Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
942
Views
0
Helpful
2
Replies

RV082 Locks Up With Multiple VPNs

Jason Hollenberg
Level 1
Level 1

‎08-11-2013 09:39 PM

Hi everyone,

I have an RV082 (hardware version 1 - old gray and blue model) that has started randomly locking up after I added a third gateway to gateway connection. The routers on the other ends of the VPN connections are as follows:

  1. RV082 (same model): static IP
  2. RV042 (2012 model): dynamic IP + dyndns
  3. RVS4000: dynamic IP + dyndns

The RV082 that locks up sits in a datacenter with a static IP. All three VPNs are configured with the following settings:

Local Security Gateway Type: IP Only

Local Security Group Type: Subnet

Remote Security Gateway Type: IP Only

Keying Mode: IKE with Preshared key

Phase1 DH Group: Group 1

Phase1 Encryption: 3DES

Phase1 Authentication: MD5

Phase1 SA Life Time: 28800

Perfect Forward Secrecy: selected

Phase2 DH Group: Group 1

Phase2 Encryption: 3DES

Phase2 Authentication: MD5

Phase2 SA Life Time: 3600

Preshared Key: some password

The Remote Security Gateway Type setting in the remote group setup sections vary on each of the three devices. The first one above has IP address by DNS resolved and the other two just have IP address set.

All three VPNs connect fine and work as expected, but the main RV082 periodically locks up with more than two VPNs connected. When the lockups occur the only fix is to power cycle the device. Since it sits in a datacenter that I'm not physically in front of I don't know what lights are blinking on it. The web interface does not respond when the lockups occur and pings either time out or the response times go up really high (6000ms or higher). That router is running firmware version 2.0.2.01-tm. Does anybody have any ideas as to what might be causing the lockups?

Thanks!

Labels:
0 Helpful
2 Replies 2

jeffrrod
Level 4
Level 4

‎08-22-2013 09:56 AM

Dear Jason,

Thank you for reaching the Small Business Support Community.

I am not familiar with the hardware version 1, nor with the firmware release version you currently run.  I would first suggest you to disable the Perfect Forward Secrecy and test it, if the problem persists then look under advanced VPN settings for "Dead Peer Detection" and disable it, test again, if still the same then disable "keep alive" and if you have IKE Negotiation settings change it from "Aggressive" to "Main" mode.  Make sure all the routers have the same settings configured.

Other than that I suggest you to contact the Small Business Support Center to have a TAC engineer check this out;

https://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html

Please do not hesitate to reach me back if there is anything else I may assist you with.

Kind regards,

Jeffrey Rodriguez S. .:|:.:|:.
Cisco Customer Support Engineer

*Please rate the Post so other will know when an answer has been found.

Jeffrey Rodriguez S. .:|:.:|:. Cisco Customer Support Engineer *Please rate the Post so other will know when an answer has been found.
0 Helpful

Jason Hollenberg
Level 1
Level 1
In response to jeffrrod

‎08-24-2013 07:32 PM

Yeah, I just gave up and bought a new (non-Cisco) router. Thanks anyway.

0 Helpful
Customers Also Viewed These Support Documents