1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

GW-GW between RV042 and WRV200 with problems

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by maxifus, Feb 24, 2007.

  1. maxifus

    maxifus LI Guru Member

    Hi folks!

    I have a RV042 with static IP working perfectly. When I try to add a tunnel to a WRV200 in other office with dynamic IP and Dyndns I get the folowing error (LOG):

    [Tunnel Negotiation Info] <<< Responder Received Aggressive Mode 1st packet
    Feb 24 11:02:14 2007 VPN Log Initial Aggressive Mode message from 190.30.186.86 but no (wildcard) connection has been configured
    Feb 24 11:02:34 2007 VPN Log Received Vendor ID payload Type = [Dead Peer Detection]
    Feb 24 11:02:34 2007 VPN Log Ignoring Vendor ID payload [4a131c8107035845...]
    Feb 24 11:02:34 2007 VPN Log Received Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-03]
    Feb 24 11:02:34 2007 VPN Log Ignoring Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-02]
    Feb 24 11:02:34 2007 VPN Log Ignoring Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-00]


    Both WAN's are PPPoE and work fine, I am using the RV042's remote GW option of Dynamic IP + FQDN and both routers are configured with IKE in agressive mode.

    BTW, If for instance in the RV042 I change the remote GW to IP resloved by DNS and restart the tunnel, the dynamic IP is resolved perfectly and the tunnel connects OK, but of course if yhe IP on the dynamic side changes the tunnel can't connect, but this proves that everything is well configured.


    Any ideas of what can be happening with Dynamic IP + FQDN?

    Regards,
    Max
     
  2. ifican

    ifican Network Guru Member

    2 things, yes as you stated everything is configured well when the rv042 is configured for ip (which means that the wrv200 is also configured the same). And you know the cardinal rule when it comes to vpns (do unto others as you would have them do unto you.) Meaning the FQDN needs to be set on both sides. Lastly do you know for sure that you ip will change often. Ask because i too only have dynamic ip's though mine never change unless i change the GW device.
     
  3. Toxic

    Toxic Administrator Staff Member

    I never use aggressive mode on a WRV200 to RV042 vpn tunnel prehaps you should turn that off.
     
  4. maxifus

    maxifus LI Guru Member

    Well, lets see:

    The thing with FQDN is that the WRV200 doesnt has the filed to input the FQDN in the same way that the RV042! In the WRV200 the only part to input this in in the DDNS tab and there is nothing in the VPN tab.

    Also, I need to set the agressive mode because the IP is dynamic, so this must be set in this way as far as I know...

    I dont have a clue what else to do.
     
  5. maxifus

    maxifus LI Guru Member

    Sorry, duplicated...
     

Share This Page