1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

VPN Setup RV042

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by Peter_sys, Mar 29, 2006.

  1. Peter_sys

    Peter_sys Network Guru Member

    Is it possible to test vpn setup on a LAN instead of the WAN?
    As I cannot get the VPN to work what so ever over a WAN?
    Also when I download VPN software from Linksys why are all the
    IP Sec policies in the wrong language, do I need to setup any IP Sec policies up on the computer I am using as the VPN client.
    Do the Computers have to be on a different Subnet to the VPN Routers or Router?

    :sad:

    Also is it possible to create a tunnel using two Linksys VPN Router BEFVP41 to RV042?
    Over a LAN so I can test to see if this works.

    Ip for the BEFVP41 is 192.168.16.1 Sub 255.255.255.0

    Ip for the RV042 is 192.168.17.1 Sub 255.255.255.0

    Sorry for all daft questions but I am fed up of trying to get either to work

    Tried to attach a screen shot but unable to do this Help Please

    Thanks Peter
     
  2. d__l

    d__l Network Guru Member

    Yes, you should be able to set up your on miniature internet-LAN. I did it once to debug some of the settings for two SX41's prior to moving one to a remote site. I used the switch side of a spare SR41 as simulating all "the internet routers". Because I was simulating dynamic IPs, I had the SR41 set up as a DHCP server. I suppose this could be done with a switch as long as you used fixed IPs on the same subnet for the WAN IPs of the two VPN routers.

    You would set this up like an inverted Y with the other router or switch on the top part and the two VPN router off the two legs.

    Use your planned private IPs and use some public IP subnet for the wan side.

    There may be a problem when you switch to the real world internet if you have a dynamic IP on the VP41. The Linksys knowledgebase suggests that you have to manually check aggressive mode on that router if I understand it correctly. This couldn't be simulated in your LAN tests.
     
  3. Peter_sys

    Peter_sys Network Guru Member

    Thanks for the reply i will try this and let you know how i get on with this. :)

    Peter
     
  4. Peter_sys

    Peter_sys Network Guru Member

    Tested on LAN worked fine When i do this over the WAN i get a error see below on last line What is the cause of this error

    Initiating Main Mode
    Mar 31 18:55:39 2006 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
    Mar 31 18:55:39 2006 VPN Log Informational Exchange is for an unknown (expired?) SA
    Mar 31 18:55:39 2006 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet
    Mar 31 18:55:39 2006 VPN Log [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet
    Mar 31 18:55:39 2006 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet
    Mar 31 18:55:39 2006 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet
    Mar 31 18:55:39 2006 VPN Log [Tunnel Negotiation Info] >>> Initiator Receive Main Mode 6th packet
    Mar 31 18:55:39 2006 VPN Log Main mode peer ID is ID_IPV4_ADDR: '82.38.***.***'
    Mar 31 18:55:39 2006 VPN Log [Tunnel Negotiation Info] Main Mode Phase 1 SA Established
    Mar 31 18:55:39 2006 VPN Log [Tunnel Negotiation Info] Initiator Cookies = 7f6c bf25 8cfc 7ba7
    Mar 31 18:55:39 2006 VPN Log [Tunnel Negotiation Info] Responder Cookies = 274c 8dbb 89ab b169
    Mar 31 18:55:39 2006 VPN Log initiating Quick Mode PSK+TUNNEL+PFS
    Mar 31 18:55:39 2006 VPN Log [Tunnel Negotiation Info] >>> Initiator send Quick Mode 1st packet
    Mar 31 18:55:40 2006 VPN Log Received informational payload, type INVALID_ID_INFORMATION

    Thanks Peter :D
     
  5. TazUk

    TazUk Network Guru Member

    When you tested on the LAN were you using exactly the same configurations?

    Are you sure your ISP isn't blocking any ports?
     
  6. Peter_sys

    Peter_sys Network Guru Member

    VPN Actually worked

    Hi Again thanks for all the advice I am one of the luck ones
    That actually got two Linksys Vpn routers to actually work.
    In a short space of time, 2 or three days.

    Router A setup RV042

    Tunnel Name = XPH1 Vpn
    Phase2 Enc/Auth/Grp = DES/SHA1/2
    Local Group = 192.168.17.0 255.255.255.0
    Remote Group = 192.168.16.0 255.255.255.0
    Remote Gateway this is Router B Static Ip

    Router B Setup BEFVP41

    Tunnel Name = XPH2 Vpn
    Status Connected
    Local Group = 192.168.16.0 255.255.255.0
    Remote Group =ANY 192.168.16.0 255.255.255.0
    Remote Gateway this is Router A Static Ip
    Security Method = DES SHA ISAKMP PFS NB



    Note to solve this error on router B changed Remote Secure Group to ANY solved the problem

    Mar 31 18:55:40 2006 VPN Log Received informational payload, type INVALID_ID_INFORMATION

    Not sure if this would be of any help to anyone but this is how I got it to work.


    Peter

    :thumb: :cheering:
     
  7. d__l

    d__l Network Guru Member

    I'm glad you got that worked out. I sure would never have thought setting the Remote Secure Group to ANY would have solved your problem and it certainly wouldn't have been anything I would have suggested.

    How did you happen to try that setting anyway? :)
     

Share This Page