04-12-2011 09:11 AM
I have two RV082's (firmware 2.0.0.7) both with public static IPs. I'm attempting to setup a gateway-gateway vpn between them.
My configuration:
Router A:
Local Security Gateway Type: IP Only
IP Address: 12.*.*.*
Local Security Group Type: Subnet
IP Address 192.168.3.0
Subnet Mask: 255.255.255.0
Remote Security Gateway Type: IP Only
IP Address: 70.*.*.*
Remote Security Group Type: Subnet
IP Address 192.168.1.0
Subnet Mask: 255.255.255.0
Keying Mode: IKE with Preshared key
Phase1 DH Group: Group 1
Phase1 Encryption: DES
Phase1 Authentication: MD5
Phase1 SA Life Time: 28800
Perfect Forward Secrecy: Enabled
Phase2 DH Group: Group 1
Phase2 Encryption: DES
Phase2 Authentication: MD5
Phase2 SA Life Time: 3600
Aggressive Mode: Enabled
Dead Peer Detection (DPD): Enabled
Router B:
Local Security Gateway Type: IP Only
IP Address: 70.*.*.*
Local Security Group Type: Subnet
IP Address 192.168.1.0
Subnet Mask: 255.255.255.0
Remote Security Gateway Type: IP Only
IP Address: 12.*.*.*
Remote Security Group Type: Subnet
IP Address 192.168.3.0
Subnet Mask: 255.255.255.0
Keying Mode: IKE with Preshared key
Phase1 DH Group: Group 1
Phase1 Encryption: DES
Phase1 Authentication: MD5
Phase1 SA Life Time: 28800
Perfect Forward Secrecy: Enabled
Phase2 DH Group: Group 1
Phase2 Encryption: DES
Phase2 Authentication: MD5
Phase2 SA Life Time: 3600
Aggressive Mode: Enabled
Dead Peer Detection (DPD): Enabled
-------------
When I try to connect the tunnel, the log shows:
Apr 12 09:18:12 2011 | VPN Log | [Tunnel Negotiation Info] >>> Initiator Send Aggressive Mode 1st packet |
Apr 12 09:18:12 2011 | VPN Log | initiating Aggressive Mode #1814, connection "ips0" |
Apr 12 09:18:12 2011 | VPN Log | STATE_AGGR_I1: initiate |
Apr 12 09:18:25 2011 | VPN Log | Received Vendor ID payload Type = [Dead Peer Detection] |
Apr 12 09:18:25 2011 | VPN Log | [Tunnel Negotiation Info] <<< Responder Received Aggressive Mode 1st packet |
Apr 12 09:18:25 2011 | VPN Log | Initial Aggressive Mode message from 12.*.*.* but no (wildcard) connection has been configured |
When I disable aggressive mode I get:
Apr 12 09:08:34 2011 | VPN Log | Initiating Main Mode |
Apr 12 09:08:34 2011 | VPN Log | [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet |
Apr 12 09:08:34 2011 | VPN Log | Received Vendor ID payload Type = [Dead Peer Detection] |
Apr 12 09:08:34 2011 | VPN Log | [Tunnel Negotiation Info] <<< Responder Received Main Mode 1st packet |
Apr 12 09:08:34 2011 | VPN Log | (NATT)Initial Main Mode message received on 70.*.*.*:500 but no connection has been authorized. Please check your tunnel endpoint (gateway) setting |
Apr 12 09:08:34 2011 | VPN Log | Dynamic VPN client in Main Mode is only supported for Microsoft VPN client, please use Aggressive mode instead. |
Any suggestions on what's wrong with my configuration? Both routers are directly connected to their respective modems.
04-12-2011 09:14 AM
There are some errors in that form copy paste:
Perfect Forward Secrecy IS enabled on both
Phase 2 Encryption => DES on both
Phase 2 Authentication => MD5 on both
04-12-2011 04:16 PM
http://serverfault.com/questions/258961/rv082-gateway-gateway-vpn-wont-connect
So much more useful than this site...
In short. Delete the tunnels... recreate them.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide