VPN tunnel between 2 rv042 dies

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by attention, May 3, 2008.

  1. attention

    attention Network Guru Member

    I bought 2 rv042 (flashed to 1.3.9) for 2 offices.

    One office has static, the other dynamic (resolved by Dyndns) IP (2xDSL).

    As many have posted, the connection between the 2 rv042 goes down, yet both sides show the tunnel is up and thus don't reconnect.

    I noticed that when down, the static side shows ip for the remote Gateway.

    VPN->Summary->"Tunnel Status" check "Remote Gateway" column.

    linksys tech (?) support (?) is totally useless, I sent them screenshots and logfiles, spent hours on the phone (mostly on hold).

    Get this: their tech (?) support (?) has no phones next to their PCs!
    Imagine THAT!
    So they constantly walk from the "lab" (where the pcs are) to the phone to ask you a stupid silly question and put you on hold again.

    Then, all they do is sending emails "..We will assume your issue has been resolved if we do not hear from you within 72 hours...".

    I bought them through staples so I am confident thaty I can return them, have enough proof that they don't work.

    So now the question is: can anybody recommend a router that WORKS?
    We rather spend more money but have something reliable.
    With a reliable and knowledgable support.

    Thanks in advance for your recommendations.
  2. fnarf

    fnarf LI Guru Member

    I was having similar problems with the connection to our branch office and I was banging my head against the wall trying to figure it out. I was sure it must be a problem with the routers, but it turns out that one of our employees was using a BitTorrent client. So it would just flood the connection and not kill it completely, but make it essentially useless.

    So you might consider checking the machines or traffic on your network and make sure nobody is using some kind of file sharing software.
  3. attention

    attention Network Guru Member

    Checking the log was the first thing I did and no, nobody uses anything (or had used any such services before) when the tunnel goes down.

    The tunnel goes down totally arbitary, f.i. while there is no use whatsoever (in the middle of the night), and stays disconnected.

    I am now waiting for Zyxel routers, hope they do what they are supposed to do.

    I am amazed that so many people would post positive comments about this unit, while it cannot even reset and reconnect a tunnel.

    Makes me wonder who those people really are!

    And the total lack of any qualified support or follow up has shattered my trust in linksys.

    I now read that the RV082 has exactly the same issues, so this is an issue which not only I had but many many other people who fell for this piece of trash.
  4. cactusfazer

    cactusfazer Network Guru Member

    Is the tunnel work a little time or not?
    If yes, try to see lifetimes from vpn setting : it must be identical for the 2 routers.
    Try to change crypto (ex 3DES, SHA...).
    Is it the same FAI ?
    If no, try to ajust your MTU settings.
  5. attention

    attention Network Guru Member

    yes, all settings were the same, several linksys 'tech'-people looked into it.
    We are now testing Netopia routers and their support is really excellent (knowledged and humble).

    Looking at HOW MANY people complain about bad VPN between a static and a dynamic IP, the RV series is really not suited for this.

    All linksys does is spam you about how many tunnels the RVs support and how many they sold etc.etc. .

    But what's the point of all this if a simple vpn tunnel between a static and dynamic IP constantly collapses?

    And takes 10 minutes to reconnect?
  6. cactusfazer

    cactusfazer Network Guru Member

    For me, the link is between RV042 and WRV54G or RV042 and WRV200. The RV042 is stable and always ok but the bug on WRV54G and WRV200 with dyndns stop VPN link when the WRV54G or WRV200 are power off: i have to manuelly reconnect the VPN.
    This is because dns address is not updated on the WRV.
    The VPN is always on and reconnect is not visible when the keys are re-negociating.
  7. Toxic

    Toxic Administrator Staff Member

    just out of curiousity do you have DPD or Keep-Alive enabled or disabled?
  8. cactusfazer

    cactusfazer Network Guru Member

    In my conf (that work), WRV54G have keep alive enabled,WRV200 have DPD and keep alive enabled,RV042 have DPD and keep alive enabled.
  9. attention

    attention Network Guru Member

    The DPD and/or Keep-Alive are enabled in our setting too.
    We see a huge back-and-forth in the log when the tunnel breaks down.
    Both sides start negotiating and renegotiating the VPN tunnel for sometimes 30 minutes (!).
    When checking this, tech support says "...so the tunnel IS working...". ignoring that it is sometimes down for more that 30 minutes.

    Most people using these rv might not even realize that the tunnel goes down for such a long time, as they have no time critical matters going on during that time.

    We have tried Zyxel but they have other issues, now we give Netopia a try.
  10. Sfor

    Sfor Network Guru Member

    Another word about the DPD feature. The device does try to connect just 5 times. In some cases thats not enough to bring the tunnel back, after a connection failure. I saw no possibility to increase the attempt limit.
  11. zombiwulf

    zombiwulf Network Guru Member

    This has been an annoying problem for me as well, though I don't have an issue with reconnecting.

    I have two rv042's, one has a dynamic ip, the other is static, but the dynamic is a comcast ip that has only changed once in two years. It's not like it's a qwest dsl that constantly changes.

    The short term fix is logging in to the router and disconnecting the vpn, then generating traffic (ping) to reconnect it.

    Sometimes I have to drop it from one side, sometimes from the other.

    The bitch of it is that while the problem has never gone away, it's lessened enough that my office people can't remember what to do anymore between occurances.

    Anyone know a way to programmatically drop the vpn via command line?

    It would be trivial to set a monitor on the vpn and send the command when the monitor fails.
  12. attention

    attention Network Guru Member

    Hey guys, don't worry!

    Instead of fixing these annoying tunnel disconnects, lynksis has added a new cool feature in the new firmware!

    Some stupid junk software for which you have to pay so it can get in your way too!

    And no, you cannot get rid of that link and page.

    Who cares about those VPN tunnels.

    I know zisco/lynksis doesn't.

    They are more interested on how to make even more money off us!
  13. Toxic

    Toxic Administrator Staff Member

    take a chill pill man. you do not need to buy anything from linksys if you chose not too. the choice is yours.

    if you find this so annoying that you just cannot live any longer., please forward you suggestions to linksys themselves and keep you gripes point at them.

    This site was intended to help users with issues. it is not a "free for all" blog for your discontent at Cisco/Linksys,

    I take it you are still waiting for your Netopia routers? since the Zyxel routers did not work out for you perhaps you should try a better router altogether. have you looked at the Cisco 871 or something similar

    is cost an issue?
  14. attention

    attention Network Guru Member

    The problem is that we cannot return the f'ing routers anymore, it was too late by the time I figured and found that the problem lies with Zisco/Lynksis.

    In fact, I found through this site here that many people are left with the exact same issue and that it was not our ISP or our wiring or using XP or whatever their "tech support" was suggesting all along.

    After all the haggles we went through, lynksis only offered to "replace" the units (with the exact same problems).

    So yes, I did "forward" my issues to them, longe before I found this site.

    The netopia -though pricy- had an excellent support and for the 3 days we used them there was not a SINGLE VPN disconnect.
    Same with the Zyxcel, btw.

    However, the rv routers were returned to us with the claim that the return period had passed, so keeping the netopia was not an option anymore.

    Yes, cost is definetley an issue.

    I am positive that Zisco/Lynksis people are frequenting this site as 2 of their "tech support" confirmed this. That's why I vented my frustration with this.

    Because what really angers me now is that Zisco/Lynksis do have resources to add spam and errors to the router but won't fix real problems.

    And you are defending this?
  15. Sfor

    Sfor Network Guru Member

    Let's just say the firmware development and technical support is far from perfect, and it does not seem to be a good one, as well.

    On the other hand, Linksys does sell relatively cheap devices. So, the final conclusion is the support is the result of the price.
  16. attention

    attention Network Guru Member

    Yes, I totally agree that Zisco/Lynksis' firmware development is simply bad and their technical support is even worse.
    don't get me wrong, I have been through Netgear many years ago too, same thing.

    However, there would be absolutely no need for any "support" if these things would simply work as advertised.

    But now they are advertising spam instead of fixing the issues?
  17. Sfor

    Sfor Network Guru Member

    If you are treating the ProtectLinkâ„¢ Gateway feature as the spam, I can not agree with you. This can be an interesting feature in some cases.

    As for the Linksys support, I asked a question to the Polish linksys support through E-Mail (the Polish phone numbers are not working) about WRV200 related problem. One week later I receved a mail with information they sent my case to their technicians. Another week passed a few days ago, and no answer, so far.
  18. attention

    attention Network Guru Member

    Point is not if this "Gateway feature" is totally useless or even bad, point is that it is spam and instead of spamming us they should care for the FUNCTIONALITY of this thing (like the VPN tunnel issue at hand).

    If Zisco/Lynksis continues on this path, we will have to wade through pages of useless spam just to be able to change settings on mediocre functionality.

    On our router.

    Or is there a "PCdecrapifier" for Zisco/Lynksis routers?

    Why don't hey give the OPTION to download a spam-version or a issue-corrected version of their firmware?

    I know which I would take.
  19. Sfor

    Sfor Network Guru Member

    Why is it useless or bad? According to my calculations it is cheaper to use 5 license Trendmicro gateway, than to buy 5 license of a security suite software. It should be easier to manage everything from just one controll pannel, as well.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice