RV042 VPN Disconnecting

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by Mike Breeden, Feb 22, 2007.

  1. Mike Breeden

    Mike Breeden LI Guru Member

    You folks blow me away. I just read the RV042 Info -7- pages. Way too much. I'm just an ignorant developer. I don't get into it that much.
    Anyway, I have setup a gateway to gateway VPN between two RV042s and it doesn't stay connected. It happily re-connects, but it does not stay connected by itself. What can I do to keep it connected. I cannot have users logging onto the router to re-connect the VPN. Really, I expected to find this within a few back pages of posts but didn't.
    Now the IP address on one end is currently dynamic. I'm trying to get it changed to static right away, but the last two times it has disconnected (time frame - over night) the IP address has not changed and I could just re-connect with no adjustments.
    Note that usually all that is connected to the router at any given time is a WRT45GS.
    Also, just for luck, what is the latest firmware version? I should make sure of that.
    Thanks, Mike Breeden
  2. ifican

    ifican Network Guru Member

    Have a look at the logs on either side and see what they tell you. Dynamic ip as a whole should not be an issue unless it changes, i know some devices have an issue with vpn's and pppoe but i dont know any pppoe connections so i cant say for sure. The logs at the moment is going to be your best bet as it should give you some kind of idea as to why the tunnel is dying.
  3. Toxic

    Toxic Administrator Staff Member

    have you enabled the "Keep Alive" feature in the Advanced Settings of the VPN Tunnel?
  4. eric_stewart

    eric_stewart Super Moderator Staff Member Member

    I would also check to make sure DPD (dead peer detection) and IKE keepalives are set.

  5. Mike Breeden

    Mike Breeden LI Guru Member

    Keep alives was not set... before....
    The Phase 1 SA life time is set to 28800
    The Phase 2 SA life time is set to 3600
    Can these be cranked up? Should they be?
    Thanks much
  6. rodrigo.h.m

    rodrigo.h.m Guest

    Upgrade the firmware to and select on both side the keep alive and DPD.
    Best Regards,

    Rodrigo Martinez
  7. aviegas

    aviegas Network Guru Member

    Default lifetimes are fine, provided that both sides have the same values.
    Besides turning Keep alive an DPD on, the only thing I've ever seen that can cause this is a poor connection on either side, enough to impair a key exchange. A faulty connection can cause a key exchange to fail badly.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice