12-28-2021 03:04 AM
Hi guys,
Due to flash inconsistency/errors after a power surge issue, my router C800 started acting very strange. Having spent several weeks trying to bring life back into it through formats and the whole lot, I decided to replace it completely. I managed to find the same exact model and proceeded to copy a known good config from the old router (pre-power surge) to the new replacement one.
Almost everything works as it should except for SSH access and NAT rules put in place to allow me to access a VPN server behind the firewall. When comparing the configs side by side, I noticed that the certificate details are missing on the new replacement router. Could this be the reason why I am unable to SSH into the replacement router or access my VPN server behind it?
Solved! Go to Solution.
01-02-2022 08:08 AM
Hi Georg,
Happy New Year!
Thank you for the cleaned up config. I did a write erase followed by delete vlan.switch and reload then added the config. NAT is now working again to my amazement. Added acl's and confirmed still working.
01-02-2022 09:18 AM
Thanks for the update. Glad to know that now it is working.
12-30-2021 01:52 AM
You ask about the pki certificate chain. I notice this in the config
rsakeypair RTR00-rsa
Does this key pair exist? I doubt that the pki self signed certificate is related to issues with the vpn server.
It is interesting that one of the static translations is for a media server. Does access to that media server work?
12-29-2021 03:36 AM
I will add this when I have access again. I am surprised when you mention nothing should work
It has been working for me this way for well over a year.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide