Setup WRV210 Vpn with Symantec 360 Router

Unanswered Question
Jun 21st, 2010
User Badges:

I have been attempting to setup a router to router VPN between a Symantec 360 router and a

WRV210.  I have tried a number of different configurations and haven't been able to get

the VPN up and running.  It would appear that I have the proper Security methods enabled on both end but it

still doesn't work.  Has anyone had experience with configuring a VPN with these 2 routers?  Are the VPN negotiations compatible?

Any input would be much appreciated.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Federico Coto F... Mon, 06/21/2010 - 13:40
User Badges:
  • Green, 3000 points or more


Does the tunnel come up at all?

The VPN will first establish phase 1, then phase 2 and finally will pass traffic through the tunnel.

You need to make sure if the encryption, hashing, etc parameters match in both phases.

Are you getting any logs or errors that might help us know where the problem is?


twalsh226 Mon, 06/21/2010 - 13:50
User Badges:

Here is the log I am getting from the WRV210

000 "TunnelA":     srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "TunnelA":   ike_life: 28800s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
000 "TunnelA":   policy: PSK+ENCRYPT+TUNNEL+PFS+UP+AGGRESSIVE; prio: 24,24; interface: ppp0;
000 "TunnelA":   newest ISAKMP SA: #484; newest IPsec SA: #0;
000 "TunnelA":   IKE algorithms wanted: 5_000-2-2, flags=strict
000 "TunnelA":   IKE algorithms found:  5_192-2_096-2,
000 "TunnelA":   IKE algorithm newest: 3DES_CBC_192-SHA1-MODP1024
000 "TunnelA":   ESP algorithms wanted: 3_000-2, flags=strict
000 "TunnelA":   ESP algorithms loaded: 3_000-2, flags=strict
000 #485: "TunnelA":500 STATE_QUICK_I1 (sent QI1, expecting QR1); EVENT_RETRANSMIT in 2s; nodpd
000 #484: "TunnelA":500 STATE_AGGR_I2 (sent AI2, ISAKMP SA established); EVENT_SA_REPLACE in 28174s; newest ISAKMP; nodpd

The local subnet, Remote Subnet and Remote Security Gateway are correct:

Key Settings

Key Exchange IKE Auto

Operation mode: Aggressive

ISAKMP Encrypt Method: 3DES

ISAKMP Auth Method: SHA1

ISAKMP DH: Group 2

ISAKMP Lifetime: 28800    

PFS Enabled

IPSec Encrypt: 3DES

IPSec Auth: SHA1

IPSec Lifetime: 28800

I have mirrored these settings on the Symantec router through the Dynamic VPN tab and the VPN Policy Tab.


This Discussion

Related Content