Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
390
Views
0
Helpful
1
Replies

Concentrator 3005 to Linksys RV082 VPN

petterolsson
Level 1
Level 1

‎04-03-2007 01:46 PM

Hi guys,

We are trying to setup a Site-to-site VPN using a Cisco Concentrator 3005 and a Linksys RV082. I am quite positive we are having a configuration problem but not entirely sure what is it. My biggest problem is how the RV082 divides everything into phases and the Concentrator does not making it hard for us to match up the two. When I try and connect to the concentrator I get the following in my RV082 log:

Apr 3 13:39:57 2007 VPN Log Initiating Main Mode

Apr 3 13:39:57 2007 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet

Apr 3 13:39:58 2007 VPN Log Ignoring Vendor ID payload [4048b7d56ebce885...]

Apr 3 13:39:58 2007 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet

Apr 3 13:39:58 2007 VPN Log [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet

Apr 3 13:39:58 2007 VPN Log Ignoring Vendor ID payload Type = [Cisco-Unity]

Apr 3 13:39:58 2007 VPN Log Ignoring Vendor ID payload Type = [XAUTH]

Apr 3 13:39:58 2007 VPN Log Ignoring Vendor ID payload [ef900c67f96acdef...]

Apr 3 13:39:58 2007 VPN Log Ignoring Vendor ID payload [1f07f70eaa6514d3...]

Apr 3 13:39:58 2007 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet

Apr 3 13:39:58 2007 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet

Apr 3 13:39:58 2007 VPN Log Received Vendor ID payload Type = [Dead Peer Detection]

Apr 3 13:39:58 2007 VPN Log [Tunnel Negotiation Info] >>> Initiator Receive Main Mode 6th packet

Apr 3 13:39:58 2007 VPN Log Main mode peer ID is ID_IPV4_ADDR: 'X.X.X.X'

Apr 3 13:39:58 2007 VPN Log [Tunnel Negotiation Info] Main Mode Phase 1 SA Established

Apr 3 13:39:58 2007 VPN Log [Tunnel Negotiation Info] Initiator Cookies = 2fa 3bd2 94be 20c3

Apr 3 13:39:58 2007 VPN Log [Tunnel Negotiation Info] Responder Cookies = 1a57 ab7a f96b cdef

Apr 3 13:39:58 2007 VPN Log initiating Quick Mode PSK+TUNNEL

Apr 3 13:39:58 2007 VPN Log [Tunnel Negotiation Info] >>> Initiator send Quick Mode 1st packet

Apr 3 13:39:58 2007 VPN Log received Delete SA payload: deleting ISAKMP State #8

Anybody with experience setting this up? Any ideas regarding this would be much appreciated.

Thanks

Petter

Labels:
0 Helpful
1 Reply 1

Richard Burts
Hall of Fame
Hall of Fame

‎04-03-2007 07:00 PM

Petter

While my experience with the RV082 is a bit limited, I believe that we can make some observations about your issue. In general we can describe the IPSec negotiations as being in 2 phases: Main Mode and Quick Mode. Main Mode is oriented to negotiating the ISAKMP key exchange and establishing a secure encryption key and the first set of Security Associations (SA). This message:

Apr 3 13:39:58 2007 VPN Log [Tunnel Negotiation Info] Main Mode Phase 1 SA Established

indicates that Main Mode was successful. After Main Mode IPSec negotiates Quick Mode which is oriented to negotiating Security Associations for IPSec. Your messages indicate that this is not working.

I suggest that you compare the parameters configured on your 3005 and the parameters configured on the RC082. I suspect that something is not matching up.

HTH

Rick

HTH

Rick
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents