cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Announcement“Cisco Design Thinking Workshop”. Cisco Small Business is excited to invite its Silicon Valley customers to an exclusive interactive one-day session between customers and product Managers.  If you are interested in this exclusive workshop, please fill out the Registration Form. For more information, please check out our FAQ


Get the latest new and information the November issue of the Cisco Small Business Monthly Newsletter

1849
Views
0
Helpful
9
Replies
Highlighted

Unable to connect VPNs RV320 to WRVS4400N

I had an RV220W router that died.  I replaced it with a RV320, but I'm unable to re-connect the VPNs to my office WRVS4400N's.  When I look at the log on the RV320 I'm not getting a lot of useful information, just [g2gips1]: [Tunnel Disconnected].

 

Is there a compatibility issue with the RV320 - WRVS4400N's?

 

I purchased a D-Link DSR-250 while I waited for the RV320 to arrive.  I can establish the VPN's to the WRVS4400N's with it, but the overall performance of the DSR-250 is lacking, hence the desire to put the RV320 into production.

 

Does anyone have VPNs between the RV320 and WRVS4400N working?

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions

I tried IP Only, with IP by

I tried IP Only, with IP by DNS Resolved, and the VPN connected.  As the address on the WRVS4400N is dynamic, will this mode reconnect on an address change?

View solution in original post

9 REPLIES 9
Rising star

For Remote Group Setup, try

For Remote Group Setup, try Dynamic IP + Domain Name (FQDN) Authentication. Do no use WWW. in your FQDN, it should be syntrak.ca only. If that fails, resolve the IP address and try IP Only as a test. If it works using only the IP address, your router may be having issues resolving DNS.

 

- Marty

Thanks for the input.When I

Thanks for the input.

When I try Dynamic IP, it forces AGGRESSIVE MODE.  Even though I turn on AGGRESSIVE MODE on the WRVS4400N, the log reports:

 [Tunnel Authorize Fail] no connection has been authorized with policy=PSK+AGGRESSIVE

 

When I use the IP Only I was able to establish the VPN!

 

So, how do I resolve the DNS issue?  The Summary page shows the remote Gateway with the correct address when I use IP + FQDN.

 

Steve

Rising star

Steve, Dynamic IP always

Steve,

 

Dynamic IP always forces aggressive mode. Try leaving the WRVS4400N in Main Mode and see if that works.

 

- Marty

When I try without aggressive

When I try without aggressive mode on the WRVS4400N, I get:

packet from 24.224.219.168:500: [Tunnel Authorize Fail] 'g2gips1' forbids connection, cause: Aggressive Mode

I tried IP Only, with IP by

I tried IP Only, with IP by DNS Resolved, and the VPN connected.  As the address on the WRVS4400N is dynamic, will this mode reconnect on an address change?

View solution in original post

Rising star

Steve, As long as the

Steve,

 

As long as the WRVS4400N has DDNS, the name should resolve without issue when the IP changes. If possible, unplug the WRVS4400N for a while and when it reconnects, it should have a new WAN IP (depending on the ISP). The tunnel should come up.

 

- Marty

Thanks, I'll give this config

Thanks, I'll give this config a try.  My ISP only changes the address for that router about every 6-9months, so it will take a while to know for sure.

Rising star

Steve, I have cable and my IP

Steve,

 

I have cable and my IP changes very rarely. I have found that if I leave the router off for a few hours or overnight, I will get a new IP.

 

- Marty

Rising star

For future reference, IP Only

For future reference, IP Only and IP by DNS Resolved is the correct way to configure the RV320/325, as well as the RV042(G), RV082, RV016 routers.

Dynamic IP + Domain Name (FQDN) Authentication will not work in this instance.

 

- Marty