12-07-2010 05:23 AM
Has anyone had any luck establishing a VPN tunnel between the RVS4000 and a Juniper Netscreen? if so, could you please post your configuration? I've been trying for days to get this to work and I'm starting to think it's impossible.
12-07-2010 06:53 AM
Hi Mark,
The first thing that jumps to my mind is PFS. Are you using Perfect Forward Secrecy on both ends?
The way I usually work on these issue's is to go line by line on the configs. It's very easy to mis-type either a password, or subnet.
Also, do you have the IPSec VPN logs from the RVS4000? This may at least point you in the right direction.
Thanks!
Dave
12-07-2010 01:40 PM
I have tried with and without PFS, and it doesn't make any difference.
On the RVS400 I see messages containing "NO PROPOSAL CHOSEN", on the Juniper, I get messages that "there were no acceptable Phase 1 proposals".
12-07-2010 02:29 PM
Hi Mark,
Are you certain that port 500 for IKE is open via the ISP?
Also, have you tried other Authentication and Encryption types for Phase 1?
Lastly, do the SA Lifetimes match?
Thanks!
Dave
12-08-2010 04:57 AM
Dave, thanks for the followup.
I know the other end is good because up until this weekend, I was using a Netgear VPN router to connect to it flawlessly. I can also connect with desktop IPSec VPN clients.
I have set up the RVS4000 VPN settings to match as closely as possible what I had before. So right now, I suspect there is something missing or wrong with the RVS4000.
12-08-2010 08:47 AM
Hi Mark,
At this point I would recommend placing a call to the Cisco Small Business support center at 1-866-606-1866.
We can simulate an IPSec VPN connection from here to your RVS4000 and verify connectivity with an SMB product and proceed to troubleshoot from there.
Thanks!
Dave
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide