Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1005
Views
0
Helpful
1
Replies

RV340 Site-to-Site VPN Hanging

Peter_
Level 1
Level 1

‎03-07-2018 06:07 AM - edited ‎03-21-2019 11:06 AM

 

I have had two RV340 Routers installed with a Site-to-Site VPN for a few weeks now.

 

I am having some issues with the routers saying the Site-to-Site VPN is connected, but being unable to make new contacts with devices on the other end of the VPN. It appears that certain devices that were already communicating are able to continue to communicate, but I am unable to make new connections. I cannot even ping the router on the other end. If I click disconnect and connect on the Site-to-Site VPN, then everything resolves for some period of time and will eventually recur.

 

Anyone facing similar issues? Any resolutions?

3 people had this problem
Labels:
0 Helpful
1 Reply 1

Russell Racey
Level 1
Level 1

‎03-22-2018 04:26 AM - edited ‎03-22-2018 04:27 AM

I call it:  "Dead Tunnel Syndrome", where tunnels appear to negotiate successfully but the tunnel itself is corrupt blocking traffic, either all traffic or just certain ports or host IP's.  When this happens, the only solution is to reboot the RV34x.  The only way to tell a tunnel is "healthy" is to constantly ping IP hosts on the other network, though I've seen cases where an echo is returned but actual traffic is blocked.  The "Dead Tunnel Syndrome" usually surfaces after repeated disconnects when the RV34x becomes so scrambled that it is no longer able to create a healthy tunnel. 

 

I have three RV340 sites exhibiting the same symptoms.  The RV042's these RV340's replaced NEVER did this; as their tunnels, the ones they 'initiate' that is, were always rock solid.  The RV042/82 firmware is obviously "mature" in the sense that these types of instability bugs were long since cured.  As for the RV340 series, site-to-site and client-to-site VPN was completely rewritten, fertile ground for 'memory leaks' or instability to creep in. 

 

I've also noticed, on occasion, one RV340 site even corrupts its PPPoE WAN connection, again requiring a manual reboot of the router.  It all points to buggy firmware.  In which case, all we can do is wait and hope that Cisco addresses these issues in an upcoming firmware release, hopefully soon!

0 Helpful
Customers Also Viewed These Support Documents