I just purchased the same

glenn.demoor · ‎08-26-2016

Hello,

I am trying to setup a vpn gateway between 2 sites using 2 new cisco RV320 VPN routers.(Firmware v1.1.1.19)

I followed this cisco article:

http://sbkb.cisco.com/CiscoSB/GetArticle.aspx?docid=00645babb1594fa09183f20ad79c2f40_Gateway_to_Gateway_VPN__Virtual_Private_Network__Configurati.xml&pid=2&converted=0

Sadly, the tunnel does not connect despite following cisco guidelines.

Both have High Speed Fibernet Internet access with static external IP

Site 1

subnet :192.168.42.0

router: 192.168.42.254

Site 2
subnet: 192.168.0.0
router: 192.168.0.1

After entering a test VPN gateway on both sites, the tunnel test does not work

The system log only shows: "2016-08-26, 10:06:04 ALLOW UDP 81.83.xxx.xxx:500 -> 81.82.xxx.xxx:500 on eth2"

Nothing else seems to happen.

A further strange thing is the remote management access.

On Site 2,once activated, the remote access worked as expected.

But on site 1, it was necessary to add a forwarding rule to the router itself to get it to work !

My feeling is that the internal address of the router on 192.168.42.254 is the cause of this and perhaps also the source of the vpn issue.

Is this possible? If so, can this be circumvented, as I am not allowed to modify that internal ip.

Best regards

glenn

woody · ‎08-26-2016

I also have a similar problem with yours. But I don't get any response yet. I also did exactly what it said in the Cisco article. Thanks!

https://supportforums.cisco.com/discussion/13101891/rv325-ipsec-gateway-gateway-cannot-ping

benh · ‎08-26-2016

I just purchased the same model, and in the next week or so will be doing the same ... a VPN tunnel.

I ran into some weird problems, and I upgraded the firmware (quite easy and painlessly) - and the problems went away. I've not set up the VPN yet, but you might want to upgrade the firmware - this may solve your problems.

The only headache is that you probably should reprogram everything from scratch after a firmware upgrade. (Just my opinion...)

glenn.demoor · ‎08-28-2016

@benh

A very helpful cisco support guy suggested the same - he said the vpn config was correct.

One upgrade is already done - as you stated - easy and painlessly.
The configuration is retained over the upgrade - the vpn tunnel config will be rewritten anyway - only a testconfig for now
The other router update will be carried out tomorrow

I am a bit sceptical this will solve the vpn problem - I really hope to be proven wrong.

@woody: I'll update this post. HTH.

regards
glenn

benh · ‎08-29-2016

I'll be looking for your results... I have a planned VPN tunnel to set up next week.

glenn.demoor · ‎08-29-2016

Well, I am glad to be proven wrong.

After the successful update of both routers to firmware 1.3.1.12, the test vpn tunnel immediately connected. Pings in both direction work.
Further tests will follow tomorrow.

Perhaps important, the Cisco support person told me to disable/uncheck "Perfect Forward Secrecy" in the vpn definition.
This differs from the cisco article mentioned in my first post.

best regards
glenn

woody · ‎08-29-2016

Glenn,

Thanks for sharing! I also updated the firmware 1.3.1.12. I still don't have a chance to test a gateway to gateway but I tested a client to gateway. I connected to my office from home using cisco vpn client. I was able to ping the devices. However, I could not see any PCs on my office network. Any advice would be appreciated.

Regards,

RV320 to RV320 VPN gateway does not work