1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

RV042 QuickVPN connection being dropped

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by TheIxian, Aug 27, 2005.

  1. TheIxian

    TheIxian Network Guru Member

    I am having a problem staying connected to the RV042 VPN router.

    Background:

    firmware: 1.3.6.4
    method: quickvpn
    Dual WAN: load balancing

    Problem:

    QuickVPN connects just fine but after a period of time the connection drops.

    Errors:

    The log on the router always shows the following right before it drops the connection:

    Code:
    ug 27 12:09:34 2005	     VPN Log	    Initiating Main Mode
    Aug 27 12:09:34 2005	    VPN Log	   [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
    Aug 27 12:09:34 2005	    VPN Log	   Ignoring Vendor ID payload Type = [MS NT5 ISAKMPOAKLEY 00000004]
    Aug 27 12:09:34 2005	    VPN Log	   Ignoring Vendor ID payload Type = [FRAGMENTATION]
    Aug 27 12:09:34 2005	    VPN Log	   Ignoring Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-02_n]
    Aug 27 12:09:34 2005	    VPN Log	   [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet
    Aug 27 12:09:34 2005	    VPN Log	   [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet
    Aug 27 12:09:35 2005	    VPN Log	   [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet
    Aug 27 12:09:35 2005	    VPN Log	   [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet
    Aug 27 12:09:35 2005	    VPN Log	   [Tunnel Negotiation Info] >>> Initiator Receive Main Mode 6th packet
    Aug 27 12:09:35 2005	    VPN Log	   Main mode peer ID is ID_IPV4_ADDR: '10.66.6.2'
    Aug 27 12:09:35 2005	    VPN Log	   We require peer to have ID '24.118.41.243', but peer declares '10.66.6.2'
    Aug 27 12:09:36 2005	    VPN Log	   [Tunnel Negotiation Info] >>> Initiator Receive Main Mode 6th packet
    Aug 27 12:09:36 2005	    VPN Log	   Main mode peer ID is ID_IPV4_ADDR: '10.66.6.2'
    Aug 27 12:09:36 2005	    VPN Log	   We require peer to have ID '24.118.41.243', but peer declares '10.66.6.2'
    Aug 27 12:09:39 2005	    VPN Log	   [Tunnel Negotiation Info] >>> Initiator Receive Main Mode 6th packet
    Aug 27 12:09:39 2005	    VPN Log	   Main mode peer ID is ID_IPV4_ADDR: '10.66.6.2'
    Aug 27 12:09:39 2005	    VPN Log	   We require peer to have ID '24.118.41.243', but peer declares '10.66.6.2'
    Aug 27 12:09:41 2005	    VPN Log	   Quick Mode message is unacceptable because it is for an incomplete ISAKMP SA
    Aug 27 12:09:48 2005	    VPN Log	   Phase 1 message is part of an unknown exchange
    Aug 27 12:09:48 2005	    VPN Log	   Quick Mode message is unacceptable because it is for an incomplete ISAKMP SA
    Aug 27 12:10:03 2005	    VPN Log	   encrypted Informational Exchange message is invalid because it is for incomplete ISAKMP SA
    Aug 27 12:10:03 2005	    VPN Log	   Informational Exchange is for an unknown (expired?) SA
    
    Follow-up:

    I have access to an RV082 running firmware 1.1.6.3 and have verified that I *DO NOT* have the same problem connecting to it via QuickVPN. The log on the 082 is very clean after the initial connection.

    Plea for help:

    It seems to me that the problem on the RV042 is the fact that it wants my (client's) WAN ip address and not the internal NAT address. But I just don't know what the deal is. Can anyone help me figure this out?

    THANK YOU
     
  2. russwmc

    russwmc Network Guru Member

    I have exactly the same problem with RV042 (FW 1.3.6.4 or 1.3.6) dropping QuickVPN connections. The RV082 does NOT have the problem. I sent the details to Linksys. They were suposed to send me new beta firmware. They said they did but I didn't get it yet. I have a ticket in with them. Hopefully it will fix it. I will let you know if I receive beta and if it fixes problem.

    russ
     
  3. BianchiJC

    BianchiJC Network Guru Member

    I too am having the exact same problem with a new RV042. My firmware is also 1.3.6.4 (May 5 2005 13:44:53).
     
  4. DocLarge

    DocLarge Super Moderator Staff Member Member

    http://www.linksysinfo.org/modules.php?name=Forums&file=viewtopic&t=6060

    My comments are at the bottom. As I said in my post, "this" was my exact problem; the maximum uptime I could manage was 3 mins before the tunnel dropped. When I look back at it, I think I may have had an mtu setting that was "skirting" the acceptable level before dropping out. Hope this does it for y'all...

    Doc
     
  5. MarlboroMan

    MarlboroMan Network Guru Member

    After several phone calls to Linksys complaining about my problems with connection drops with the VPN on the RV042 about every three minutes, and begging for some beta or alpha firmware that addresses the problem, today I received via Email what they tell me is beta version 1.3.7.2.

    The filename for the file that they attached me is: RV042_1.3.7.2_050727.rmt and the file size is 4,834,093 bytes.

    The biggest concern is that since they didn't pack the file in a ZIP file, I have no way that I know of to check and make sure that the file is not damaged.

    Has anyone already flashed to this version?

    Did it solve your problems with the "3 minute disconnects" on the VPN?

    Does anyone else know what changes have been made or what else has been fixed in this version??

    Would anyone else like to take a chance flashing this firmware into their RV042 to test it before I take the plunge?
     
  6. russwmc

    russwmc Network Guru Member

    The new firmware seems to have fixed the QuickVPN problem with the RV042. I had two tunnels running overnight transferring large files and had no problems. I tried to change MTU back to auto at one point but went back to the size determined from testing. The wireless connection I was testing one tunnel from was flakey. I will eventually try auto again for MTU and verify the results.

    There were no release notes with the firmware so I don't know what other things they addressed. The firmware tested is 1.3.7.2.

    russ
     
  7. plars3n

    plars3n Network Guru Member

    I'd love to try the new firmware

    I have four of these in a clients network and I need to fix the QuickVPN dropping problem.

    Where can I get a copy?
     
  8. MarlboroMan

    MarlboroMan Network Guru Member

    I am still having problems with one of my clients notebooks connecting remotely over the VPN to the RV042 using the QuickVPN client. It seems like it connects, then tunnel never seems to go active.

    Can anyone suggest the correct steps that I should be looking at to resolve the issue?

    Also, at one point they were using the XP built-in VPN to connect direct to 2003 server. Could this effect QuickVPN from working correctly? If so what changes need made to change the configuration so that QuickVPN will work?

    Any help that I could get would be helpful at this point, I have tried playing with the MTU on the client end as well as the RV042, but that doesn't seem to make a difference.
     
  9. MarlboroMan

    MarlboroMan Network Guru Member

    It is difficult to say what changes have been made since I didn't get any release notes. I did notice that on the the "Firewall" tab it offers a new set of options called "Restrict WEB Features" which allows the blocking of Java, Cookies, ActiveX, and Access to HTTP Proxy Servers. I think this is either new or something that I had not seen before.

    I have no idea what other changes have been made, but it does appear that it does at least resolve some problems with the VPN connections.
     
  10. DocLarge

    DocLarge Super Moderator Staff Member Member

    Are you setting things up on the router as shown below:
    ------------------------------------------------------------------------------------
    ON YOUR ROUTER:

    1) Setup Page

    Internet Connection Type: Automatic Configuration (DHCP)

    MTU: 1492/Auto or 1300-1350/manual

    DHCP Server: Your Choice

    Time Setting: Obviously set this to your own zone

    2) Security ---> VPN Page

    Ipsec: Enable
    PPTP: Enable
    L2TP: Disable

    Make sure you have gateway and tunnel disabled so they don't attempt to listen the same time you're trying to use quickvpn.

    Remaining settings on this page should be disabled.

    3) Access Restrictions ----> VPN

    - Start off by using a simple name and password combination such as the below example:

    username: test
    password: tester


    4) Apps & Gaming

    "NO" vpn port forwarding settings of any kind are required for quickvpn to work. It establishes its own tunnel. Only use port forwarding if you're going to be running a vpn server (port 1723) or if you have the wrv behind another router and you need to forward quickvpn ports from the internet connected router to the wrv (tcp port 443/udp port 500)

    5) Administration

    - SNMP & UPNP are disabled.


    Additionally:

    - Try using firmware 2.38. You can download it from linksysinfo.org. I've upgraded to 2.37.E (Linksys Quickvpn 50 user update) and all is stable and working perfectly. I also use "Wall Watcher" instead of the Linksys Logviewer.
    -------------------------------------------------------------------------------------

    If you're client is getting to "verifying network," here's a few things off the top of my head that may be the problem:

    - Firewall is still up

    - VPN account request from client isn't fully synchronizing with router (I have this issue from time to time; if rebooting doesn't help, try changing the client name and password to something else.)

    At this point, it "must" be something simple

    Doc
     
  11. russwmc

    russwmc Network Guru Member

    Using the latest firmware 1.3.7.2 on my RV042 I can now leave the MTU to auto or to the max before fragmentation (576). Both work fine supporting QuickVPN. My problem was that the connections would drop. I never had a problem establishing them beyond the standard client problems, XP firewall, interference with another VPN software, etc.
     

Share This Page