10-16-2011 01:02 PM
Hello,
I'm having a heck of a time connecting the WRVS4400N VPN to another WRVS4400N VPN. both of the routers have the current firmware version
V2.0.2.1: Router 1 is below, and router 2 has the matching configuration with as it should be the local group being that routers local information and the remote crew set up being router ones information. the status is up on both of the routers, but I'm unable to ping the remote gateway or any device behind it.
I've tried many different configurations but still having no luck. Does anybody have any idea or has anyone had this particular problem and been able to fix it. Any help would be greatly appreciated.
Router 1
1 Tunnel_1 Up 3DES/SHA-1 10.1.1.0 / 255.255.255.0 10.2.2.0 / 255.255.255.0 55.55.55.55
Local Group Setup
Local Security Gateway Type: IP Only
IP address: 24.24.24.24
Local Security Group Type: Subnet
IP address: 10.1.1.0
Subnet Mask: 255.255.255.0
Remote Group Setup
Local Security Gateway Type: IP Only
IP address: 55.55.55.55
Local Security Group Type: Subnet
IP address: 10.2.2.0
Subnet Mask: 255.255.255.0
IPSec Setup
Keying Mode: IKE with Preshared Key
Phase 1:
Encryption: 3DES
Authentication: SHA1
Group: 1024-bit
Key Lifetime: 29900 sec
Phase 2:
Encryption: 3DES
Authentication: SHA1
Perfect Forward Secrecy: Enable
Preshared Key: anything
Group: 1024-bit
Key Lifetime: 3600 sec
Status: Up
10-17-2011 02:24 AM
Under the Firewall settings on the WRVS4400N do you have "Block WAN Requests" disabled? If not please disable this option.
THANKS
Rick Roe
Cisco Small Business Support Center
10-17-2011 11:32 AM
Thank you so much riroe for the reply.
I have "Block WAN Requests" disabled on both sides and was able to ping the WAN from the Internet, but I can't ping my remote LAN via the tunnel.
10-17-2011 01:58 PM
Hello,
If you go to Administration-> Diagnostics, can you ping the LAN IP of the remote router? If so, check the LAN devices at each end for Firewall or Antivirus software that will block any traffic from an unknown (untrusted) network. You may need to create a rule in that software to allow connections from the remote LAN subnet.
10-17-2011 07:33 PM
Thanks mphyala for the reply.
I'm unable to ping the LAN via the Router Diagnostics of the remote. Both of the computers Antivirus software is Microsoft SE that's not blocking VPN access. I even tested the routers by turning off both router firewalls and WAN ping blocking, reset to factory defaults, changed the IP's but still no luck. Windows 7 needs to have the firewall on other wise it closes ports. Both computers are running Win7; one 32 bit and the other 64 bit.
Even without a rule I should have been able to ping the gateway address because it's not part of the computer, but part of the router.
10-18-2011 05:36 PM
Here’s what the problem was for me. My ISP cable modem needed to have DHCP Server enabled and Pass Through set (Advanced Gateway - Pass Through) for the Cisco Router and it was. However, for some reason the LAN address was also in the Advanced Gateway - Pass Through. After removing the LAN from Pass Through the tunnel worked and I was able to ping the remote gateway.
Hopefully this will help someone else. It’s really hard to find fixed issue information anywhere on the Net about this.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide