cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1519
Views
5
Helpful
6
Replies

Gateway to gateway IPsec VPN not working and no logs since 1.3.2.02 firmware update

philippe.freund
Level 1
Level 1

Hello, 

After updating the RV320 firmware to 1.3.2.02 my gateway to gateway VPN connection does not work anymore.

I try to understand the issue but there is not IPSec VPN log anymore (although all logs checked), so no error message to help me.

I am the only one to experience this problem ?

Below my configuration on the 2 gateways.

Thanks in advance,

Philippe

*************


GATEWAY 1
———————

Local Group Setup
Local Security Gateway Type: IP + FDQN
IP Address: 81.XX.XX.XX
Domain Name: XXX.com
Local Security Group Type: Subnet
IP Address: 10.0.1.1
Subnet Mask: 255.255.255.0

Remote Group Setup
Remote Security Gateway Type: IP + FDQN
IP Address: 212.XX.XX.XX
Domain Name: YYY.com
Remote Security Group Type: Subnet
IP Address: 10.0.0.0
Subnet Mask: 255.255.255.0

IPSec Setup
Phase 1 DH Group: Group 1
Phase 1 Encryption: 3DES
Phase 1 Authentication: MD4
Phase 1 SA Lifetime: 28800
Perfect Forward Secrecy: checked
Phase 2 DH Group: Group1
Phase 2 Encryption: 3DES
Phase 2 Authentication: MD5
Phase 2 SA Lifetime: 3600
Minimum Preshared Key Complexity: Enable
Preshared Key: xxxxxxxxxxxxxxxx
Preshared Key Strength Meter: checked

Advanced
Keep-Alive : checked
NetBIOS Broadcast : checked
NAT Traversal : checked
Dead Peer Detection Intervals : 10 sec


GATEWAY 2
———————

Local Group Setup
Local Security Gateway Type: IP + FDQN
IP Address: 212.XX.XX.XX
Domain Name: YYY.com
Local Security Group Type: Subnet
IP Address: 10.0.0.0
Subnet Mask: 255.255.255.0

Remote Group Setup
Remote Security Gateway Type: IP + FDQN
IP Address: 81.XX.XX.XX
Domain Name: XXX.com
Remote Security Group Type: Subnet
IP Address: 10.0.1.1
Subnet Mask: 255.255.255.0

IPSec Setup
Phase 1 DH Group: Group 1
Phase 1 Encryption: 3DES
Phase 1 Authentication: MD4
Phase 1 SA Lifetime: 28800
Perfect Forward Secrecy: checked
Phase 2 DH Group: Group1
Phase 2 Encryption: 3DES
Phase 2 Authentication: MD5
Phase 2 SA Lifetime: 3600
Minimum Preshared Key Complexity: Enable
Preshared Key: xxxxxxxxxxxxxxxx
Preshared Key Strength Meter: checked

Advanced
Keep-Alive : checked
NetBIOS Broadcast : checked
NAT Traversal : checked
Dead Peer Detection Intervals : 10 sec

1 Accepted Solution

Accepted Solutions

Have you tried doing a factory reset and reconfiguring after upgrading the firmware?

View solution in original post

6 Replies 6

Have you tried doing a factory reset and reconfiguring after upgrading the firmware?

I did a factory reset and a complete manual reconfiguration. This is lengthy but after a few weeks I can tell the problem did not reappear ! Thanks a lot for the advice.

Which older version did you upgrade from?

From 1.3.1.12 but I did several upgrades before without complete manual reconfiguration.

Ami Xiao
Level 1
Level 1

Hi Philippe, plz check keep-alive on one side only, otherwise both side will be initiator.

Hi Ami, thanks for your suggestion, I've tried that, but unfortunately it does not work... I will try a reset an configuration from clean start (without importing the config).

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: