1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

RV082 - IPsec to Cisco 515E

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by xtremedew, Oct 20, 2006.

  1. xtremedew

    xtremedew Network Guru Member

    We currently have a RV082 setup at a remote office. In our main office we have a Cisco PIX 515e. We are constantly dropping connections (1-2 day) between the to devices. WE also have another office using a cisco pix to connect to our main office, they are experiencing no droppage. All Cisco VPN clients have no dropped connections as well. All these indications point me directly to the RV082. We are running the latest firmware 1.3.2. The connection is fine except for the disconnects. This has been an ongoing situation, we have contacted both offices ISP - The ISP are reporting the lines are in good conditions. Plaese advise what can be done further to troubleshoot this issue.

    I also just updated the MTU to 1500, not sure how that is going to work - too early to tell right now.
     
  2. ifican

    ifican Network Guru Member

    I would have to agree that the RV082 is probably the problem child however there is no way to know for sure without watching the connection more closely. I would debug the tunnel on the pix and see what the pix is seeing. I was having that same problem between a wrv200 and any other device until a recent code update. I have now hate a tunnel between the wrv and a pix up for several days without issue. However watching the tunnel come up showed me the pix was getting malformed packets (at least from its perspective). I have not used and Rv anything to date so i dont know how robust the logging is, but i know firsthand with the pix you can monitor just about anything you desire.
     
  3. Toxic

    Toxic Administrator Staff Member

    try upgrading to the latest firmware. 1.3.3.5 is now the latest.
     
  4. xtremedew

    xtremedew Network Guru Member

    Updating the MTU to 1500 didn't work.

    ifican: What do I need to do to debug on the cisco end?
     
  5. ifican

    ifican Network Guru Member

    I cant seem to hit my pix at the moment so i cant check the exact command structure, but it will start with debug, i think its debug crypto isakmp all, but just drop a question mark (?) along the way and it will tell you what you need to know. You can also debug ipsec and anything else you think might be causing grief. However for me watching isakmp exchange always helps me to figure out what was broken.
     

Share This Page