01-17-2017 03:02 PM
Hello,
After updating the RV320 firmware to 1.3.2.02 my gateway to gateway VPN connection does not work anymore.
I try to understand the issue but there is not IPSec VPN log anymore (although all logs checked), so no error message to help me.
I am the only one to experience this problem ?
Below my configuration on the 2 gateways.
Thanks in advance,
Philippe
*************
GATEWAY 1
———————
Local Group Setup
Local Security Gateway Type: IP + FDQN
IP Address: 81.XX.XX.XX
Domain Name: XXX.com
Local Security Group Type: Subnet
IP Address: 10.0.1.1
Subnet Mask: 255.255.255.0
Remote Group Setup
Remote Security Gateway Type: IP + FDQN
IP Address: 212.XX.XX.XX
Domain Name: YYY.com
Remote Security Group Type: Subnet
IP Address: 10.0.0.0
Subnet Mask: 255.255.255.0
IPSec Setup
Phase 1 DH Group: Group 1
Phase 1 Encryption: 3DES
Phase 1 Authentication: MD4
Phase 1 SA Lifetime: 28800
Perfect Forward Secrecy: checked
Phase 2 DH Group: Group1
Phase 2 Encryption: 3DES
Phase 2 Authentication: MD5
Phase 2 SA Lifetime: 3600
Minimum Preshared Key Complexity: Enable
Preshared Key: xxxxxxxxxxxxxxxx
Preshared Key Strength Meter: checked
Advanced
Keep-Alive : checked
NetBIOS Broadcast : checked
NAT Traversal : checked
Dead Peer Detection Intervals : 10 sec
GATEWAY 2
———————
Local Group Setup
Local Security Gateway Type: IP + FDQN
IP Address: 212.XX.XX.XX
Domain Name: YYY.com
Local Security Group Type: Subnet
IP Address: 10.0.0.0
Subnet Mask: 255.255.255.0
Remote Group Setup
Remote Security Gateway Type: IP + FDQN
IP Address: 81.XX.XX.XX
Domain Name: XXX.com
Remote Security Group Type: Subnet
IP Address: 10.0.1.1
Subnet Mask: 255.255.255.0
IPSec Setup
Phase 1 DH Group: Group 1
Phase 1 Encryption: 3DES
Phase 1 Authentication: MD4
Phase 1 SA Lifetime: 28800
Perfect Forward Secrecy: checked
Phase 2 DH Group: Group1
Phase 2 Encryption: 3DES
Phase 2 Authentication: MD5
Phase 2 SA Lifetime: 3600
Minimum Preshared Key Complexity: Enable
Preshared Key: xxxxxxxxxxxxxxxx
Preshared Key Strength Meter: checked
Advanced
Keep-Alive : checked
NetBIOS Broadcast : checked
NAT Traversal : checked
Dead Peer Detection Intervals : 10 sec
Solved! Go to Solution.
01-19-2017 12:27 PM
Have you tried doing a factory reset and reconfiguring after upgrading the firmware?
01-19-2017 12:27 PM
Have you tried doing a factory reset and reconfiguring after upgrading the firmware?
02-19-2017 11:32 AM
I did a factory reset and a complete manual reconfiguration. This is lengthy but after a few weeks I can tell the problem did not reappear ! Thanks a lot for the advice.
02-19-2017 04:45 PM
Which older version did you upgrade from?
02-19-2017 11:18 PM
From 1.3.1.12 but I did several upgrades before without complete manual reconfiguration.
01-20-2017 12:16 AM
Hi Philippe, plz check keep-alive on one side only, otherwise both side will be initiator.
01-20-2017 04:09 AM
Hi Ami, thanks for your suggestion, I've tried that, but unfortunately it does not work... I will try a reset an configuration from clean start (without importing the config).
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: