Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
654
Views
0
Helpful
4
Replies

RV110W VPN Frustration

Go to solution
machater_2000
Level 1
Level 1

‎09-16-2015 10:02 AM

I have two locations that need a site to site VPN tunnel.

I have installed 2 RV110W routers at each location.

Trying to do the basic VPN setup, I am ending up with a IPSEC SA not established.

I have setup VPN's before but using Windows Server.

Am I missing something basic?

Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jbattist
Level 1
Level 1
In response to machater_2000

‎09-17-2015 03:29 PM

Hello machater_2000,

       Thank you for that information.  The address scheme does not look like it is an issue with the establishment of the tunnel unless one of the sites has a private address on the WAN.  The logs may give us the best information as to why the tunnel is not establishing.  We would need the logs from both sides after an attempted connection.  I know it may sound like ridiculous, but after the tunnel configurations, have you tried rebooting each of the routers and then try to connect again.  I have found that sometimes the routers need a reboot after config of a VPN for the tunnel to come up.  If you don't feel comfortable putting information here, you can call 1-866-606-1866 and open a case with the SBSC and they would be able to securely support the networks.  Thanks machater_2000.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
jbattist
Level 1
Level 1

‎09-16-2015 12:19 PM

Hello machater_2000,

      Sorry the VPN tunnel is not establishing.  More information is needed.  What does the configurations on each side look like?  What is the WAN IP addresses used?  Have you enabled logging on the routers and looked as to what the logs say?  If you could upload the logs and screenshots of the configs from each router, along with IP addresses used, we may be able to get this working.  Thanks machater_2000.

0 Helpful

Go to solution
machater_2000
Level 1
Level 1
In response to jbattist

‎09-16-2015 03:47 PM

For security reasons I am not going to load the WAN IP addresses and PreShared key.

Newest firmware is installed on both routers.

Site A & B - new install at both locations.

Used the BASIC VPN SETUP (defaults settings)

 

SITE A - Connection Name - unique name

PreShared key - unique key

Remote EndPoint - IP Address

Remote WAN IP - remote WAN IP xx.xx.xx.xx

Local WAN IP - local WAN IP xx.xx.xx.xx

 

Remote LAN network IP Address - 192.168.1.0

Remote Subnet - 255.255.255.0

Local LAN network address - 10.0.0.0

Local Subnet - 255.255.255.0

----------------------------------

SITE B - Connection Name - unique name

PreShared key - unique key (same as site A)

Remote EndPoint - IP Address

 

Remote WAN IP - remote WAN IP xx.xx.xx.xx

Local WAN IP - local WAN IP xx.xx.xx.xx

Remote LAN network IP Address - 10.0.0.0

Remote Subnet - 255.255.255.0

Local LAN network address - 192.168.1.0

Local Subnet - 255.255.255.0

0 Helpful

Go to solution
Nagaraju Chengeli
Level 1
Level 1
In response to machater_2000

‎09-17-2015 01:17 PM

Hi 

I hope this is not sufficient for establishing VPN this is only routing based information you have provided.

You need to have a poilcy where you define all the athentication methods like

1) Encryption Algorithm

2) Authentication Algorithm

3) Authentication mode 

4) DH Group (Key Group)

5) Key Life etc., 

You need to create a tunnel where it should be binded with a policy thats how a IPSec tunnel work in any plat form.

Thanks

NagarajChengeli 

 

 

0 Helpful

Go to solution
jbattist
Level 1
Level 1
In response to machater_2000

‎09-17-2015 03:29 PM

Hello machater_2000,

       Thank you for that information.  The address scheme does not look like it is an issue with the establishment of the tunnel unless one of the sites has a private address on the WAN.  The logs may give us the best information as to why the tunnel is not establishing.  We would need the logs from both sides after an attempted connection.  I know it may sound like ridiculous, but after the tunnel configurations, have you tried rebooting each of the routers and then try to connect again.  I have found that sometimes the routers need a reboot after config of a VPN for the tunnel to come up.  If you don't feel comfortable putting information here, you can call 1-866-606-1866 and open a case with the SBSC and they would be able to securely support the networks.  Thanks machater_2000.

0 Helpful
Customers Also Viewed These Support Documents