1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WVR200 -> RV082 ipsec tunnel isn't really up

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by justavpnquestion, Sep 1, 2007.

  1. justavpnquestion

    justavpnquestion LI Guru Member

    I have a tunnel between my house and the office that (how do I describe this?)

    Thinks it is staying up.

    I have a linux script called VPN.keepalive that does a ping and logs DOWN! if the ping fails. The problem I have is that it is not failing, however when I try to ssh it just never connects. I managed to get the router to notice the link was down by running nmap instead of ping. When I am trying to ssh into a server at the office this is simply annoying. When I have a rsync job scheduled to copy something overnight it is a little more than annoying.

    I have added nmap [host on other end of tunnel] to my script and I will see if that can keep it up. I would really like to set up a couple of my remote users with a similar configuration but I can not do that without finding a way to keep the tunnel alive without running the keepalive script.

    My router info
    Hardware Version: WRTR-147G_V02
    Software Version:

    Thank you
  2. DocLarge

    DocLarge Super Moderator Staff Member Member

    What are your settings for routers? For example, are both routers using static addresses, or is one (or both) on a dynamic ip address connection? An additional consideration is that Linksys still hasn't gotten under control on how the WRV200 (and most other ethernet routers) will behave on a PPPoE connection.

  3. justavpnquestion

    justavpnquestion LI Guru Member

    RV082 at the office is static ip
    WRV200 at home is dynamic ip DSL (Embarq uses DHCP instead of pppoe)

    I am doing ddns to resolve the dynamic address. It was doing the same thing on RoadRunner before I switched to DSL

    followup: the automated nmap does not appear to have kept the connection alive. I can ping right now but not connect to the same server using ssh.

  4. LucF

    LucF Network Guru Member

  5. justavpnquestion

    justavpnquestion LI Guru Member


    Just to let everyone know.

    I had Dead Peer Detection turned on at home and not at the office. When I turned it on at the office it did not seem to help so I turned it off at both locations. After my ISP (at work) quit knocking down the connection over the holiday weekend it has stayed up except for:

    Tue Sep 4 12:10:08 CDT 2007 DOWN!
    Wed Sep 5 02:45:17 CDT 2007 DOWN!
    Wed Sep 5 05:05:18 CDT 2007 DOWN!
    Wed Sep 5 05:10:18 CDT 2007 DOWN!

    I honestly think it was a combination of ComCast / DPD setting. At least now when it goes down the router can tell it is down and rebuild the tunnel.


Share This Page