09-16-2015 10:02 AM
I have two locations that need a site to site VPN tunnel.
I have installed 2 RV110W routers at each location.
Trying to do the basic VPN setup, I am ending up with a IPSEC SA not established.
I have setup VPN's before but using Windows Server.
Am I missing something basic?
Thanks.
Solved! Go to Solution.
09-17-2015 03:29 PM
Hello machater_2000,
Thank you for that information. The address scheme does not look like it is an issue with the establishment of the tunnel unless one of the sites has a private address on the WAN. The logs may give us the best information as to why the tunnel is not establishing. We would need the logs from both sides after an attempted connection. I know it may sound like ridiculous, but after the tunnel configurations, have you tried rebooting each of the routers and then try to connect again. I have found that sometimes the routers need a reboot after config of a VPN for the tunnel to come up. If you don't feel comfortable putting information here, you can call 1-866-606-1866 and open a case with the SBSC and they would be able to securely support the networks. Thanks machater_2000.
09-16-2015 12:19 PM
Hello machater_2000,
Sorry the VPN tunnel is not establishing. More information is needed. What does the configurations on each side look like? What is the WAN IP addresses used? Have you enabled logging on the routers and looked as to what the logs say? If you could upload the logs and screenshots of the configs from each router, along with IP addresses used, we may be able to get this working. Thanks machater_2000.
09-16-2015 03:47 PM
For security reasons I am not going to load the WAN IP addresses and PreShared key.
Newest firmware is installed on both routers.
Site A & B - new install at both locations.
Used the BASIC VPN SETUP (defaults settings)
SITE A - Connection Name - unique name
PreShared key - unique key
Remote EndPoint - IP Address
Remote WAN IP - remote WAN IP xx.xx.xx.xx
Local WAN IP - local WAN IP xx.xx.xx.xx
Remote LAN network IP Address - 192.168.1.0
Remote Subnet - 255.255.255.0
Local LAN network address - 10.0.0.0
Local Subnet - 255.255.255.0
----------------------------------
SITE B - Connection Name - unique name
PreShared key - unique key (same as site A)
Remote EndPoint - IP Address
Remote WAN IP - remote WAN IP xx.xx.xx.xx
Local WAN IP - local WAN IP xx.xx.xx.xx
Remote LAN network IP Address - 10.0.0.0
Remote Subnet - 255.255.255.0
Local LAN network address - 192.168.1.0
Local Subnet - 255.255.255.0
09-17-2015 01:17 PM
Hi
I hope this is not sufficient for establishing VPN this is only routing based information you have provided.
You need to have a poilcy where you define all the athentication methods like
1) Encryption Algorithm
2) Authentication Algorithm
3) Authentication mode
4) DH Group (Key Group)
5) Key Life etc.,
You need to create a tunnel where it should be binded with a policy thats how a IPSec tunnel work in any plat form.
Thanks
NagarajChengeli
09-17-2015 03:29 PM
Hello machater_2000,
Thank you for that information. The address scheme does not look like it is an issue with the establishment of the tunnel unless one of the sites has a private address on the WAN. The logs may give us the best information as to why the tunnel is not establishing. We would need the logs from both sides after an attempted connection. I know it may sound like ridiculous, but after the tunnel configurations, have you tried rebooting each of the routers and then try to connect again. I have found that sometimes the routers need a reboot after config of a VPN for the tunnel to come up. If you don't feel comfortable putting information here, you can call 1-866-606-1866 and open a case with the SBSC and they would be able to securely support the networks. Thanks machater_2000.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide