Cisco Routers :: RV180 VPN Tunnel To RVS4000 Not Connecting
Oct 8, 2009
I'm replacing my RVS4000 with the RV180 but having VPN connection issues with the RV180. Let me know the VPN tunnels work perfectly fine on the RVS4000.I have configured my RV180 for 3 VPN tunnels. My ISP is Comcast (cable) Business class with a Static IP. First VPN tunnel is to another Comcast ISP and the VPN works flawlessly - connects immediately.Second VPN Tunnel is to Business class ISP (Verizon-NJ) and VPN will NOT connect.Third VPN Tunnel is to Business class ISP (Cox Network-VA) and VPN will NOT connect.I had opened both the RVS4000 and RV180 up on a browser and both settings from the units were idential. I reconnect the RVS4000, VPN tunnels work great, I unplug and reconnect the RV180, the Comcast VPN works, but the other two do not.From what the log is saying "[IKE] WARNING: no phase2 found" and the other says "[IKE] ERROR: remote identifier not found". It has to be something with the RV180 that I'm missing or possibly configuring incorrectly.
I recently purchased a RVS 4000 (firmware V220.127.116.11) and am having some issues creating a second (third...fourth?) IPSec VPN Tunnel. The first one is up and running just fine. On the VPN Summary screen it says [1 Tunnels Used 4 Tunnels Available].
When I go to configure the second tunnel, I select --New-- from the "Select Tunnel Entry" drop down and proceed to fill in all the connection information. When I click Save, it seems to be processing and after a few seconds just returns me to the same screen, with none of the information I just input and no connection created. No errors given.
I have another RVS4000 to connect at a different location which will require a similar setup, but don't want to do anything with it until I have the one mentioned above working fully.
My RVS4000 router freezes up when a lot of data is being pushed through the Ipsec tunnel. Let me explain in detail.
On physical location A, I have an RVS4000 router (with IP 192.168.3.1) which is permanently connected with a WRVS4400 router (with IP 192.168.1.1) on physical location B. The Ipsec tunnel has been configured using the Easy Setup Wizard of Cisco and has been working fine and stable for months. Both routers have another Ipsec tunnel with another WRVS4400 router (with IP 192.168.2.1) on physical location C, but this router does not play a role in the problem below.Recently, I’m trying to set up a remote backup service between physical location A and B using “rsync”, which uses port 873. Due to the Ipsec/VPN tunnel, I could configure rsync to move the backup files from our NAS on location A (NAS has IP 192.168.1.2) directly to location B (NAS has IP 192.168.3.2). Both NAS-devices are of the brand Synology (DS211J). The Ipsec tunnel guarantees that the data is coded and thus secure.
However, when pushing the first batch of data, I noticed that the router on the receiving end (RVS4000) freezes up after approx. 1,5h after the batch has started, which is after approx. 1 gigabyte of data has been transmitted. The connection with the WAN is lost, also the VPN-tunnel is not working, I cannot ping the device or reach its configuration pages (on 192.168.3.1), the only option is unplugging it and letting it reboot. I’m thinking the router cannot deal with the huge amount of data that needs to be decoded. I tried 5/6 times, with always the same result (timing / amount of data pushed through before router freezes varies slightly).
I have a RVS4000 at one location and a second RVS4000 at home. I have established an IPSec VPN tunnel between them and it is UP. I can ping the routers from each end no problem. I can ping the IPs listed in the "Local Group Setup" and the "Remote Group Setup" from both ends no problem. I can even open up a shared resource from a Win 7 machine (e.g. by typing \10.10.10.100 in start-run from a computer on my home network).
But - i can't ping anything else on one network from the other. What gives? I need to access a 10.10.10.101 machine but can't even ping it.
- both RVS4000 boxes have latest firmware (V18.104.22.168) - home RVS4000 setup with IP 10.10.11.1 - home network has a server with IP 10.10.11.20 - other location RVS4000 setup with IP 10.10.10.1 - other location server setup with IP 10.10.10.100
Tunnel settings on home RVS4000 (the other location properly mirror these). - Local Security Gateway Type : IP Only - Local Security Group Type : Subnet [code]....
I'm trying to set up a VPN tunnel between a Linux machine and a RVS4000 at a remote site (served via satellite connection). After many efforts, I finally succeeded (based on Openswan). However, while PINGing is OK, big packets (from the RVS4000 LAN to the Linux box) arrive corrupted.
I lowered the WAN MTU, with no success. What finally did the trick is to lower the MTU at the RVS4000 LAN interface. Since this is not possible via the Web I/F, I did it via telnet ("ifconfig eth0 mtu 1400"). However, this change is lost after router reboot. How can I make the LAN MTU setting permanent?
When I use QuickVPN under XP, I connect to my RVS4000 without problems. When I switch to new computer running Windows 7 and V4.2.1 QuickVPN I can get all the way to Verifying Network. Then I get the message that: "The remote gateway is not responding. Do you want to wait?" - repeatedly. The icon in the tool bar remains with a red slash and I am unable to ping devices on the lan side of the router. However, when I check the VPN Summary on the router, I see that it thinks I'm connected. When I check the VPN log I see that I am not:
Oct 12 10:27:53 - Configuration changed! Oct 12 10:28:33 - Configuration changed! Oct 12 10:28:34 - [VPN Log]: added connection description "ValR_rw_rw"
I've disabled MS Security Essentials and made sure the Firewall is on. IPSec Policy Agent and IKE and AuthIP IPSec Keying Modules services are both started. I've created a rule to allow QuickVPN throught the firwall in and out and a rule to let traffic on 443 and 60443 UDP and TCP through the Firewall.
I'm trying to connect my WAG160N as a ADSL modem (disable the router function) and connect a real router (RVS4000)So, i put my WAG160N on birdged mode only, disable the DHCP on my RVS4000, i did configure my PPPOE access (user and password), change the IP adress 192.168.0.2.configure the DHCP and try to connect. i tryed to connect the RVS4000 and the WAG160N either with cross cable or a direct cable. I can get access to the RVS4000 192.168.0.2 and get access to the configuration menu but cannot get access to my WAG160N 192.168.0.1 even a simple ping.when i try to test the connection on my RVS4000 (status) it seems that my connection is up but i cannot get access to internet.
Can I have use a Gateway-to-Gateway IPSec tunnel whereby a user can surf the Internet using his local Internet connection and at the same time connect through the IPSec tunnel to a remote subnet using RVS4000 routers?
I have a Cisco RV220W updated to latest firmware 22.214.171.124. I have been trying to get a VPN setup for the past few days without success. We had a test VPN up and running previously, but when we changed the IP's and secret key to connect the live VPN tunnel it failed and we haven't been able to get it working since.We have deleted both ends, rebuilt them probably 6 times each. We have changed secret keys, tried 3DES, AES, and AES256 encryptions with SHA-1. All the internal IP settings are correct :IE 192.168.1.1/24 or 192.168.1.1 255.255.255.0,External IP's are right, only oddball thing here is one of the external IP's is assigned by DHCP and is a /22 although the previous tunnel worked with the same ISP.
I have succesfully config an IPSec VPN Tunnel by using a Router Scientific Atlanta Cisco 2320 and a RVS4000 4-Port Gigabit Security Router with VPN.On the site of Router Scientific Atlanta Cisco 2320 this is some info: [code] On the site of RVS4000 4-Port Gigabit Security Router with VPN this is some info: [code] Remember that you can not be on the same range of IP, I mean, you can not have 192.168.0.X if the remote network is on 192.168.0.X, you have to change some of the Routers.I show the configuration on Router Scientific Atlanta Cisco 2320: I show the configuration on RVS4000 4-Port Gigabit Security Router with VPN:If all is correctly configured, you should see on Router Scientific Atlanta Cisco 2320 the Status Connected:
If all is correctly configured, you should see on RVS4000 4-Port Gigabit Security Router with VPN the Status Up.As you can see, I'm connected to the remote Router (RVS4000 4-Port Gigabit Security Router with VPN) by my own web browser accesing by the local IP 192.168.0.10.I have used Authentication MD5, maybe is not the best one but I had no time to test SHA1, I will when I will have time.
I have 2 internet connections in my office one via Verizon Fios and another one via the local cable company. On the fios connection I have an RV042 VPN router and on the Cable company connection I have an rvs4000 router, I would like to know if there is a way I can connect the 2 so I can share a printer I have on one of the 2 networks from the other network without using the VPN feature, like via an ethernet cable connected between the 2 and some kind of static route maybe?
I have an RV180 VPN router.I try to enable the VPN users with PPTP or QuickVPN but is not working.For PPTP sometimes my windows 7 connects to the router, sometimes doesn't connect with a random error message.When it connects, the windows 7 from outside the lan can see the computers from inside the lan but the computers from inside the lan cannot see the windows7 one. This is random also. When i succed to connect, from that computer, the internet is not working anymore.I tried to set the VPN in the same subnet as lan, i tried with different subnet. Is not working.I updated the last firmware. The same.Restore factory settings couple of times, the same.
I noticed if you add more than 10 access rules to the Access Rule table, you are unable to reorder past the first 10.Steps to reproduce:Create 11 rules of the same stream direction, outbound or inbound (...I found the bug with outbound, did not test inbound).try to reorder one of the first 10 rules to the end of the list, either by entering "11" manually, or by pressing the down arrow.System responds that "11" is an invalid number, or that the rule cannot be moved.This issue is not reported in the "Known Issues" section of the release notes for 126.96.36.199.
In both cases above, after I started to suspect QOS, I entered a narrow IP range to test and then a MAC to test. Using a VLAN seems to work fine and generate no errors - even a VLAN for the same associated host(s).
I have a support case open about this - didn't get too far yet, but now with a better repro, maybe they will.
I currently have an RV180 in a small business set-up and curently being accessed remotely by laptops (Quick VPN) and Ipads/Android ICS tablets (PPTP). All is working well but I've become concerned about the security risks of PPTP and would like to shift the tablets to IPSec.
1) For a small business are the PPTP risks real?
2) What are the alternatives for Android ICS? I can't find a Quick VPN client for Android.
3) I can't get the core IPSec VPN in Android to connect to the RV180? Is this possible?
I have RV180 configured with two VLANs. First VLAN is untagged and second VLAN is tagged. The purpose is two have two subnets, with the second subnet used for guest access. Both VLANs have DHCP server enabled. First VLAN is 192.168.1.0/24 and the second VLAN is 192.168.2.0/24, When I connect a computer with untagged Ethernet interface, it gets an IP address from DHCP server on the first subnet i.e. 192.168.1.100 and it can successfully access Internet. When I connect a computer with tagged Ethernet interface (I am using VLAN ID 10), it gets an IP address from DHCP server on the second VLAN i.e. 192.168.2.100. So far so good. I can successfully ping hosts on the Internet i.e. ping www.google.com. But I cannot access Internet from the web browser. I captured Wireshark trace and here is what I see...
1. TCP SYN. Source IP 192.168.2.100, destination IP A.B.C.D. Ethernet frame has VLAN tag (VLAN ID 10) 2. TCP SYN ACK. Source IP A.B.C.D, destination IP 192.168.2.100. Ethernet frame has VLAN tag (VLAN ID 10) 3. TCP ACK. Source IP 192.168.2.100, destination IP A.B.C.D. Ethernet frame has VLAN tag (VLAN ID 10) 4. TCP Data. Source IP 192.168.2.100, destination IP A.B.C.D. Ethernet frame has VLAN tag (VLAN ID 10) 5. TCP Data. Source IP A.B.C.D, destination IP 192.168.2.100. Frame is untagged
The problem is at #5. Packet came back from the Web Server. RV180 properly NATed it to the local IP address. But it did not add VLAN tag.
I just recieved a new RV180 yesterday and it will not connect to my switch. Router was updated to the newest firmware, reset to factory settings. I did change the ip and ip range. Router works fine with one computer attached direct. As soon as I connect my sf300-24P to it, the WAN and LAN lights all light up and then go out. Only the WAN will light back up. I have no connectivity to the router. I plug the laptop to the router directly and no LAN lights come on and can not see the router with arp -a.
I'm considering upgrading a small business to the newly released RV180 or RV180W.Does the RV180 series support 6rd (IPv6 rapid deployment?).I see 6rd documented in the other small business routers (e.g. RV110), but I can't find it in the RV180 documentation.
I'm having issues getting QuickVPN to connect. I think it's an issue pinging the gateway but I'm not 100% sure. We are using Comcast Business, I have placed the RV180 in the DMZ. The setup looks like this: Internet -> Comcast router -> RV180 (DHCP) -> rest of network.
Is there a guide to setup a VPN connection using this router? I've follow the setup guide provided by cisco but I'm having issues. When attempting to connect using the quick vpn client, I get error messages.
Any news on a new firmware for the RV180? I have the most recent version but it still has lots of bugs. IPSec needs polishing. In addition the Logging functions don't work well. I can't send to a syslog and when I try to email the logs I get a email saying there is no data even though several pages of enteries are visible in the web GUI. I've checked the profiles and they are correct. I even tried using just the 'default' profile but no luck.
I have a Cisco Small Business RV180 and I have several VPN users configured. IPsec between my home router (also an RV180) and work router (router in question) is working fine, several PPTP users working fine and 1 QVPN user that works as well. I set up another qvpn user and it didn't work. I went back into the router to check and make sure I hadn't goofed something up and saw that I had 8 lines, 1 and 2 were the QVPN users and 6 other PPTP users, however, the "pages" footer (for lack of a better word) only displays 1 -5 of 5 instead of the 1-8 of 8 I would expect it to show.I dumped the cfg file and opened it up, all 8 user configurations show up. One was my user account which showed negative numbers for the logon time, something like -1day -hours -minutes -sec, so I thought that that might be locking up the router or something so I deleted my PPTP account but it didn't allow the new user access. I deleted all PPTP accounts and no luck there either.I'm running firmware 188.8.131.52.
I am contemplating replacing my Juniper Netscreen 5GT with this new RV180.
serial number 161303LB RVC180 V01
However, it will not connect to my ISP (DSLExtreme) using the same settings I have been using for multiple years. DSLExtreme is using AT&T DSLAMS, as you likely know, and I am unaware of anything unique about how they serve DHCP?
The Cisco wizard sits on the WAN configuration check forever, and never connects. I have rebooted it and allowed it to sit for fifteen minutes trying. I think that is enough.
The 5GT WAN interface is configured for "DCHP Client" and that is how the RV180 is configured.
It is a standard 6MB DSL line, I have tried both the existing cable, as well as the provided one to connect to the D-Link 2320B modem/bridge, which, as I indicated, syncs almost instantly with the Netscreen. No difference when the cables are swapped.