Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

RV110W VPN Frustration

I have two locations that need a site to site VPN tunnel.

I have installed 2 RV110W routers at each location.

Trying to do the basic VPN setup, I am ending up with a IPSEC SA not established.

I have setup VPN's before but using Windows Server.

Am I missing something basic?

Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Hello machater_2000,      

Hello machater_2000,

       Thank you for that information.  The address scheme does not look like it is an issue with the establishment of the tunnel unless one of the sites has a private address on the WAN.  The logs may give us the best information as to why the tunnel is not establishing.  We would need the logs from both sides after an attempted connection.  I know it may sound like ridiculous, but after the tunnel configurations, have you tried rebooting each of the routers and then try to connect again.  I have found that sometimes the routers need a reboot after config of a VPN for the tunnel to come up.  If you don't feel comfortable putting information here, you can call 1-866-606-1866 and open a case with the SBSC and they would be able to securely support the networks.  Thanks machater_2000.

4 REPLIES
New Member

Hello machater_2000,     

Hello machater_2000,

      Sorry the VPN tunnel is not establishing.  More information is needed.  What does the configurations on each side look like?  What is the WAN IP addresses used?  Have you enabled logging on the routers and looked as to what the logs say?  If you could upload the logs and screenshots of the configs from each router, along with IP addresses used, we may be able to get this working.  Thanks machater_2000.

New Member

For security reasons I am not

For security reasons I am not going to load the WAN IP addresses and PreShared key.

Newest firmware is installed on both routers.

Site A & B - new install at both locations.

Used the BASIC VPN SETUP (defaults settings)

 

SITE A - Connection Name - unique name

PreShared key - unique key

Remote EndPoint - IP Address

Remote WAN IP - remote WAN IP xx.xx.xx.xx

Local WAN IP - local WAN IP xx.xx.xx.xx

 

Remote LAN network IP Address - 192.168.1.0

Remote Subnet - 255.255.255.0

Local LAN network address - 10.0.0.0

Local Subnet - 255.255.255.0

----------------------------------

SITE B - Connection Name - unique name

PreShared key - unique key (same as site A)

Remote EndPoint - IP Address

 

Remote WAN IP - remote WAN IP xx.xx.xx.xx

Local WAN IP - local WAN IP xx.xx.xx.xx

Remote LAN network IP Address - 10.0.0.0

Remote Subnet - 255.255.255.0

Local LAN network address - 192.168.1.0

Local Subnet - 255.255.255.0

New Member

Hi I hope this is not

Hi 

I hope this is not sufficient for establishing VPN this is only routing based information you have provided.

You need to have a poilcy where you define all the athentication methods like

1) Encryption Algorithm

2) Authentication Algorithm

3) Authentication mode 

4) DH Group (Key Group)

5) Key Life etc., 

You need to create a tunnel where it should be binded with a policy thats how a IPSec tunnel work in any plat form.

Thanks

NagarajChengeli 

 

 

New Member

Hello machater_2000,      

Hello machater_2000,

       Thank you for that information.  The address scheme does not look like it is an issue with the establishment of the tunnel unless one of the sites has a private address on the WAN.  The logs may give us the best information as to why the tunnel is not establishing.  We would need the logs from both sides after an attempted connection.  I know it may sound like ridiculous, but after the tunnel configurations, have you tried rebooting each of the routers and then try to connect again.  I have found that sometimes the routers need a reboot after config of a VPN for the tunnel to come up.  If you don't feel comfortable putting information here, you can call 1-866-606-1866 and open a case with the SBSC and they would be able to securely support the networks.  Thanks machater_2000.

79
Views
0
Helpful
4
Replies