1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WRV200: Site2Site-VPN doesn't work :(

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by stiehl, Feb 23, 2009.

  1. stiehl

    stiehl Addicted to LI Member

    Hi Guys,

    i have the following setup:

    2 WRV200 (FW 1.0.39) connected via PPPoE with the Internet.

    Router A: 192.168.0.2
    Router B: 192.168.1.1

    Now i try to establish a Site2Site-VPN-Connection between these devices. I followed these instructions:
    http://linksys.custhelp.com/cgi-bin...er/std_adp.php?p_faqid=4589&lid=3394934823B12

    Now i have a VPN-Tunnel named "VPN" on each device. On the "VPN-Summary" page the Tunnel "VPN" appears as Tunnel A, but the Tunnel Status stays "T". On both devices.

    My log says:
    Code:
    064   [MON 14:33:10]  added connection description "TunnelA"
    065   [MON 14:33:11]  "TunnelA" #10: initiating Main Mode
    066   [MON 14:33:11]  "TunnelA" #10: [WRV210 Response:] ISAKMP SA (Main Mode) Initiation
    067   [MON 14:33:11]  "TunnelA" #10: received Vendor ID payload [Openswan (this version) 2.4.5dr3  X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
    068   [MON 14:33:11]  "TunnelA" #10: received Vendor ID payload [Dead Peer Detection]
    069   [MON 14:33:11]  "TunnelA" #10: received Vendor ID payload [RFC 3947] method set to=109 
    070   [MON 14:33:11]  "TunnelA" #10: enabling possible NAT-traversal with method 3
    071   [MON 14:33:11]  "TunnelA" #10: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
    072   [MON 14:33:11]  "TunnelA" #10: STATE_MAIN_I2: sent MI2, expecting MR2
    073   [MON 14:33:12]  "TunnelA" #10: I did not send a certificate because I do not have one.
    074   [MON 14:33:12]  "TunnelA" #10: NAT-Traversal: Result using 3: no NAT detected
    075   [MON 14:33:12]  "TunnelA" #10: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
    076   [MON 14:33:12]  "TunnelA" #10: STATE_MAIN_I3: sent MI3, expecting MR3
    077   [MON 14:33:12]  "TunnelA" #10: Main mode peer ID is ID_IPV4_ADDR: '79.196.100.77'
    078   [MON 14:33:12]  "TunnelA" #10: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
    079   [MON 14:33:12]  "TunnelA" #10: [WRV210 Response:] ISAKMP SA established
    080   [MON 14:33:12]  "TunnelA" #10: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
    081   [MON 14:33:12]  "TunnelA" #10: Dead Peer Detection (RFC 3706): enabled
    082   [MON 14:33:12]  "TunnelA" #11: [WRV210 Response:] IPSec SA (Quick Mode) Initiation
    083   [MON 14:33:12]  "TunnelA" #11: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#10}
    084   [MON 14:33:16]  "TunnelA" #11: Dead Peer Detection (RFC 3706): enabled
    085   [MON 14:33:16]  "TunnelA" #11: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
    086   [MON 14:33:16]  "TunnelA" #11: [WRV210 Response:] IPSec SA established
    087   [MON 14:33:16]  "TunnelA" #11: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0xcb460455 <0x6fc0177d xfrm=3DES_0-HMAC_SHA1 NATD=none DPD=enabled}
    088   [MON 14:33:16]  "TunnelA" #12: responding to Quick Mode {msgid:21d4c84c}
    089   [MON 14:33:16]  "TunnelA" #12: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
    090   [MON 14:33:16]  "TunnelA" #12: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
    091   [MON 14:33:16]  "TunnelA" #12: Dead Peer Detection (RFC 3706): enabled
    092   [MON 14:33:16]  "TunnelA" #12: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
    093   [MON 14:33:16]  "TunnelA" #12: [WRV210 Response:] IPSec SA established
    094   [MON 14:33:16]  "TunnelA" #12: STATE_QUICK_R2: IPsec SA established {ESP=>0xcb460456 <0x6fc0177e xfrm=3DES_0-HMAC_SHA1 NATD=none DPD=enabled}
    095   [MON 14:33:23]  "TunnelA" #10: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcb460454) not found (maybe expired)
    096   [MON 14:33:23]  "TunnelA" #10: received and ignored informational message
    097   [MON 15:31:54]  "TunnelA" #13: responding to Quick Mode {msgid:abb14558}
    098   [MON 15:31:54]  "TunnelA" #13: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
    099   [MON 15:31:54]  "TunnelA" #13: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
    100   [MON 15:31:54]  "TunnelA" #13: Dead Peer Detection (RFC 3706): enabled
    101   [MON 15:31:54]  "TunnelA" #13: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
    102   [MON 15:31:54]  "TunnelA" #13: [WRV210 Response:] IPSec SA established
    103   [MON 15:31:54]  "TunnelA" #13: STATE_QUICK_R2: IPsec SA established {ESP=>0xcb460457 <0x6fc0177f xfrm=3DES_0-HMAC_SHA1 NATD=none DPD=enabled}
    104   [MON 15:33:16]  "TunnelA" #10: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcb460455) not found (maybe expired)
    105   [MON 15:33:16]  "TunnelA" #10: received and ignored informational message
    106   [MON 15:33:16]  "TunnelA" #10: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcb460456) not found (maybe expired)
    107   [MON 15:33:16]  "TunnelA" #10: received and ignored informational message
    Do you have any suggestions? :confused:


    I have one question left: WHERE do i enter the remote device to connect to? I entered my DDNS-FQDN in the "Remote Secure Gateway" Field, but when i switch to "any" there stands "...accept connections from any host..." (or similar). But doesn't this mean, that the information in the field is just for verifying the remote host? Isn't it the host where to dial in?

    Sorry for my bad englisch and thanks for your answers!:smile:

    best regards from germany:thumbup:

    tim

    EDIT: i see no "connect"-button on the vpn-page as shown on the website linked above. Where do i find it?
     
  2. ifican

    ifican Network Guru Member

    You dont have to "connect" when setting up site-to-site vpn's. Once configured they try to connect automatically. I am curious as to why your SA is established then immediately torn down. For starters can you please submit the log from the other side as well as the configuration for both ends. Also turn off NAT-T, you are not using it as its just another needless step in the process. VPN's are very straight forward, as long as the configurations match on both and the secure networks are set correctly all usually works. The thing that many miss is NAT-T but in your case you dont need it.
     
  3. stiehl

    stiehl Addicted to LI Member

    hi ifican,

    thanks for your quick answer :)

    Okay, here's the log from both devices:

    Router A:
    Code:
    156   [MON 16:48:22]  added connection description "TunnelA"
    157   [MON 16:48:23]  "TunnelA" #22: initiating Main Mode
    158   [MON 16:48:23]  "TunnelA" #22: [WRV210 Response:] ISAKMP SA (Main Mode) Initiation
    159   [MON 16:49:33]  "TunnelA" #22: [WRV210 Response:] Remote peer has no tunnel entry to correspond to this tunnel.
    160   [MON 16:49:33]  "TunnelA" #22: [WRV210 Response:] Please check your Remote Secure Gateway setting.
    161   [MON 16:49:33]  "TunnelA" #22: max number of retransmissions (2) reached STATE_MAIN_I1.  No response (or no acceptable response) to our first IKE message
    162   [MON 16:49:33]  "TunnelA" #22: starting keying attempt 2 of at most 5
    163   [MON 16:49:33]  "TunnelA" #23: initiating Main Mode to replace #22
    164   [MON 16:49:39]  "TunnelA": deleting connection
    165   [MON 16:49:39]  "TunnelA" #23: deleting state (STATE_MAIN_I1)
    166   [MON 16:49:39]  added connection description "TunnelA"
    167   [MON 16:49:40]  "TunnelA" #24: initiating Main Mode
    168   [MON 16:49:40]  "TunnelA" #24: [WRV210 Response:] ISAKMP SA (Main Mode) Initiation
    169   [MON 16:49:45]  "TunnelA" #25: responding to Main Mode
    170   [MON 16:49:45]  "TunnelA" #25: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
    171   [MON 16:49:45]  "TunnelA" #25: STATE_MAIN_R1: sent MR1, expecting MI2
    172   [MON 16:49:45]  "TunnelA" #25: NAT-Traversal: Result using 3: no NAT detected
    173   [MON 16:49:46]  "TunnelA" #25: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
    174   [MON 16:49:46]  "TunnelA" #25: STATE_MAIN_R2: sent MR2, expecting MI3
    175   [MON 16:49:46]  "TunnelA" #25: Main mode peer ID is ID_IPV4_ADDR: '79.196.81.112'
    176   [MON 16:49:46]  "TunnelA" #25: I did not send a certificate because I do not have one.
    177   [MON 16:49:46]  "TunnelA" #25: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
    178   [MON 16:49:46]  "TunnelA" #25: [WRV210 Response:] ISAKMP SA established
    179   [MON 16:49:46]  "TunnelA" #25: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
    180   [MON 16:49:46]  "TunnelA" #25: Dead Peer Detection (RFC 3706): enabled
    181   [MON 16:49:46]  "TunnelA" #26: responding to Quick Mode {msgid:4eb2672f}
    182   [MON 16:49:47]  "TunnelA" #26: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
    183   [MON 16:49:47]  "TunnelA" #26: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
    184   [MON 16:49:50]  "TunnelA" #26: Dead Peer Detection (RFC 3706): enabled
    185   [MON 16:49:50]  "TunnelA" #26: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
    186   [MON 16:49:50]  "TunnelA" #26: [WRV210 Response:] IPSec SA established
    187   [MON 16:49:50]  "TunnelA" #26: STATE_QUICK_R2: IPsec SA established {ESP=>0x94e47196 <0x6fc01781 xfrm=3DES_0-HMAC_SHA1 NATD=none DPD=enabled}
    188   [MON 16:49:50]  "TunnelA" #24: received Vendor ID payload [Openswan (this version) 2.4.5dr3  X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
    189   [MON 16:49:50]  "TunnelA" #24: received Vendor ID payload [Dead Peer Detection]
    190   [MON 16:49:50]  "TunnelA" #24: received Vendor ID payload [RFC 3947] method set to=109 
    191   [MON 16:49:50]  "TunnelA" #24: enabling possible NAT-traversal with method 3
    192   [MON 16:49:50]  "TunnelA" #24: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
    193   [MON 16:49:50]  "TunnelA" #24: STATE_MAIN_I2: sent MI2, expecting MR2
    194   [MON 16:49:51]  "TunnelA" #24: I did not send a certificate because I do not have one.
    195   [MON 16:49:51]  "TunnelA" #24: NAT-Traversal: Result using 3: no NAT detected
    196   [MON 16:49:51]  "TunnelA" #24: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
    197   [MON 16:49:51]  "TunnelA" #24: STATE_MAIN_I3: sent MI3, expecting MR3
    198   [MON 16:49:51]  "TunnelA" #24: Main mode peer ID is ID_IPV4_ADDR: '79.196.81.112'
    199   [MON 16:49:51]  "TunnelA" #24: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
    200   [MON 16:49:51]  "TunnelA" #24: [WRV210 Response:] ISAKMP SA established
    201   [MON 16:49:51]  "TunnelA" #24: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
    202   [MON 16:49:51]  "TunnelA" #24: Dead Peer Detection (RFC 3706): enabled
    203   [MON 16:49:51]  "TunnelA" #27: [WRV210 Response:] IPSec SA (Quick Mode) Initiation
    204   [MON 16:49:51]  "TunnelA" #27: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#24}
    205   [MON 16:49:52]  "TunnelA" #27: Dead Peer Detection (RFC 3706): enabled
    206   [MON 16:49:52]  "TunnelA" #27: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
    207   [MON 16:49:52]  "TunnelA" #27: [WRV210 Response:] IPSec SA established
    208   [MON 16:49:52]  "TunnelA" #27: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x94e47197 <0x6fc01782 xfrm=3DES_0-HMAC_SHA1 NATD=none DPD=enabled}
    
    Router B:
    Code:
    000   Plutorun started on Mon Feb 23 16:49:25 EST 2009
    001   [MON 16:49:26]  Starting Pluto (Openswan Version 2.4.5dr3 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OEr\134[u@aflB_)
    002   [MON 16:49:26]  Setting NAT-Traversal port-4500 floating to on
    003   [MON 16:49:26]     port floating activation criteria nat_t=1/port_fload=1
    004   [MON 16:49:26]    including NAT-Traversal patch (Version 0.6c)
    005   [MON 16:49:26]  ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
    006   [MON 16:49:26]  starting up 1 cryptographic helpers
    007   [MON 16:49:26]  started helper pid=364 (fd:4)
    008   [MON 16:49:27]  Using KLIPS IPsec interface code on 2.4.26-uc0
    009   [MON 16:49:27]  Changing to directory '/etc/ipsec.d/cacerts'
    010   [MON 16:49:27]  Changing to directory '/etc/ipsec.d/aacerts'
    011   [MON 16:49:27]  Changing to directory '/etc/ipsec.d/ocspcerts'
    012   [MON 16:49:27]  Changing to directory '/etc/ipsec.d/crls'
    013   [MON 16:49:27]    Warning: empty directory
    014   [MON 16:49:39]  added connection description "TunnelA"
    015   [MON 16:49:40]  listening for IKE messages
    016   [MON 16:49:40]  adding interface ipsec0/ppp0 79.196.81.112:500
    017   [MON 16:49:40]  adding interface ipsec0/ppp0 79.196.81.112:4500
    018   [MON 16:49:40]  loading secrets from "/etc/ipsec.secrets"
    019   [MON 16:49:45]  "TunnelA" #1: initiating Main Mode
    020   [MON 16:49:45]  "TunnelA" #1: [WRV210 Response:] ISAKMP SA (Main Mode) Initiation
    021   [MON 16:49:45]  "TunnelA" #1: received Vendor ID payload [Openswan (this version) 2.4.5dr3  X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
    022   [MON 16:49:45]  "TunnelA" #1: received Vendor ID payload [Dead Peer Detection]
    023   [MON 16:49:45]  "TunnelA" #1: received Vendor ID payload [RFC 3947] method set to=109 
    024   [MON 16:49:45]  "TunnelA" #1: enabling possible NAT-traversal with method 3
    025   [MON 16:49:45]  "TunnelA" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
    026   [MON 16:49:45]  "TunnelA" #1: STATE_MAIN_I2: sent MI2, expecting MR2
    027   [MON 16:49:45]  "TunnelA" #1: I did not send a certificate because I do not have one.
    028   [MON 16:49:45]  "TunnelA" #1: NAT-Traversal: Result using 3: no NAT detected
    029   [MON 16:49:45]  "TunnelA" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
    030   [MON 16:49:45]  "TunnelA" #1: STATE_MAIN_I3: sent MI3, expecting MR3
    031   [MON 16:49:46]  "TunnelA" #1: Main mode peer ID is ID_IPV4_ADDR: '84.46.54.116'
    032   [MON 16:49:46]  "TunnelA" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
    033   [MON 16:49:46]  "TunnelA" #1: [WRV210 Response:] ISAKMP SA established
    034   [MON 16:49:46]  "TunnelA" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
    035   [MON 16:49:46]  "TunnelA" #1: Dead Peer Detection (RFC 3706): enabled
    036   [MON 16:49:46]  "TunnelA" #2: [WRV210 Response:] IPSec SA (Quick Mode) Initiation
    037   [MON 16:49:46]  "TunnelA" #2: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#1}
    038   [MON 16:49:47]  "TunnelA" #2: Dead Peer Detection (RFC 3706): enabled
    039   [MON 16:49:47]  "TunnelA" #2: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
    040   [MON 16:49:47]  "TunnelA" #2: [WRV210 Response:] IPSec SA established
    041   [MON 16:49:47]  "TunnelA" #2: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x6fc01781 <0x94e47196 xfrm=3DES_0-HMAC_SHA1 NATD=none DPD=enabled}
    042   [MON 16:49:50]  packet from 84.46.54.116:500: received Vendor ID payload [Openswan (this version) 2.4.5dr3  X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
    043   [MON 16:49:50]  packet from 84.46.54.116:500: received Vendor ID payload [Dead Peer Detection]
    044   [MON 16:49:50]  packet from 84.46.54.116:500: received Vendor ID payload [RFC 3947] method set to=109 
    045   [MON 16:49:50]  packet from 84.46.54.116:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
    046   [MON 16:49:50]  packet from 84.46.54.116:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
    047   [MON 16:49:50]  packet from 84.46.54.116:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
    048   [MON 16:49:50]  "TunnelA" #3: responding to Main Mode
    049   [MON 16:49:50]  "TunnelA" #3: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
    050   [MON 16:49:50]  "TunnelA" #3: STATE_MAIN_R1: sent MR1, expecting MI2
    051   [MON 16:49:50]  "TunnelA" #3: NAT-Traversal: Result using 3: no NAT detected
    052   [MON 16:49:51]  "TunnelA" #3: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
    053   [MON 16:49:51]  "TunnelA" #3: STATE_MAIN_R2: sent MR2, expecting MI3
    054   [MON 16:49:51]  "TunnelA" #3: Main mode peer ID is ID_IPV4_ADDR: '84.46.54.116'
    055   [MON 16:49:51]  "TunnelA" #3: I did not send a certificate because I do not have one.
    056   [MON 16:49:51]  "TunnelA" #3: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
    057   [MON 16:49:51]  "TunnelA" #3: [WRV210 Response:] ISAKMP SA established
    058   [MON 16:49:51]  "TunnelA" #3: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
    059   [MON 16:49:51]  "TunnelA" #3: Dead Peer Detection (RFC 3706): enabled
    060   [MON 16:49:52]  "TunnelA" #4: responding to Quick Mode {msgid:5f8a62f3}
    061   [MON 16:49:52]  "TunnelA" #4: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
    062   [MON 16:49:52]  "TunnelA" #4: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
    063   [MON 16:49:52]  "TunnelA" #4: Dead Peer Detection (RFC 3706): enabled
    064   [MON 16:49:52]  "TunnelA" #4: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
    065   [MON 16:49:52]  "TunnelA" #4: [WRV210 Response:] IPSec SA established
    066   [MON 16:49:52]  "TunnelA" #4: STATE_QUICK_R2: IPsec SA established {ESP=>0x6fc01782 <0x94e47197 xfrm=3DES_0-HMAC_SHA1 NATD=none DPD=enabled}
    
    you're right, i have not NAT in my environment, so it is turned off. Here's the rest of my configuration (Router A and B exactly the same):

    Tunnel Entry: Tunnel A
    VPN-Tunnel: enabled
    Tunnel Name: VPN
    NAT-Traversal: disabled

    Local Secure Group:
    Type: Subnet
    IP-Adress: 192.168.1.0 (192.168.0.0 for Router B)
    Mask: 255.255.255.0

    Remote Secure Group:
    Type: Subnet
    IP-Adress: 192.168.0.0 (192.168.1.0 for Router B)
    Mask: 255.255.255.0

    Remote Secure Gateway:
    Type: FQDN
    xxxxx.homeip.net (different for both routers)

    Key-Management:
    Key Exchange Method: Auto (IKE)
    Operation-Mode: Main
    ISAKMP Encryption Method: Auto
    ISAKMP Authentication Method: SHA1
    ISAKMP DH Group: Group 2: 1024-bits
    ISAKMP Lifetime: 28800
    PFS: enabled
    IPSec Encryption Method: Auto
    IPSec Authentication Method: SHA1
    IPSec DH Groupd: Same as ISAKMP
    IPSec Key Lifetime: 3600
    Preshared Key: my_secret ;) (for testing i use a short phrase (6 chars))

    Dead Peer detection: enabled
    Detection delay (s): 30
    Detection timeout (s): 120
    DPD Action: recover
    If IKE failed more than 5 times, block this unautorized IP for 60 seconds (enabled)
    Anti-replay enabled
    NetBIOS broadcast enabled


    Do you see any mistake?

    Thanks and rgds,

    Tim :)
     
  4. vpnuser

    vpnuser LI Guru Member

    Does your PPPoE connection has Keep-Alive checked? Did you notice any abnormal PPPoE activity in the log of WRV200?
     
  5. stiehl

    stiehl Addicted to LI Member

    yes, keep-alive is checked and the internet-connection was established on both devices. Also resolving the DDNS-Names works proper.

    rgds, tim :)
     
  6. Sfor

    Sfor Network Guru Member

    According to my observations the WRV200 1.0.39 does not report the tunnel status corectly when using DDNS service.

    In such a case the tunnel gets connected, and works correctly, but the tunnel status is reported as T instead of C. The only way to check the tunnel condition is to ping a computer on the other side.

    For some reason pinginging the WRV200 router through VPN does not work with PPPoE setup, as well.
     
  7. DocLarge

    DocLarge Super Moderator Staff Member Member

    From my observations of using the WRV200 on an xDSL connection, tunnels between wrv200 on a cable modem connection and a wrv200 on an xDSL connection will not connect unless the xDSL connected wrv200 is set to static.

    Toxic and I stumbled across this about a year and a half ago; he'd mentioned that his vpn started up right out of the gate on his NTL (now Virgin) cable modem connection whereas mine did absolutely nothing (we had verified our settings 3 times over). For ****z and giggles, I changed my settings from dhcp to static and the tunnel started right up (my xDSL connection was PPPoA with High Velocity).

    I'm throwing this information in the event that either one or both routers are connected via xDSL ISPs...

    Additionally, have a look at this video tutorial I put together; it should help clear up any confusion:

    http://www.linksysinfo.org/forums/downloads.php?do=file&id=2

    Jay
     

Share This Page