01-17-2017 03:02 PM
Hello,
After updating the RV320 firmware to 1.3.2.02 my gateway to gateway VPN connection does not work anymore.
I try to understand the issue but there is not IPSec VPN log anymore (although all logs checked), so no error message to help me.
I am the only one to experience this problem ?
Below my configuration on the 2 gateways.
Thanks in advance,
Philippe
*************
GATEWAY 1
———————
Local Group Setup
Local Security Gateway Type: IP + FDQN
IP Address: 81.XX.XX.XX
Domain Name: XXX.com
Local Security Group Type: Subnet
IP Address: 10.0.1.1
Subnet Mask: 255.255.255.0
Remote Group Setup
Remote Security Gateway Type: IP + FDQN
IP Address: 212.XX.XX.XX
Domain Name: YYY.com
Remote Security Group Type: Subnet
IP Address: 10.0.0.0
Subnet Mask: 255.255.255.0
IPSec Setup
Phase 1 DH Group: Group 1
Phase 1 Encryption: 3DES
Phase 1 Authentication: MD4
Phase 1 SA Lifetime: 28800
Perfect Forward Secrecy: checked
Phase 2 DH Group: Group1
Phase 2 Encryption: 3DES
Phase 2 Authentication: MD5
Phase 2 SA Lifetime: 3600
Minimum Preshared Key Complexity: Enable
Preshared Key: xxxxxxxxxxxxxxxx
Preshared Key Strength Meter: checked
Advanced
Keep-Alive : checked
NetBIOS Broadcast : checked
NAT Traversal : checked
Dead Peer Detection Intervals : 10 sec
GATEWAY 2
———————
Local Group Setup
Local Security Gateway Type: IP + FDQN
IP Address: 212.XX.XX.XX
Domain Name: YYY.com
Local Security Group Type: Subnet
IP Address: 10.0.0.0
Subnet Mask: 255.255.255.0
Remote Group Setup
Remote Security Gateway Type: IP + FDQN
IP Address: 81.XX.XX.XX
Domain Name: XXX.com
Remote Security Group Type: Subnet
IP Address: 10.0.1.1
Subnet Mask: 255.255.255.0
IPSec Setup
Phase 1 DH Group: Group 1
Phase 1 Encryption: 3DES
Phase 1 Authentication: MD4
Phase 1 SA Lifetime: 28800
Perfect Forward Secrecy: checked
Phase 2 DH Group: Group1
Phase 2 Encryption: 3DES
Phase 2 Authentication: MD5
Phase 2 SA Lifetime: 3600
Minimum Preshared Key Complexity: Enable
Preshared Key: xxxxxxxxxxxxxxxx
Preshared Key Strength Meter: checked
Advanced
Keep-Alive : checked
NetBIOS Broadcast : checked
NAT Traversal : checked
Dead Peer Detection Intervals : 10 sec
Solved! Go to Solution.
01-19-2017 12:27 PM
Have you tried doing a factory reset and reconfiguring after upgrading the firmware?
01-19-2017 12:27 PM
Have you tried doing a factory reset and reconfiguring after upgrading the firmware?
02-19-2017 11:32 AM
I did a factory reset and a complete manual reconfiguration. This is lengthy but after a few weeks I can tell the problem did not reappear ! Thanks a lot for the advice.
02-19-2017 04:45 PM
Which older version did you upgrade from?
02-19-2017 11:18 PM
From 1.3.1.12 but I did several upgrades before without complete manual reconfiguration.
01-20-2017 12:16 AM
Hi Philippe, plz check keep-alive on one side only, otherwise both side will be initiator.
01-20-2017 04:09 AM
Hi Ami, thanks for your suggestion, I've tried that, but unfortunately it does not work... I will try a reset an configuration from clean start (without importing the config).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide