1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

RV042 and Netopia R5300-T

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by regnitto, Oct 16, 2007.

  1. regnitto

    regnitto LI Guru Member

    I am having problems creating a stable tunnel between these 2 routers. The rv042 is at a remote location behind a DSL modem with static Ip. The r5300 is at my location operating a T1.

    I have set all of the Ipsec tunnel settings identical on both ends and when running the test from the rv042 i get in the log:

    Initiating Main Mode
    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet
    [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet
    Ignoring Vendor ID payload [3652d8cb0c2e6680...]
    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet
    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet
    [Tunnel Negotiation Info] >>> Initiator Receive Main Mode 6th packet
    Main mode peer ID is ID_IPV4_ADDR: '64.57.xxx.xxx'
    [Tunnel Negotiation Info] Main Mode Phase 1 SA Established
    [Tunnel Negotiation Info] Initiator Cookies = b874 b79d 5a6a dddd
    [Tunnel Negotiation Info] Responder Cookies = 814f d471 f44 dbcc
    initiating Quick Mode PSK+TUNNEL+PFS
    [Tunnel Negotiation Info] >>> Initiator send Quick Mode 1st packet


    I'm not sure why i can't establish the tunnel from here...


    tia
     
  2. ifican

    ifican Network Guru Member

    What does the rest of the log say?
     
  3. Toxic

    Toxic Administrator Staff Member

    is agreesive mode enabled? if it is disable it.
     
  4. regnitto

    regnitto LI Guru Member

    Agressive mode is not on. Here is more of the log:


    Initiating Main Mode
    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet
    [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet
    Ignoring Vendor ID payload [3652d8cb0c2e6680...]
    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet
    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet
    [Tunnel Negotiation Info] >>> Initiator Receive Main Mode 6th packet
    Main mode peer ID is ID_IPV4_ADDR: '64.57.xxx.xxx'
    [Tunnel Negotiation Info] Main Mode Phase 1 SA Established
    [Tunnel Negotiation Info] Initiator Cookies = b874 b79d 5a6a dddd
    [Tunnel Negotiation Info] Responder Cookies = 814f d471 f44 dbcc
    initiating Quick Mode PSK+TUNNEL+PFS
    [Tunnel Negotiation Info] >>> Initiator send Quick Mode 1st packet
    initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS to replace #69
    [Tunnel Negotiation Info] >>> Initiator send Quick Mode 1st packet
    initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS to replace #70
    [Tunnel Negotiation Info] >>> Initiator send Quick Mode 1st packet
    Informational Exchange is for an unknown (expired?) SA
    initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS to replace #71
    [Tunnel Negotiation Info] >>> Initiator send Quick Mode 1st packet
    initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS to replace #72
    [Tunnel Negotiation Info] >>> Initiator send Quick Mode 1st packet
    initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS to replace #73
    [Tunnel Negotiation Info] >>> Initiator send Quick Mode 1st packet
    Initiating Main Mode
    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet
    [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet
    Ignoring Vendor ID payload [3652d8cb0c2e6680...]
    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet
    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet
    [Tunnel Negotiation Info] >>> Initiator Receive Main Mode 6th packet
    Main mode peer ID is ID_IPV4_ADDR: '64.57.xxx.xxx'
    [Tunnel Negotiation Info] Main Mode Phase 1 SA Established
    [Tunnel Negotiation Info] Initiator Cookies = 1ad 6ff 6695 8ea1
    [Tunnel Negotiation Info] Responder Cookies = c6d3 df86 4dfa cfd5
    initiating Quick Mode PSK+TUNNEL+PFS
    [Tunnel Negotiation Info] >>> Initiator send Quick Mode 1st packet


    It looks like it's working, but no tunnel.
     
  5. ifican

    ifican Network Guru Member

    As toxic said agressive mode could cause issues, Phase 1 is completing so concentrate on phase 2 settings on both devices, could be pfs and usually is linksys seems to default to it and other vendors dont, but check over all settings and make sure they match, if one device is capable and the other is not then dont use it.
     
  6. regnitto

    regnitto LI Guru Member

    pfs is active on both devices.

    maybe turn this off?

    could the netopia not have a phase 2? I cannot locate any options for phase 2, only phase 1 IKE
     

Share This Page