Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4420
Views
0
Helpful
20
Replies

[RV345] Client-to-site VPN auth error after 1.0.03.24 firmware upgrade

adamwood
Level 1
Level 1

‎11-03-2021 07:09 PM

Since receiving an automated firmware upgrade to 1.0.03.24 this week, all client-to-site VPN connection are failing on our RV345. The relevant parts of the logs (more can be provided if needed) appear to be:

info vpn charon: 10[IKE] PAM authentication has received the connection name 'c2s_vpn'
error vpn charon: PAM no modules loaded for `s2s-vpn' service
info vpn charon: 10[IKE] XAuth pam_authenticate for 'vpntest' failed: Permission denied

This occurs both with our Radius authenticated user group as well as a local user setup (per logs) to rule out a Radius issue. The obvious error is regarding a missing module for the 's2s-vpn' service, yet this is a 'c2s-vpn' tunnel. I can't find any reference to this error in search results or community posts, nor anything relevant in the release notes for this release, so any help would be appreciated.

6 people had this problem
0 Helpful
20 Replies 20

CitNetGuy
Level 1
Level 1

‎11-04-2021 04:00 AM - edited ‎11-04-2021 04:06 AM

Hi,

 

There seems to be an issue with New firmware 1.0.03.24 blocking traffic in general current configurations.

There is one person that did a reset after update and reconfigured but experienced anomalies.

New firmware 1.0.03.24 for rv340w - Cisco Community

 

 

0 Helpful

marce1000
VIP
VIP
In response to CitNetGuy

‎11-04-2021 04:34 AM

 

 - You may  want to further escalate this problem :

           https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

 M,



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

adamwood
Level 1
Level 1
In response to CitNetGuy

‎11-04-2021 07:16 AM - edited ‎11-04-2021 07:17 AM

Thanks for pointing me to this, I hadn't seen it. Good to know we're not alone with this.

Unfortunately, it looks like the only 'solution' presented there is to roll back to 1.0.3.22, which we were hoping to avoid. We'll hold off on doing that for as long as possible in the hope that an actual solution is found, otherwise will go with that and disable automated updates to avoid this. Although I'm not sure what we (and others seemingly) as supposed to do if a security release is issued in future.

0 Helpful

adamwood
Level 1
Level 1

‎11-04-2021 04:23 PM

UPDATE:

Reverting to 1.0.3.22 has resolved this. Thankfully we had a config backup from prior to the automated update, so we factory reset the device, installed/reverted the firmware, then imported the backup config (and disabled automated updates). VPN connections are working again as previously.

This means that we, along with others seemingly, cannot apply further updates to this device until this issue is resolved, rendering the further year of security updates on the device redundant currently. If would be good if someone from Cisco can log this as an issue.

0 Helpful

marce1000
VIP
VIP
In response to adamwood

‎11-04-2021 11:38 PM

 

          ...> If would be good if someone from Cisco can log this as an issue

                                 The common practice is for customers to take action :

        https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

 M



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

vesa.suontama
Level 1
Level 1
In response to adamwood

‎12-21-2021 02:53 AM

I also had to roll back to 1.0.3.21 (didn't try even the 1.0.3.22, went straight to 1.0.3.21 I had before). I had a perfectly working setup, but then Radius stopped working with the update to 1.0.3.24. I get these warnings in the log:

https://slack-files.com/T0BA8B8G1-F02REN1SWEP-858aee79c6

pptp: rc_read_config: can't open /etc/radiusclient/radiusclient.conf: No such file or directory

pptp: RADIUS: Can't read config file /etc/radiusclient/radiusclient.conf

 

Something clearly broke.

 

0 Helpful

andresdn
Level 1
Level 1

‎12-22-2021 12:04 PM

Yesterday I reached Cisco Support for 2 RV-340 with connectivity issues upgrade to .24. Send logs and configurations to Cisco for analisys. First response was "you should roll back to 1.0.03.22 or do an upgrade to 1.0.03.24 + factory reset + configure from start". I wasn´t pleased with those solutions so they scaled the issue to a sustaining enginner. They promised me 24/48 hs with a feedback.

0 Helpful

egatec
Level 1
Level 1

‎01-31-2022 07:57 AM

I have the same problem with the latest version 1.0.03.26, I'll rollback to 1.0.03.22 where there is no problem... It looks like Cisco y releasing the upgrades without fixing the issues...

0 Helpful

andresdn
Level 1
Level 1
In response to egatec

‎01-31-2022 08:15 AM

After testing for the last 2 weeks, Cisco workaround didn´t fix the issue so rollback to 1.0.03.22 is the best solution by far.
0 Helpful

fdetoma
Level 1
Level 1
In response to egatec

‎02-02-2022 08:23 AM

Hi,

exactly, also tring with version 1.0.03.26 there is the same vpn issue....I'll rollback to 3.22....

0 Helpful

JohnnyBobby
Level 1
Level 1
In response to fdetoma

‎02-07-2022 06:07 PM

I can confirm that 1.03.26 also screws up VPN authentication using both Cisco AnyConnect client and Baked in Cisco IPSec client backed into iOS and MacOS 12.2.  Please get this fixed Cisco.  It is the primary reason my business bought the router was the amount of VPN client options and AnyConnect.  

 

0 Helpful

marce1000
VIP
VIP
In response to JohnnyBobby

‎02-07-2022 11:06 PM

 

                         >....Please get this fixed Cisco

 FYI : https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

 M. 



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

JohnnyBobby
Level 1
Level 1
In response to JohnnyBobby

‎02-19-2022 12:23 PM

All,  

 

I spoke to a support engineer

and have a case open.  They are recommending upgrading to 1.03.26.  Then doing a factory reset.  Then MANUALY reconfiguring the router’s settings.  I asked about restoring my config from .22 and he said there are differences and configuration changes so best approach is do a manual reconfigure.  I am on the fence on doing it as it is time consuming and I am not if this will fix it the VPN issue?  Obviously I will do a full backup again of my 1.03.22 setup to a PC and have both firmwares….for a roll back.  Oh and the RV’s have been discontinued due to the chipset shortage. Supposedly a new model or two is in the pipeline. 

0 Helpful

thehappycomputer
Level 1
Level 1
In response to JohnnyBobby

‎04-25-2022 11:42 PM

Did you end up staying on .26 and reconfiguring from scratch? Did that resolve the issue? 

0 Helpful
Customers Also Viewed These Support Documents