×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Problems connecting Android 4.4. with IPSec - VPN on RV320

Unanswered Question
Jun 3rd, 2014
User Badges:

hey @ all

i added an easyVPN client to gateway tunnel on my cisco rv320

- Group Name

- Shared Secret

- localDatabase Authentication

- connect with ios works fine :-)

 

afterwards I tried to connect an android 4.4. device (xperia z); I Used ipsec /xauth / PSK and added the group name and the shared secret;

when I try to connect i receive the following error:

[grpips0][8] 192.168.1.0/24=== ...192.168.1.105===? #10: [Tunnel Authorize Fail] received Hash Payload does not match computed value

any connection parameters (group name, shared secret, user pass wer checked / added more than 5 times :-( )

does anyone else have a similar problem... any workaround(s)? any solutions(?)

thanks in advance

yours christoph

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
cparrilla Tue, 09/09/2014 - 10:55
User Badges:

Having similar issue on Apple IOS Devices (iphone and ipad).

Were you able to get any workaround or solution on this issue?

My thoughts are that due to the fact VPN is being configured as  EasyVpn, it does not give you any options at all. No Hash Payload, options or anything. Hopefully Cisco chimes in here.

IOS 7.1.2

Cisco RV320 v1.1.1.06 (2013-12-06, 11:02:37)

Error:

[grpips0][23] 192.168.1.0/24=== ...24.191.78.207===? #220: [Tunnel Authorize Fail] received Hash Payload does not match computed value

cparrilla Tue, 09/09/2014 - 11:08
User Badges:

I actually did a bit more searching and, at least in my case, the issue i'm experiencing is a known issue. View details below which are in the release notes for firmware 1.1.1.06. I changed from Split to full and it worked but now all traffic does out of my tunnel instead of just the traffic in the network i'm vpn'ing to. I just wish Cisco would fix this problem. My clients connect over Cellphone provider and if they connect via the Full tunnel, it will cause more data usage.

Issue Carried over from Release 1.1.0.09
IPsec VPN Clients Cannot Connect to EZVPN by using Split Mode 
(CSCuf25163)
iPhones, iPads, and iPods have difficulty establishing a VPN tunnel for EZVPN split 
mode. 
Solution: Use EZVPN full tunnel mode

Andrew Rankin Sun, 09/21/2014 - 12:47
User Badges:

I doubt any of the VPN config options in Android match the Cisco EasyVPN config. VPN setup seems ultra finicky.

Anyway, I'd also really like to get this working, and am really surprised not to find some solid info explaining how to do this.

It really should be possible to configure one of the other RV320 IPSec options to work with one of the Android IPSec VPN types... can someone from Cisco please advise... (not SSL VPN please).

 

Note: I was able to get a PPTP VPN set up between my Android and the RV320 (but from what I can see on the web, PPTP is not the most secure. So I'd prefer to leave it switched off).

If you haven't already tried it (and would like to), here are the steps to set that up:

  1. Create a user in the User Management settings if necessary
  2. In the PPTP Server options under VPN settings - Enable it and click Save
  3. On your Android device - create a PPTP VPN pointing to your server's public IP address
  4. When connecting, enter the user name and password you created in step 1

Works for me!

Actions

This Discussion