10-18-2012 05:47 PM
Hi
I am using a Cisco RV110W (Firmware 1.2.09) in a branch and I would like to create a VPN Tunnel to another site that has a Cisco RV042 (firmware
v4.2.1.02)
What would be the correct Configuration??
the current configuration I am using is
in the RV042 i am using
Check Enable
Local Group Setup
Local Security Gateway Type : IP Only
IP Address : RV042 Pulbic IP address
Local Security Group Type : Subnet
IP Address : 192.168.20.0
Subnet Mask : 255.255.255.0
Remote Group Setup
Remote Security Gateway Type : IP Only
IP Address : RV110W Pulbic IP address
Remote Security Group Type : Subnet
IP Address : 192.168.30.0
Subnet Mask : 255.255.255.0
IPSec Setup
Keying Mode : IKE with Preshared Key
Phase 1 DH Group : Group 2 - 1024 bit
Phase 1 Encryption : AES-128
Phase 1 Authentication : SHA1
Phase 1 SA Life Time : 28800 seconds
Perfect Forward Secrecy : Check
Phase 2 DH Group : Group 2 - 1024 bit
Phase 2 Encryption : AES-128
Phase 2 Authentication : SHA1
Phase 2 SA Life Time : 3600 seconds
Preshared Key : XXXXXXXXX (same as RV110W)
Advanced
Uncheck Aggressive Mode
Uncheck Compress (Support IP Payload Compression Protocol(IPComp))
Uncheck Keep-Alive
Check AH Hash Algorithm SHA1
Uncheck NetBIOS Broadcast
Uncheck NAT Traversal
Check Dead Peer Detection Interval 10 secs
Uncheck Tunnel Backup :
Uncheck Split DNS :
In the RV110W my configuration is
IKE Policy Table
Add / Edit IKE Policy Configuration
Policy Name: XXXX
Exchange Mode: Main
IKE SA Parameters
Encryption Algorithm: AES-128
Authentication Algorithm: SHA-1
Pre-Shared Key: XXXXXXXXX (same as RV042)
Diffie-Hellman (DH) Group: Group2 (1024 bit)
SA-Lifetime: 3600 Seconds
Dead Peer Detection: Check Enable
DPD Delay: 10
DPD Timeout: 30
VPN Policy Table
Add / Edit VPN Policy Configuration
Policy Name: XXXX
Policy Type: AutoPolicy
Remote Endpoint: IP Address
(the RV042 IP address)
Local Traffic Selection
Local IP: Subnet
IP Address: 192.168.30.0
Subnet Mask: 255.255.255.0
Remote Traffic Selection
Remote IP: Subnet
IP Address: 192.168.20.0
Subnet Mask: 255.255.255.0
Manual Policy Parameters (disable, is in Auto Mode)
SPI-Incoming: 0x
SPI-Outcoming: 0x
Encryption Algorithm: 3DES
Key-In:
Key-Out:
Integrity Algorithm: SHA-1
Key-In:
Key-Out:
Auto Policy Parameters
SA-Lifetime: 28800 seconds
Encryption Algorithm: AES-128
Integrity Algorithm: SHA-1
PFS Key Group: Checked Enable
DH Group 2 (1024 bit)
Select IKE Policy: XXXX (the same in previews configuration)
Can some one please tell me what I am doing wrong
Thanks
10-19-2012 03:03 PM
Hello Mr. Sagastum,
My name is Diego and I am part of the Small business Support community. I have seen your post and would like to help you with information that might be helpful on your case. On the next link you would find an example of VPN tunnel configuration, step by step. You could find this and more information about our cisco small business products on the guide me section.
If this answer was satisfactory for you, please mark the ques