1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

RV016 and Cisco VPN Client errors on connection

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by tilmant, Jul 17, 2005.

  1. tilmant

    tilmant Guest

    I'm a new user for the RV016 and am trying to get my cisco vpn client to connect to the unit. My understanding is that any true IPSec client should be able to connect. Here are the log entry's from the RV016 when I try to establish a connection with VPN:

    Jul 16 18:10:42 2005 VPN Log size (864) differs from size specified in ISAKMP HDR (848)
    Jul 16 18:10:37 2005 Connection Accepted UDP 209.250.124.202:500->67.102.112.8:500 on ppp1


    My configurations is as follows:

    RV016

    Firmware version : 2.0.3 (May 3 2005 14:52:07)

    Tunnel No. 1
    Tunnel Name tilmant
    Interface WAN2
    Enabled
    --------------------------------------------------------------------------------
    Local Group Setup
    Local Security Gateway Type IP Only
    IP address 67.102.XXX.XXX
    Local Security Group Type Subnet
    IP address 172.20.235.0
    Subnet Mask 255.255.255.0
    --------------------------------------------------------------------------------
    Remote Client Setup
    Remote Client Dynamic IP + E-mail Addr.(User FQDN) Authentication
    E-mail address email@address.com
    --------------------------------------------------------------------------------
    Keying Mode Manual IKE with Preshared key
    Phase1 DH Group Group1
    Phase1 Encryption 3DES
    Phase1 Authentication MD5
    Phase1 SA Life Time 28880 seconds
    Perfect Forward Secrecy
    Phase2 DH Group Group1
    Phase2 Encryption 3DES
    Phase2 Authentication MD5
    Phase2 SA Life Time 3600 seconds
    Preshared Key 0x123456789

    CISCO Client
    Ver 4.6.04.0043-k9

    Group Authenication
    Name: tilmant
    Password: email@address.com
    Enable Transparent Tunneling
    IPSEc over UDP

    Connection flow is:
    Work computer --> Pix 515 --> RV016
    I have also tried it working around the pix, same issue.


    I spent 4 hours on the phone with Linksys which they ended up having me try there quickvpn. That did not work either and would not have work in the long run since I need to forward port 443. Has anyone got this to work? I use the cisco vpn client without issue against a PIX, VPN5000 with no problem.
     
  2. DocLarge

    DocLarge Super Moderator Staff Member Member

    As odd as this may sound, I've seen a vpn tunnel actually start working because the Pfs wouldn't accept a binary entry. In that instance, I used a pass phrase (eachoneteachone) or something similar (and more clever) and my tunnel started up.

    I guess what I'm saying is that occasionally, PFS entries block tunnel connectivity.

    See if that helps...

    Doc
     
  3. jcspan

    jcspan Guest

    How did you set up the Cisco VPN Client to even try to connect? I can't quite figure that bit out. You're a genius!
     

Share This Page