07-03-2013 05:19 AM
Just installed two RV120W (latest firmware 1.0.4.10) and configured a site-to-site VPN tunnel that works fine. Every day, my client calls me up saying that the VPN link doesn't work, and I need to reboot both routers so they can connect again. Once it's up and running, no problems for the whole day.
Setup : 1 router on static IP, 1 router behind other router (from ISP, dynamic IP) with ports UDP 500 and 4500 opened.
In log of router with static IP, I can see this message :
2013-07-03 07:58:37: [rv120w][IKE] INFO: Using IPsec SA configuration: 192.168.0.0/24<->192.168.5.0/24
2013-07-03 07:58:37: [rv120w][IKE] INFO: Configuration found for XX.XX.XX.XX.
2013-07-03 07:58:37: [rv120w][IKE] INFO: Initiating new phase 1 negotiation: XX.XX.XX.XX[500]<=>XX.XX.XX.XX[500]
2013-07-03 07:58:37: [rv120w][IKE] INFO: Beginning Identity Protection mode.
2013-07-03 07:58:37: [rv120w][IKE] INFO: [ident_i1send:180]: XXX: NUMNATTVENDORIDS: 3
2013-07-03 07:58:37: [rv120w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 4
2013-07-03 07:58:37: [rv120w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 8
2013-07-03 07:58:37: [rv120w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 9
2013-07-03 07:58:37: [rv120w][IKE] INFO: Configuration found for XX.XX.XX.XX[1024].
2013-07-03 07:58:37: [rv120w][IKE] INFO: Ports floated, peer initiatedcommunication on 4500
2013-07-03 07:58:37: [rv120w][IKE] INFO: Sending Informational Exchange: notify payload[INVALID-COOKIE]
2013-07-03 07:58:37: [rv120w][IKE] ERROR: Could not start quick mode as there is no ISAKMP-SA: d5e0fc31a2b8685d:a960a9bbb0cef95b:f5c3c625
Any ideas ?
07-04-2013 10:55 AM
Completely normal on the rv-series (surprising, isn't it?). I use a script to reboot my rv016's every day, or you could just buy a digital lamp timer (which I did for my netgear routers that had similar problems).
Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
07-24-2013 09:38 AM
And what about enabling Dead Peer Detection on both ends ? Would that kinda reset the link whenever it's down for a period of time ?
07-25-2013 12:53 PM
I have the same problem...
And then it keeps logging some type of mismatch between connections.
2013-07-25 13:50:18: [rv120w][IKE] WARNING: Remote address mismatched. Local=XXX.XXX.XXX.XXX[4500], Peer=XXX.XXX.XXX.XXX[500]
07-26-2013 08:15 AM
Well, after a few days, enabling the Dead Peer Detection on both ends seems to have stabilized everything... too bad it isn't enabled by default !
11-10-2013 08:37 AM
Interesting as I was going to post that DPD didn't help my problem at all. I still had to reboot them. Glad it solved your issue!
Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide