Trouble Setting Up VPN - RV042 v3

Harry Trieu · ‎09-26-2011

Hi guys,

I just bought a Cisco/Linksys RV042 version 3 and am having trouble getting my Macbook Pro running IPSecuritas to establish a client to gateway VPN tunnel.

I get an "Error - IKE - none message must be encrypted" message in the IPSecuritas connection log. It will keep retrying which results in the same error. Eventually it just gives up.

I am pretty sure I have the settings on the router end and Macbook end of the VPN configured identically.

Here is a screenshot of the RV042 configuration page. Any input would be greatly appreciated, thanks.

Herbert Baerten · ‎09-29-2011

Hi Harry,

since this question is about a product in the Cisco Small Business / Linksys range, I suggest you move it to the community, where you will have a better chance of getting expert advice.

best regards,

Herbert
Cisco Moderator

stschulze · ‎10-31-2011

i have the same problem, but now answer ... please help.

i think it is a bug.....

Harry Trieu · ‎10-31-2011

Hi Stephan,

Take a look at this guide: https://supportforums.cisco.com/docs/DOC-10266

It helped me get the VPN to work.

stschulze · ‎10-31-2011

thanks, but i have now also errors.

please post your working configuration from rv042 an ipsecuritas.

thanks

stephan

Harry Trieu · ‎11-01-2011

Stephan,

The RV042 configuration is in my original post. It hasn't changed.

Here is the IPSecuritas configuration

General
- Remote IPSec Device:
- Local Side - Endpoint Mode: Host
- Local Side - IP Address: Leave this blank
- Remote Side - Endpoint Mode: Network
- Remote Side - Network Address: 192.168.2.0
- Network Mask (CIDR): 24
- NOTE: These are my settings and they might not work for you. For instance, when connecting to the VPN from a remote location that uses the 192.168.2.x subnet, the VPN will not work due to address collision.
Phase 1
- Lifetime: 28800 Seconds
- DH Group: 1024 (2)
- Encryption: AES 256
- Authentication: SHA-1
- Exchange Mode: Main
- Proposal Check: Obey
- Nonce Size: 16
Phase 2
- Lifetime: 3600 Seconds
- PFS Group: 1024 (2)
- Encryption: AES 256
- Authentication: HMAC SHA-1
ID
- Local identifier: User FQDN / user@home.private
- Remote identifier: User FQDN / user@home.private
- Authentication Method: Preshared Key /
DNS
- leave "enable domain specific DNS servers" unchecked unless needed
Options (put a check mark next to the following)
- IPSec DOI
- SIT_IDENTITY_ONLY
- Initial Contact
- Request Certificate
- Send Certificate
- Unique SAs
- IKE Fragmentation

Hope that helps.

stefanHanke · ‎12-27-2011

Hey Harry,

were you able to solve this issue sucessfully?

I have noticed, that your config of ipSecuritas uses the "Main Mode" whereas I am always using "Agressive Mode" VPNs for Client to Gateway Setups (I think I had to due to the Cisco RV042).

Funny thing that I am experiencing here is:

VPNs IPsec <-> Cisco RV042 first generation work

VPNS IPsec <-> Cisco RV042 latest generation (newest 4.1...Firmware) does not work

IPsec is always complaining about "none message must be encrypted" and I assume that the "Phase 1" cannot be established but I have no clue anymore. (did try different setup combinations).

Thank you for any clarification whether you managed it or your workaround.

Stefan

Harry Trieu · ‎12-27-2011

Hi Stefan,

Yes I was able to establish a VPN tunnel successfully using the settings above. For me, Aggressive Mode would not work regardless of any other setting that I changed, so I set it to Main Mode. I'm still running on 4.0.4.02 firmware. Haven't tried the 4.1 firmware yet. Maybe they haven't ironed out the bugs? I can't think of much else that might help you as this would be my first time working with VPNs.

Harry

vaxxinecsinc · ‎11-07-2019

I realize this thread is 8 years old now, but I'm fighting with the same problem. Using the latest firmware of v4.2.3.10 It appears the original attachment containing the RV042 settings is missing. Can someone post the RV042 settings that work with this please? Thanks.