Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

rv215w not initiating vpn connection

Hi,

Can someone tell me why rv215w is not initiating the site to site vpn connection ?

I configured the connection with the ASA5505 and everything is working

beautifuly if the connection is initiated from the remote site (eg. ping from the remote network),

but if tunnel is disconnected and I want to establish connection from the

network behind the RV215 then it is not possible.

RV215 is not able to initiate the ipsec connection ?

Regards

Michal Witkowski

Everyone's tags (5)
5 REPLIES
Bronze

rv215w not initiating vpn connection

Dear Michal,

Thank you for reaching the Small Business Support Community.

I would first suggest you to make sure "Perfect Forward Secrecy" setting is disable on the ASA and "PSF Key group" uncheck under the "Advanced VPN settings>Auto Policy Parameters" on the RV215.  If already disabled on both sides and the problem persists, I then suggest you to set the "VPN Advanced settings>Exchange Mode" to "Main" and not "Aggressive" on both sides.  Uncheck the "Dead Peer Detection" if the problem persists.  If no difference please screenshot and send the "Advanced VPN Setup" settings for us to check them out. 

Make sure you run the latest firmware release version v1.1.0.5 on the RV215;

http://software.cisco.com/download/release.html?mdfid=284436489&flowid=37822&softwareid=282487380&release=1.1.0.5&relind=AVAILABLE&rellifecycle=&reltype=latest

Just in case you may need it, below is a link for the admin guide where on chapter 5 describes the VPN parameters I mentioned;

http://www.cisco.com/en/US/docs/routers/csbr/rv215w/administration/guide/78-20779.pdf

I'll be looking forward to your reply.

Kind regards,

Jeffrey Rodriguez S. .:|:.:|:.
Cisco Customer Support Engineer

*Please rate the Post so other will know when an answer has been found.

Jeffrey Rodriguez S. .:|:.:|:. Cisco Customer Support Engineer *Please rate the Post so other will know when an answer has been found.
New Member

rv215w not initiating vpn connection

Hi,

thanks for your answer.

Can you tell me why PFS should be disabled ?

RV215 can't initiate the vpn connection if PFS is enabled ?

What if I want to use this security feature ?

Exchange mode is set to Main.

I also dont anderstand why shoul I disable "Dead Peer Detection" ?

I thought that this function is for keeping the tunnel up ?!

Once again, the tunnel is set up an working great, but only if initiated from the ASA side.

The problem is that the RV215 can't reinitiate the tunnel when needed. It can be done only from the ASA side.

Will disabling PFS and DPD help me with this problem ?

Regards

Michal

New Member

rv215w not initiating vpn connection

Still need help with this...

Bronze

rv215w not initiating vpn connection

Dear Michal,

Thank you for your time and I apologize for the delay on my answer.

My suggestion to disable some features were intended for troubleshooting purposes only, to determine a possible solution to the actual problem.  In order to get a prompt support I now suggest you to get in contact with the Small Business Support Center directly to have an engineer figure this out;

https://supportforums.cisco.com/community/netpro/small-business/sbcountrysupport

Please do not hesitate to reach me back if there is any further assistance I may help you with in the meantime.

Thanks again for your time and patience,

Jeffrey Rodriguez S. .:|:.:|:.
Cisco Customer Support Engineer

*Please rate the Post so other will know when an answer has been found.

Jeffrey Rodriguez S. .:|:.:|:. Cisco Customer Support Engineer *Please rate the Post so other will know when an answer has been found.
New Member

Hi ! may I ask for your help

Hi !

 

may I ask for your help ?

I am trying to setup a site2site vpn between a RV215W and a mikrotik gateway.

I've used the Basic VPN Setup wizard - entered all basic details. encryption domain etc..

when trying to ping the remote lan (encr. domain 10.100.0.0/24) - ping 10.100.0.1 - I can't see

any tunnel-negotation.. sometimes I can see a plain ping from my routers wan ip address to 10.100.0.1 - without being tunneled.

 

any ideas ?

 

 

thx

H-.

1100
Views
0
Helpful
5
Replies
CreatePlease login to create content