Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
449
Views
0
Helpful
0
Replies

VPN behind existing Router

LilianA
Level 1
Level 1

‎06-21-2018 06:51 AM - edited ‎03-12-2019 05:23 AM

Hello, I tried to create a VPN behind existing router (LiveBox Business) using Cisco RV130.

I can't replace the LiveBox because there are used by the internet/phone provider for VoIP.

So, i create the VPN on each RV130 using "Basic VPN setup":

IPSec Name: AVAVEZ

Policy Type: Auto

Policy Remote Endpoint: AAA.AAA.AAA.AAA

NetBios Enabled: nothing

Local IP: Subnet

IP Address: 192.168.0.0

Subnet Mask: 255.255.255.0

Remote Traffic Selection

Remote IP: Subnet

IP Address: 192.168.2.0

Subnet Mask: 255.255.255.0

 

The other side:

Remote Endpoint: BBB.BBB.BBB.BBB

NetBios Enabled: nothing

Local IP: Subnet

IP Address: 192.168.2.0

Remote IP: Subnet

IP Address: 192.168.0.0

same Pre-SharedKey(!)

 

I joined a schema to show you the link between places... it's very simple.

 

Now the log on BBB.BBB.BBB.BBB router side:

80 2018-06-21 1:54:09 PM warning pluto[13606]: "AVAVEZ" #2: sending encrypted notification INVALID_ID_INFORMATION to AAA.AAA.AAA.AAA:10500

81 2018-06-21 1:54:09 PM warning pluto[13606]: "AVAVEZ" #2: no suitable connection for peer '192.168.3.2'

82 2018-06-21 1:54:09 PM warning pluto[13606]: "AVAVEZ" #2: Main mode peer ID is ID_IPV4_ADDR: '192.168.3.2'

83 2018-06-21 1:53:52 PM warning pluto[13606]: "AVAVEZ" #3: initiating Main Mode to replace #1

84 2018-06-21 1:53:52 PM warning pluto[13606]: "AVAVEZ" #1: starting keying attempt 2 of at most 3, but releasing whack

85 2018-06-21 1:53:52 PM warning pluto[13606]: "AVAVEZ" #1: max number of retransmissions (2) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message

86 2018-06-21 1:53:49 PM warning pluto[13606]: "AVAVEZ" #2: sending encrypted notification INVALID_ID_INFORMATION to AAA.AAA.AAA.AAA:10500

87 2018-06-21 1:53:49 PM warning pluto[13606]: "AVAVEZ" #2: no suitable connection for peer '192.168.3.2'

88 2018-06-21 1:53:49 PM warning pluto[13606]: "AVAVEZ" #2: Main mode peer ID is ID_IPV4_ADDR: '192.168.3.2'

89 2018-06-21 1:53:39 PM warning pluto[13606]: "AVAVEZ" #2: sending encrypted notification INVALID_ID_INFORMATION to AAA.AAA.AAA.AAA:10500

90 2018-06-21 1:53:39 PM warning pluto[13606]: "AVAVEZ" #2: no suitable connection for peer '192.168.3.2'

91 2018-06-21 1:53:39 PM warning pluto[13606]: "AVAVEZ" #2: Main mode peer ID is ID_IPV4_ADDR: '192.168.3.2'

92 2018-06-21 1:53:39 PM warning pluto[13606]: "AVAVEZ" #2: STATE_MAIN_R2: sent MR2, expecting MI3

93 2018-06-21 1:53:39 PM warning pluto[13606]: "AVAVEZ" #2: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2

94 2018-06-21 1:53:39 PM warning pluto[13606]: "AVAVEZ" #2: STATE_MAIN_R1: sent MR1, expecting MI295 2018-06-21 1:53:39 PM warning pluto[13606]: "AVAVEZ" #2: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1

96 2018-06-21 1:53:39 PM warning pluto[13606]: "AVAVEZ" #2: responding to Main Mode

97 2018-06-21 1:53:39 PM warning pluto[13606]: packet from AAA.AAA.AAA.AAA:10500: received Vendor ID payload [Dead Peer Detection]

98 2018-06-21 1:53:39 PM warning pluto[13606]: packet from AAA.AAA.AAA.AAA:10500: received Vendor ID payload [Openswan (this version) 2.6.37 ]

 

Each RV130 are in DMZ, with NAT for port 443,500,50,51,4500

 

I don't see where i did the mistake...

Thank's for you help.

 

Lilian.

Labels:
Preview file
53 KB
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents