Solved: Hi Ami, thanks for your

philippe.freund · ‎01-17-2017

Hello,

After updating the RV320 firmware to 1.3.2.02 my gateway to gateway VPN connection does not work anymore.

I try to understand the issue but there is not IPSec VPN log anymore (although all logs checked), so no error message to help me.

I am the only one to experience this problem ?

Below my configuration on the 2 gateways.

Thanks in advance,

Philippe

*************

GATEWAY 1
———————

Local Group Setup
Local Security Gateway Type: IP + FDQN
IP Address: 81.XX.XX.XX
Domain Name: XXX.com
Local Security Group Type: Subnet
IP Address: 10.0.1.1
Subnet Mask: 255.255.255.0

Remote Group Setup
Remote Security Gateway Type: IP + FDQN
IP Address: 212.XX.XX.XX
Domain Name: YYY.com
Remote Security Group Type: Subnet
IP Address: 10.0.0.0
Subnet Mask: 255.255.255.0

IPSec Setup
Phase 1 DH Group: Group 1
Phase 1 Encryption: 3DES
Phase 1 Authentication: MD4
Phase 1 SA Lifetime: 28800
Perfect Forward Secrecy: checked
Phase 2 DH Group: Group1
Phase 2 Encryption: 3DES
Phase 2 Authentication: MD5
Phase 2 SA Lifetime: 3600
Minimum Preshared Key Complexity: Enable
Preshared Key: xxxxxxxxxxxxxxxx
Preshared Key Strength Meter: checked

Advanced
Keep-Alive : checked
NetBIOS Broadcast : checked
NAT Traversal : checked
Dead Peer Detection Intervals : 10 sec

GATEWAY 2
———————

Local Group Setup
Local Security Gateway Type: IP + FDQN
IP Address: 212.XX.XX.XX
Domain Name: YYY.com
Local Security Group Type: Subnet
IP Address: 10.0.0.0
Subnet Mask: 255.255.255.0

Remote Group Setup
Remote Security Gateway Type: IP + FDQN
IP Address: 81.XX.XX.XX
Domain Name: XXX.com
Remote Security Group Type: Subnet
IP Address: 10.0.1.1
Subnet Mask: 255.255.255.0

IPSec Setup
Phase 1 DH Group: Group 1
Phase 1 Encryption: 3DES
Phase 1 Authentication: MD4
Phase 1 SA Lifetime: 28800
Perfect Forward Secrecy: checked
Phase 2 DH Group: Group1
Phase 2 Encryption: 3DES
Phase 2 Authentication: MD5
Phase 2 SA Lifetime: 3600
Minimum Preshared Key Complexity: Enable
Preshared Key: xxxxxxxxxxxxxxxx
Preshared Key Strength Meter: checked

Advanced
Keep-Alive : checked
NetBIOS Broadcast : checked
NAT Traversal : checked
Dead Peer Detection Intervals : 10 sec

refrainfrombeinglame · ‎01-19-2017

Have you tried doing a factory reset and reconfiguring after upgrading the firmware?

View solution in original post

refrainfrombeinglame · ‎01-19-2017

Have you tried doing a factory reset and reconfiguring after upgrading the firmware?

philippe.freund · ‎02-19-2017

I did a factory reset and a complete manual reconfiguration. This is lengthy but after a few weeks I can tell the problem did not reappear ! Thanks a lot for the advice.

cbjwthwm · ‎02-19-2017

Which older version did you upgrade from?

philippe.freund · ‎02-19-2017

From 1.3.1.12 but I did several upgrades before without complete manual reconfiguration.

Ami Xiao · ‎01-20-2017

Hi Philippe, plz check keep-alive on one side only, otherwise both side will be initiator.

philippe.freund · ‎01-20-2017

Hi Ami, thanks for your suggestion, I've tried that, but unfortunately it does not work... I will try a reset an configuration from clean start (without importing the config).

Gateway to gateway IPsec VPN not working and no logs since 1.3.2.02 firmware update