RVS4000 VPN peer declares private address

Unanswered Question
Jan 1st, 2010
User Badges:

I am trying to set up a site-to-site VPN tunnel through an RVS4000.  Keeps dying with "we require peer to have ID '24.234.1.1', but peer declares '10.1.1.1'".  I have the option to set the Remote Gateway via "IP+FQDN Hostname", but that would require changes on the other end to send a hostname, and I dont have control over the other end.  There is a setting for "Any", which doesnt make much sense, since it removes the ability to enter an IP Address.  Is this only for inbound connections?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Alejandro Gallego Sun, 01/03/2010 - 19:41
User Badges:
  • Cisco Employee,

That error would mean that the remote router is most likely set up as a One-To-One NAT. Which means that the public IP address is being forwarded to the router whose "Actual" WAN IP address is 10.1.1.1. For most applications this set up is just fine but for IPSec it will not work (some enterprise routers allow us to change settings to allow this to function but not the RVS).


The "ANY" setting is exactly for what you are stating, you can use this setting to enable a "Client to Gateway" connection and may help in your situation so long the other side maintains the connection.

Hope this helps.

Actions

This Discussion