cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
15001
Views
0
Helpful
21
Replies

rv042 vpn dropped

jcsoucy01
Level 1
Level 1

Hi

Sometime we have a problem with some custumers with a  (all day  and don’t reconnect automatiquely). We’ve try many configuration and update, mtu size, new rv042 and it’s don’t resolve the problem

Other custumers  have this problem but  one time in a mouth or 2 or 3 mouth.

We’ve trying other router from another brand and resolve the problem in one place. We don’t want to change all custumers for the new router we want to keep rv042 because we like it and about 60 was install in many place.

Thanks for your help

1 Accepted Solution

Accepted Solutions

Steven DiStefano
VIP Alumni
VIP Alumni

There are many hops between any two routers involved in a site-to-site (gateway to gateway) VPN and it is impossible to comment about what is happening in your case.   Are you using dead peer detection and keep alive on BOTH sides of this IPsec tunnel?   Are both sides RV042?  Do you have LOGs for the case where the tunnel fails and doesnt automatically reestablish as it should?

Let us know.

Steve DiStefano

SE Small Business Sales U.S.

View solution in original post

21 Replies 21

Steven DiStefano
VIP Alumni
VIP Alumni

There are many hops between any two routers involved in a site-to-site (gateway to gateway) VPN and it is impossible to comment about what is happening in your case.   Are you using dead peer detection and keep alive on BOTH sides of this IPsec tunnel?   Are both sides RV042?  Do you have LOGs for the case where the tunnel fails and doesnt automatically reestablish as it should?

Let us know.

Steve DiStefano

SE Small Business Sales U.S.

Hi

M.DiStefano

I'm using in both side RV042 and the same firmware (1.3.12.6-tm), DPD, Keep Alive is using. No we don't have access to log because the router don't knwow it was disconnected, when we look at vpn status, it ask connected but in reality it is not connected we are unable to ping the remote adress. we disconnect manually the connexion and then reconnect automatiquely and work after 3 second correctly. After a time same problem come back.

If you need other information don't hésitate.

Thanks for you help.

ciscodavew
Level 1
Level 1

We are experiencing the same thing with the same firmware version. One end of the gateway-to-gateway VPN is set as Dynamic IP + E-mail Addr and the other as IP Only (both RV042s). Since web searches reveal that this problem has been occurring for well over a year, I'm wondering if anyone might have at least a workaround for this problem. If the problem won't be fixed in the firmware anytime soon (in this case, DPD is clearly broken), are there any suggestions for a client application that will send a keepalive through the tunnel and then automatically log into the RV042 web interface to disconnect the VPN when down for X number of seconds? I also have several RV042 routers deployed that I chose specifically for its unique capabilities and don't want to replace them, but I wasn't counting on this critical problem causing me to babysit multiple VPNs.

Would you try the following workaround?

Enable DPD on both ends of the site-to-site VPN tunnel, but only enable Keep-Alive on the branch office, which is more likely to send traffic to the cental site. This way if the tunnel does disconnect for whatever reason, one side of the tunnel will take the responsibility to initiate the IKE to reconnect.

Ideally we want to have Keep-Alive enabled on both sides of the tunnel so as soon as a end point finds its peer dead, it can reconnect right away. But under certain timing, it might have caused the IKE to enter into a dead-lock state where both ends try to reconnect but no one can succeed.

One of the VPNs is already set up this way as I've tried different combinations to make this go away. With the static IP endpoint set without keep-alives, the problem seems to occur as often as it did with it set. The underlying DSL connectivity remains perfectly stable when the "outage" occurs. The VPN recovers gracefully when there is a glitch in the DSL connectivity or when the IP address changes, so this appears to be a unique issue that is not caused by connectivity problems.

Could you or someone that has a similar issue open a ticket at the Tech Support so we can investigate the issue further and quickly come up with a fix? The product team needs some customers to verify the solution if it exists.

Since I hate jumping through the hoops and dealing with first tier support that usually goes along with opening trouble tickets, I am going to try something new to see if it works. All instances I've seen reported on the problem have been with a dynamic-to-static VPNs. I will be reconfiguring one of the tunnels as dynamic-to-dynamic despite one side actually having a static IP address. If this works, I won't pursue the matter further; if not, I'll either be opening a ticket or finding replacement hardware.

Thanks for the suggestions.

Good Morning,

To follow up on the earlier comment, I would call into the Cisco support to get a ticket open, this maybe something that can be resolved very easily....

RV042 new firmware has been posted. Hope it can fix your VPN issues.

Hi

After 1 month and a half the problem still there. A little step was done the connexion stay more time than before but the router say VPN connected and the connexion was lost.

Thanks for your help.

Unfortunately it doesn't fix my problem for me. I updated both RV042 to the 1.3.12.19-tm but I still have frequently some strange VPN disconnections...

Also I can't use the keep-alive setting because with this option enable on both side the VPN tunnel doesn't connect.

My configuration is same on both side, I attached it.

Any news about this issue?

Could you try checking the Keep Alive option only on one side of the tunnel?

I just did it and the VPN is connected now. I'll launch a ping all night and have a look tomorrow.

Thanks

After test even with the Keep Alive option checked, same problem : the VPN is showed "connected" on the web admin but not working. I waited 15minute and clicked on the button "disconnect" and the vpn started again to work correctly...


Any advises? What should I do (already 6months that we have this problem)?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: