Hi,

qube00001 · ‎09-26-2014

Hello Cisco freaks

I am trying to connect a branch office network (Cisco RV320 router) with our other branches Drayteks (2820, 2950, 3900). Both devices look to support common settings but fails to connect. Triple checked all settings, Tried all possible SA, key and encryptions combination to no avail. I am familiar with VPN issues but this time I can not figure out what's wrong. The RV320 syslog does not output enough VPN log to troubleshoot.

checklist :
differents LAN's
consitent phases setting on both devices, tested all groups, hashes and encryptions
correct routes and interfaces
local security group : subnet
using PFS did not help
no idea if the "AH Hash Algorithm" needs to be checked, tried all anyway

does the Cisco uses ESP or AH protocol? this may be worth to know

Is the IPsec implementation of Cisco compatible with Drayteks?

Did somebody ever managed to connect those 2 devices?

Regards

qube00001 · ‎11-07-2014

Ok, I got it working

I managed to connect a cisco RV320 with drayteks (3900, 2820, 2925) using lan to lan VPN.

It was very hard to troubleshoot as the cisco doesn't output VPN logs unless you are successfully connected :-/

I used draytek's log and found a netmask issue. Now it works

For the record here is my working setup

Group 5
AES128
SHA1 withauth
no PFS
ESP (uncheck AH on the cisco uses ESP)

higher settings may work, not tested

pedrorato · ‎03-15-2017

Hi,

Can you attach snapshots from both routers regarding VPN site to site setup.

BR,

Pedro

RV320 lan to lan VPN setup for Draytek