended L2TP_TRAFFIC
 permit udp host **MY_EXTERNAL_IPADDRESS** eq 1701 host **TARGET_SERVER** eq 1701
!
! Apply the crypto map to the outbound\internet facing interface. 
!
interface Dialer0
 crypto map L2TP_VPN
!
! Define the psuedowire class that will speak L2TP and the source interface. 
!
pseudowire-class L2TP_PW
 encapsulation l2tpv2
 ip local interface Dialer0
!
! Create Virtual-PPP interface to bind the psuedowire class to. 
!
interface Virtual-PPP1
 description --- GoldenFrog VPN Tunnel ---
 ip address negotiated
 ppp chap hostname **MY_USERNAME**
 ppp chap password **MY_PASSWORD**
 ppp ipcp address accept
 pseudowire **TARGET_SERVER** 1 pw-class L2TP_PW

As you can see below, the interface Virtual-PPP1 is down, it never manages to connect.

Interface                  IP-Address      OK? Method Status                Protocol
ATM0                       unassigned      YES NVRAM  up                    up      
Dialer0                    MY_EXTERNAL_IP  YES IPCP   up                    up      
FastEthernet0              unassigned      YES unset  up                    up      
FastEthernet1              unassigned      YES unset  up                    up      
NVI0                       unassigned      YES unset  administratively down down    
Virtual-PPP1               unassigned      YES manual up                    down    
Vlan1                      LOCAL_LAN_IP    YES NVRAM  up                    up      

Any help is apreciated, I don’t think that I’m far off the mark here.

Hello @dtm37,

Thank you for getting back to us and I am sorry to hear that
you are having connection issues with your Synology NAS. I would like to inform
you that with the information that you provided about your setup with Cisco 877
connecting over L2TP is outside the realm of our support. But this information
should assist the Golden Frog Community in assist you on creating this
connection using L2TP, if others have done so with in our Community.

As for your Synology NAS if you are running 5.0?

Are you having any issues with the setups listed below?

https://support.goldenfrog.com/hc/en-us/articles/204088653-PPTP

https://support.goldenfrog.com/hc/en-us/articles/204088673-OpenVPN

Can you tell us what happens when you attempt to connect?

Thank you so much for your time and understanding as we look
in to this issue!

Cody

Support Team

Hi Cody,

I’m running 5.0, the issue is my network at home. The NAS option worked, but it was just too slow. It was slow because of my network, not the VPN itself.

I’m currently studying my CCNA, so I hope to work out how to do this on my own before the end of the year. If someone in the community could assist, that would be great.

I haven’t had much luck with this config at all.

Followed this, which shows how to configure using Private Internet Access. I thought it would be pretty straight forward to translate to VyprVPN, but not the case.

I’m starting to think I should have just gone with PIA.

Hello @dtm37,

Just to clarify, which of the following instructions are you currently having problems connecting with?

https://support.goldenfrog.com/hc/en-us/articles/204088653-PPTP

https://support.goldenfrog.com/hc/en-us/articles/204088673-OpenVPN

Also, with regards to your last post, are you still attempting to get the NAS set up, or do you mean now you are only attempting to use the VyprVPN app?

We would like to try to assist you further with this. Can you please contact us at support@goldenfrog.com? We would like to gather more details, screenshots, etc from you so we can dig deeper.

Thank you for your patience and cooperation in this matter!

Carlos
Golden Frog Support

Hi Carlos,

I’m not using the NAS, that option was far too slow and unreliable for my needs. I’m trying to setup the VPN manually on the Cisco router so that my whole family is protected by the VPN, not just my machine.

I use the apps for mobile/mac when I’m outside the network, but my goal here is to have all internet from my home router going through the VPN. Reading that post I linked to earlier, it is possible to do this with another provider, surely it is possible here.

As the weeks go by, I’m slowly getting more of this working, but it’s pretty frustrating.

Hello,

We would like to assist further, but please bear in mind that your router’s proprietary firmware is not a typical or supported setup so we cannot guarantee it will work. If you can send screenshots of your router’s configuration settings to support@goldenfrog.com, we can then review those and we may be able to suggest changes.

Carlos
Golden Frog Support

Thanks carlosz, I have submitted as much information as I can in a support ticket.

I am getting closer to this working, phase 2 of the negotiation appears to have a problem somewhere. This causing CONFREQ to timeout.

Dan

dtm37: Any progress on this? I’m trying the same thing but I’m stuck at the same point you are.Are you sure that the transform-set/isakmp policy pair is the right one for the connection?

I would like to inform you that the information you provided about your configuration with Cisco 877 connecting through L2TP is beyond the scope of our support. However, this information should help the Golden Frog Community to help you create this connection using L2TP, if others have done so in our Community. Cisco 210-255 VCE

Has anyone been able to get this working? I was able to setup a tunnel using strongvpn service and L2TP, but i switched to vyprvpn and I am unable to get this to work with cert authentication that vypr uses. If this can be accomplished on cheap home routers, I know it’s possible on enterprise grade devices.

thanks

Hey @greenemk,

If you can email us directly with screenshots of your router’s configuration to support@goldenfrog.com, we might be able to make some suggestions for your specific setup.

Cheers,

Katherine
Support Team

1 Like