Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1335
Views
0
Helpful
4
Replies

RV220W IPSec Tunnel not working

aaron.connell
Level 1
Level 1

‎09-27-2012 07:59 AM

We have 2 RV220W Routers installed in seperate offices. We are attempting to setup a IPSec tunnel between the two sites. So far we have been unsuccessful in getting this to work.

On both sides, we are getting a successful connection established, but netiher site is recieving any packets. Both sides are transmitting packets though. We have exhausted our resources trying to figure out why.

Site A:

Active IPsec Security Association Table

Policy NameEndpointPacketsKBytesStateAction
RxTxRxTx
SiteA-SiteB-Tunnel           209.xxx.xxx.xxx 046430.00607.70IPsec SA Established

Site B:

Active IPsec Security Association Table

Policy NameEndpointPacketsKBytesStateAction
RxTxRxTx
SiteB-2-SiteA                     71..xxx.xxx.xxx 01070.0015.55IPsec SA Is Established

Has anyone else run into a similar issue and were they able to solve this? Any thoughts on what might be the problem?

1 person had this problem
Labels:
0 Helpful
4 Replies 4

Tom Watts
VIP Alumni
VIP Alumni

‎09-27-2012 09:38 AM

Hi Aaron, a lot of times something like this is because the local group / remote group ip or subnet masks are not configured correctly.

Realistically, if you leave the advance configuration for the IKE and VPN policy completely default, where you only make the policy names, the same password between sides and input the correct local/remote groups and WAN ip addresses, the tunnel will come up and work great provided you don't have connectivity issues.

Here is an example-

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful

aaron.connell
Level 1
Level 1
In response to Tom Watts

‎09-27-2012 09:53 AM

Thomas,

Thanks for your reply. I have tried both Advanced setup as well as just using the basic setup. I just deleted all the previous configs and re-added them using just the basic setup and only entering the minimum requirements. I am still getting the same results.

Here is my local/remote traffic config:

Local Traffic Selection
Local IP:
Start Address:
End Address:
Subnet Mask:
Remote Traffic Selection
This field is not editable, because netbios is selected.
Start Address:
End Address:
Subnet Mask:
0 Helpful

aaron.connell
Level 1
Level 1
In response to aaron.connell

‎09-27-2012 09:53 AM

oops - the fields are filled in - I promise :-)

Anyway -  Looks like my counterpart on the otherside just isolated an issue with the firewall on their end - hopefully that is the problem.

0 Helpful

aaron.connell
Level 1
Level 1

‎09-27-2012 11:46 AM

Firewall misconfiguration on the remote site was the problem. Issue now resolved.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents