08-08-2017 06:00 AM
Hi, I recently purchased a Cisco RV130 and am trying to setup the IPSEC VPN server on this router. I am experiencing the same issue that another user described in this post but having tried the solution offered there I have had no success. I am starting a new discussion because that post is over 2 years old.
The messages I am seeing in the router log file are:
7 2017-08-02 3:25:00 PM warning pluto[3041]: "shrew"[2] 192.198.151.62 #1: received MODECFG message when in state STATE_MAIN_R3, and we aren't xauth client 8 2017-08-02 3:24:57 PM warning pluto[3041]: "shrew"[2] 192.198.151.62 #1: received MODECFG message when in state STATE_MAIN_R3, and we aren't xauth client 9 2017-08-02 3:24:54 PM warning pluto[3041]: "shrew"[2] 192.198.151.62 #1: received MODECFG message when in state STATE_MAIN_R3, and we aren't xauth client 10 2017-08-02 3:24:50 PM warning pluto[3041]: "shrew"[2] 192.198.151.62 #1: received MODECFG message when in state STATE_MAIN_R3, and we aren't xauth client
I don't know why "shrew" appears in this log as I am not using shrewsoft on the client device. I am using MacOs integrated VPN connection in the "network preferences" But this is the error that is being thrown up in the router logs.
I have tried many different combinations of settings in the IPSEC VPN page. In the Phase 2 Configuration I have selected both "Single" and "Subnet". When I had "single" selected, the IP address I entered was 192.168.1.50 (which is outside the range of IPs which my router will assign to any locally connected devices) and I left "Subnet" blank. When I had "Subnet" selected, I used the same IP (192.168.1.50) and subnet 255.255.255.0. No combination of these made any change, still seing the "received MODECFG message when in state STATE_MAIN_R3" message.
I have ensured that "VPN Passthrough" is enabled for IPSEC
I also tried some other things
Firewall->Basic Setttings-LAN/VPN Web Access: tried with http checkbox checked and unchecked, didnt change value of https checkbox
The information provided by Cisco in their support documentation does not clearly describe what should go into the "IP address" and "Subnet Mask" fields .
Thanks
05-25-2019 09:44 AM
Hi everyone,
Any answer to this post ?
I'm experiencing the same issue, as PPTP has been disabled in Mac OS High Sierra my Mac OS users can't connect to the VPN server anymore.
Site-to-site VPN is working fine.
Connection is made through a NAT. NAT router private IP network is 192.168.1.0/24 and VPN network is 192.168.10.0/24 (which is the subnet I configured for the IPSec VPN Sever).
Like others IKE SA works fine, problem is in phase 2.
Regards,
Sebastien
05-15-2021 08:33 PM
hi
have the same problem
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide