VPN gateway to gateway with Two RV042 constantly lost connection.

Chartsiri Ratanacharoensiri · ‎07-11-2012

My two RV042 , one at home and the other one at my working site , both using Ddns (dyndns.org) , constantly lost VPN connection after successfully connected.

Both Firmware are identical.

The VPN configuration are ;

Home to Site
Interface : WAN1
Local Group Setup
Local Security Gateway Type = IP Only
IP Address XX.XX.XX.XX
Local Security Group Type Subnet
IP Address : 192.168.5.0
Subnet Mask : 255.255.255.0

Remote Group Setup
Remote Security Gateway Type : IP Only
IP By DNS Revolved : XXXXXXXX.dyndns.org
Remote Security GroupType : Subnet
IP Adress : 192.168.0.0
Subnet Mask 255.255.0

IPSec Setup : IKE with Preshared Key

Disabled : Perfect Forward Secrecy and Minimum Preshared Key Complexity

Advance

Enabled : Keep Alive , Dead Peer Detection Interval 10 seconds

Site to Home
Interface : WAN1
Local Group Setup
Local Security Gateway Type = IP Only
IP Address XX.XX.XX.XX
Local Security Group Type Subnet
IP Address : 192.168.0.0
Subnet Mask : 255.255.255.0

Remote Group Setup
Remote Security Gateway Type : IP Only
IP By DNS Revolved : XXXXXXXX.dyndns.org
Remote Security GroupType : Subnet
IP Adress : 192.168.5.0
Subnet Mask 255.255.0

IPSec Setup : IKE with Preshared Key

Disabled : Perfect Forward Secrecy and Minimum Preshared Key Complexity

Advance

Enabled : Keep Alive , Dead Peer Detection Interval 10 seconds

I have been talking to Cisco Online support for 3 days with 3 different cisco online support engineers. I still haven't got any solution to my problem.

The devices connect last Sunday and working for 2 days , then they lost connection.

I recently enable Aggressive mode of Monday , but connects then got lost by the next to.

The lastest configuration is suggested by cisco engineer from my last online chat session.

He suggest to turn Aggressive mode off , along with Perfect Forward Secrecy and Minimum Preshared Key Complexity.

The VPN tunnel isn't working after the that too.

Sample logs from Home's device

Jul 12 10:14:10 2012 VPN Log (g2gips0) #52: starting keying attempt 6 of an unlimited number  
Jul 12 10:14:10 2012 VPN Log (g2gips0) #53: initiating Main Mode to replace #52  
Jul 12 10:14:10 2012 VPN Log (g2gips0) #53: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet  
Jul 12 10:14:10 2012 VPN Log (g2gips0) #53: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet  
Jul 12 10:27:20 2012 VPN Log (g2gips0) #53: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message  
Jul 12 10:27:20 2012 VPN Log (g2gips0) #53: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message  
Jul 12 10:27:20 2012 VPN Log (g2gips0) #53: starting keying attempt 7 of an unlimited number  
Jul 12 10:27:20 2012 VPN Log (g2gips0) #54: initiating Main Mode to replace #53  
Jul 12 10:27:20 2012 VPN Log (g2gips0) #54: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet  
Jul 12 10:27:20 2012 VPN Log (g2gips0) #54: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet

Sameple logs from Site's device

Jul 12 09:35:07 2012      VPN Log      (g2gips0) #660: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jul 12 09:35:07 2012      VPN Log      (g2gips0) #660: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jul 12 09:35:07 2012      VPN Log      (g2gips0) #660: starting keying attempt 3 of an unlimited number
Jul 12 09:35:07 2012      VPN Log      (g2gips0) #661: initiating Main Mode to replace #660
Jul 12 09:35:07 2012      VPN Log      (g2gips0) #661: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
Jul 12 09:35:07 2012      VPN Log      (g2gips0) #661: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
Jul 12 09:48:17 2012      VPN Log      (g2gips0) #661: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jul 12 09:48:17 2012      VPN Log      (g2gips0) #661: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jul 12 09:48:17 2012      VPN Log      (g2gips0) #661: starting keying attempt 4 of an unlimited number
Jul 12 09:48:17 2012      VPN Log      (g2gips0) #662: initiating Main Mode to replace #661
Jul 12 09:48:17 2012      VPN Log      (g2gips0) #662: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
Jul 12 09:48:17 2012      VPN Log      (g2gips0) #662: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
Jul 12 10:01:27 2012      VPN Log      (g2gips0) #662: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jul 12 10:01:27 2012      VPN Log      (g2gips0) #662: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jul 12 10:01:27 2012      VPN Log      (g2gips0) #662: starting keying attempt 5 of an unlimited number
Jul 12 10:01:27 2012      VPN Log      (g2gips0) #663: initiating Main Mode to replace #662
Jul 12 10:01:27 2012      VPN Log      (g2gips0) #663: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
Jul 12 10:01:27 2012      VPN Log      (g2gips0) #663: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
Jul 12 10:14:37 2012      VPN Log      (g2gips0) #663: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jul 12 10:14:37 2012      VPN Log      (g2gips0) #663: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jul 12 10:14:37 2012      VPN Log      (g2gips0) #663: starting keying attempt 6 of an unlimited number
Jul 12 10:14:37 2012      VPN Log      (g2gips0) #664: initiating Main Mode to replace #663
Jul 12 10:14:37 2012      VPN Log      (g2gips0) #664: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
Jul 12 10:14:37 2012      VPN Log      (g2gips0) #664: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
Jul 12 10:27:47 2012      VPN Log      (g2gips0) #664: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jul 12 10:27:47 2012      VPN Log      (g2gips0) #664: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jul 12 10:27:47 2012      VPN Log      (g2gips0) #664: starting keying attempt 7 of an unlimited number
Jul 12 10:27:47 2012      VPN Log      (g2gips0) #665: initiating Main Mode to replace #664
Jul 12 10:27:47 2012      VPN Log      (g2gips0) #665: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
Jul 12 10:27:47 2012      VPN Log      (g2gips0) #665: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
Jul 12 10:40:57 2012      VPN Log      (g2gips0) #665: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jul 12 10:40:57 2012      VPN Log      (g2gips0) #665: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jul 12 10:40:57 2012      VPN Log      (g2gips0) #665: starting keying attempt 8 of an unlimited number
Jul 12 10:40:57 2012      VPN Log      (g2gips0) #666: initiating Main Mode to replace #665
Jul 12 10:40:57 2012      VPN Log      (g2gips0) #666: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet

Today , they still won't connect.

One last thing I haven't tried is to reset my Site's router because it is 16 miles away from my house.

Harish Kumar Khanchandani · ‎01-16-2014

I also have same problem.I am trying to establish new VPN from Dubai to Geneva and getting the same message.

Can anyone help.