Description:

This document describes how to manually uninstall or edit a VPN client connection.

Requirements:

This document assumes that you have the latest firmware for your router and the latest version of the LANtools.

The firmware and LANtools are available for free download from our homepage.

Download


Possible scenarios:
  1. A VPN client connection is to be deleted.
  2. If an existing VPN connection is to be edited, for example to assign a client with a fixed IP number instead of a dynamic one, or to change the PPP password or preshared key, then the VPN client connection can be overwritten by selecting the same name for the new connection with the help of the Setup Wizard.

Notice:
  1. ( ! ) Make a backup of your configuration (LANconfig > Save configuration as file) before you make any changes to the configuration.
  2. This document shows you the LANconfig dialogs which allow small changes to be made without having to set up the connection from the beginning.


Procedure:

Remove/edit the entries marked in the screenshots:


IP router -> Routing -> Routing table:

You only need to create this entry if the client's IP number is to be fixed, and not allocated from a pool of available IP addresses. This IP number can be edited here and in the VPN connection list (!).



TCP/IP > Addresses > Address pool for dial-in access:

The client IP can be edited here if it is allocated from an IP address pool.

Warning!: This setting applies to all dial-in access accounts, including any ISDN RAS dial-in accounts. When uninstalling a VPN client connection, you may prefer to leave the entry intact.



Firewall/QoS -> Rules

If necessary, remove/edit any firewall rules:
Generally speaking, rules are only created here when "Access to all destination addresses" was activated in the client configuration and access is required to other networks "behind" the router.
It is not absolutely necessary to delete a rule when uninstalling a VPN client.



NetBIOS > General > NetBIOS over IP routing table:

If NetBIOS is routed over the client connection, then the station must be removed.
Otherwise a 'Display/Error Trace' in Telnet would continually produce the error message "Remote peer unavailable".



VPN > General > Connection list:

Delete entry, edit the hold time, or edit/delete the client (gateway) IP number

Deleting/editing the gateway:
- Also edit/delete the IP number from the IP routing table

Changing from a fixed IP number to an address pool:
- Also edit/delete the IP number from the IP routing table
- under TCP/IP > Addresses, define an IP address range for dial-in access



VPN > General > Connection parameters:



VPN -> IKE param. > IKE proposal lists:



VPN -> IKE Auth. -> IKE keys and identities:



VPN > IPsec param > IPsec proposal lists:



Notice:
  • ( ! ) Make a backup of your configuration (LANconfig > Save configuration as file) before you make any changes to the configuration.
  • If an existing VPN connection is to be edited, for example to assign a client with a fixed IP number instead of a dynamic one, or to change the PPP password or preshared key, then the VPN client connection can be overwritten by selecting the same name for the new connection with the help of the Setup Wizard.
  • Each item is described by popup help text. Just click on the question mark at the top right of the dialog.^