Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
433
Views
0
Helpful
1
Replies

Failed to connect to VPN

larrywa01
Level 1
Level 1

‎01-04-2014 12:06 PM - edited ‎03-11-2019 08:25 PM

I have an RV120W and I'm trying to create a second VPN on my device.  The first VPN, with all the same settings is still able to connect just fine but when I created a new VPN policy with a different remote IP connection (gateway), I receive this error:

                  

2014-01-04 15:00:50: [rv120w][IKE] INFO:  accept a request to establish IKE-SA: 29.96.21.198

2014-01-04 15:00:50: [rv120w][IKE] INFO:  Configuration found for 29.96.21.198.

2014-01-04 15:00:50: [rv120w][IKE] INFO:  Initiating new phase 1 negotiation: 69.132.216.55[500]<=>29.96.21.198[500]

2014-01-04 15:00:50: [rv120w][IKE] INFO:  Beginning Identity Protection mode.

2014-01-04 15:00:50: [rv120w][IKE] INFO:   [ident_i1send:180]: XXX: NUMNATTVENDORIDS: 3

2014-01-04 15:00:50: [rv120w][IKE] INFO:   [ident_i1send:184]: XXX: setting vendorid: 4

2014-01-04 15:00:50: [rv120w][IKE] INFO:   [ident_i1send:184]: XXX: setting vendorid: 8

2014-01-04 15:00:50: [rv120w][IKE] INFO:   [ident_i1send:184]: XXX: setting vendorid: 9

2014-01-04 15:01:21: [rv120w][IKE] ERROR:  Invalid SA protocol type: 0

2014-01-04 15:01:21: [rv120w][IKE] ERROR:  Phase 2 negotiation failed due to time up waiting for phase1.

2014-01-04 15:01:23: [rv120w][IKE] ERROR:  Could not find configuration for 192.168.1.159[500]

2014-01-04 15:01:23: [rv120w][IKE] ERROR:  Invalid exchange type 243 from 192.168.1.159[500].

192.168.1.159 is the machine I am running the router UI on.

All the security settings for encryption algorithms etc are correct for what is needed, plus they are the same as the original running VPN.

Any ideas?

Labels:
0 Helpful
1 Reply 1

larrywa01
Level 1
Level 1

‎01-05-2014 04:11 AM

The important thing to note about this issue is that I believe this is a device issue, either configuration or limitation, not an issue on the remote gateway end.

As I stated above, I have one VPN already setup pointing to the same kind of environment and it works fine, the only difference is the remote gateway address, and I've reconfigured that multiple times just to make sure there were no problems there.

So regarding the RV120W, I have a single public IP address supplying the device. Can this device handle multiple VPNs (different remote gateway addresses and remote subnet addresses) while using a single source IP address to the device itself.

I have also tried disabling the VPN that is working to see if the other VPN can be enabled. Both VPNs are 'enabled' but when you go to physically connect, the new VPN will not connect no matter whether the original VPN is connected or not.

Thanks!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card