08-22-2013 07:58 AM
Hello All
I am trying to create a Site to Site VPN between an RV215W over a 3G connection to an ASA5510, however it appears the RV215W is not even attempting to build Phase 1 over the 3G Connection.
Here is what I have done so far:
Successfuly established a Site to Site VPN between the same kit but using a wired broadband connection on the RV215W - so I know the IKE Policies match.
Unplugged the wired connection and switched to 3G
Confirmed the router has failed over to the 3G by browsing the Internet and performing some ping tests from the router
Looked in the logs and taken a packet capture on the ASA end and confirmed I see no IKE traffic from the RV215W
Used a UDP Traffic tool to generate udp 500 traffic to the ASA from a machine on the LAN of the RV215 and confirmed it hits the ASA
In an effort to confirm that the 3G connection is not dropping IKE, I put another RV215 on the LAN side of the RV215 with the 3G connection using its WAN Port and created the VPN on that router which worked OK. This proves the 3G connection and again the policies, and makes it look like the RV215 will only attempt VPNs through the wired connection.
I have tried software versions 1.0.0.16 and 1.1.0.5.
Has anyone else tried this? or has anyone got any suggestions?
Thanks
08-28-2013 06:42 AM
Hello All
I have managed to get this working so I thought I would post my findings...
Firstly, my initial post was not quite accurate, where I said I was unplugging the wired connection and failing over to 3G, I didn't mention that there was a reboot inbetween for various reasons. This turned out to be the cause of the problem. It does appear that the router does not attempt to build a VPN over the 3G connection unless it has previously had the wired WAN Port up and detected a failure and failed over to 3G. I found that if I boot the router with 3G only connected, then I can access the internet but there is no attempt to build the VPN. If I plugged something (anything) into the WAN port to bring it up and then boot with both Wired and 3G connected, then the router would attempt VPN over the wired. Then when I unplug the wired it will bring the VPN up over the 3G instead. I tried a few of the settings in the failover section and found it was best to leave failover detection on but disable fail back. This means I could boot it, unplug the wired and then plug it back in again and everything remains on 3G. This is not ideal as I was planning on using the 3G as the main connection for short term / emergency situations.
Cheers all
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide