cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.
Get the latest news in this issue of the Cisco Small Business Monthly Newsletter

1121
Views
0
Helpful
4
Replies
Highlighted
Beginner

RV220W IPSec Tunnel not working

We have 2 RV220W Routers installed in seperate offices. We are attempting to setup a IPSec tunnel between the two sites. So far we have been unsuccessful in getting this to work.

On both sides, we are getting a successful connection established, but netiher site is recieving any packets. Both sides are transmitting packets though. We have exhausted our resources trying to figure out why.

Site A:

Active IPsec Security Association Table

Policy NameEndpointPacketsKBytesStateAction
RxTxRxTx
SiteA-SiteB-Tunnel           209.xxx.xxx.xxx 046430.00607.70IPsec SA Established

Site B:

Active IPsec Security Association Table

Policy NameEndpointPacketsKBytesStateAction
RxTxRxTx
SiteB-2-SiteA                     71..xxx.xxx.xxx 01070.0015.55IPsec SA Is Established

Has anyone else run into a similar issue and were they able to solve this? Any thoughts on what might be the problem?

4 REPLIES 4
Highlighted
Advocate

Hi Aaron, a lot of times something like this is because the local group / remote group ip or subnet masks are not configured correctly.

Realistically, if you leave the advance configuration for the IKE and VPN policy completely default, where you only make the policy names, the same password between sides and input the correct local/remote groups and WAN ip addresses, the tunnel will come up and work great provided you don't have connectivity issues.

Here is an example-

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
Highlighted

Thomas,

Thanks for your reply. I have tried both Advanced setup as well as just using the basic setup. I just deleted all the previous configs and re-added them using just the basic setup and only entering the minimum requirements. I am still getting the same results.

Here is my local/remote traffic config:

Local Traffic Selection
Local IP:
Start Address:
End Address:
Subnet Mask:
Remote Traffic Selection
This field is not editable, because netbios is selected.
Start Address:
End Address:
Subnet Mask:
Highlighted

oops - the fields are filled in - I promise :-)

Anyway -  Looks like my counterpart on the otherside just isolated an issue with the firewall on their end - hopefully that is the problem.

Highlighted
Beginner

Firewall misconfiguration on the remote site was the problem. Issue now resolved.