Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN connection problem between SRP 500 series.

Hi,

I have 3 (three) SRP 527W modems in different location and tried to configured VPN among them. Two (2) modems can easily connected by each other by VPN but 3rd cannot connect to any one.

Details Modem 1 :- it is running 4 VPN connection with different modems & locations but cannot establish VPN with Modem# 3

Model: SRP527W, ADSL2+ AnnexA, 802.11n ETSI, 2FXS/1FXO
Version ID: V01
Hardware Version: 4.1.0
Boot Version: 1.1.22 (Feb 22 2011 - 09:42:55)
Firmware Version: 1.2.4 (003) Jan 11 2012
ADSL Firmware Version: 0.76.0
Recovery Firmware: 1.02.02 (009)
WAN MAC Address: D4:A0:2A:33:23:E8
Current Time: Wed, 20 Apr 2016 09:55:10
Wireless: 1 SSID Enabled

Modem# 2 :- It can establish VPN connection with Modem 1 but not modem 3. Also it can connects with other modem by VPN.

Model: SRP527W, ADSL2+ AnnexA, 802.11n ETSI, 2FXS/1FXO
Version ID: V01
Hardware Version: 4.0.0
Boot Version: 1.1.17 (Jan 4 2010 - 21:15:46)
Firmware Version: 1.01.29 (002) Mar 29 2013
ADSL Firmware Version: 0.78.0
Recovery Firmware: 1.01.20 (011)
Setup Wizard Version: 20110728.00
WAN MAC Address: 28:93:FE:4A:9F:58
Current Time: Wed, 20 Apr 2016 09:55:28
WAN: WAN1 (1 PVC Enabled)
LAN: VID (1 VLAN Enabled)
Wireless: 1 SSID Enabled

Modem# 3, It cannot establish VPN connection with any one. Other all functions are good: ADSL, LAN , port forward  or wifi.

Details;-

First, I tired

Firmware Version: 1.01.23 (006) Jun 17 2011
ADSL Firmware Version: 0.70.0
Recovery Firmware: 1.01.20 (011)


and then

Firmware Version: 1.01.27 (007) Jun 15 2012
ADSL Firmware Version: 0.78.0
Recovery Firmware: 1.01.20 (011)
Setup Wizard Version: 20101106.00

and in last

Model: SRP527W, ADSL2+ AnnexA, 802.11n ETSI, 2FXS/1FXO
Version ID: V01
Hardware Version: 4.1.0
Boot Version: 1.1.22 (Feb 22 2011 - 09:42:55)
Firmware Version: 1.01.29 (002) Mar 29 2013
ADSL Firmware Version: 0.78.0
Recovery Firmware: 1.01.20 (011)
Setup Wizard Version: 20110728.00
WAN MAC Address: 20:37:06:3A:8B:50
Current Time: Tue, 19 Apr 2016 19:41:51
WAN: WAN1 (1 PVC Enabled)
LAN: VID (2 VLAN Enabled)
Wireless: 0 SSID Enabled

I have created IKE policy and IPsec policy as under

Policy Name ABCD
Exchange Mode Main
Encryption Algorithm 3DES
Authentication Algorithm MD5
Diffie-Hellman (DH) Group Group 1 (768 bit)
Auto Pre-Shared Key 12ABCD3456
Enable Dead Peer Detection Enable
DPD Interval 10
DPD Timeout 5
XAUTH client enable Disable
User Name
Password

IPSec Details
Name
Value
Status Enable
Policy Name ABCD to R2
Local Group Type IP Address & Subnet
Local Group IP Address 10.0.4.1
Local Group IP Subnet 255.255.255.0
Remote Endpoint IP Address
Remote security gateway address 144.0.0.0 (I changed here)
Remote security domain name
Remote group type IP Address & Subnet
Remote group IP 10.0.3.1
Remote group Subnet Mask 255.255.255.0
Encrypted algorithm 3DES
Integrity algorithm MD5
Police type Auto
Manual encryption key
Manual auth key
Inbound SPI
Outbound SPI
PFS Enable
Key life time 7800
Now using IKE police ABCD to R2

Please let me know for the above scenario.

Regards

agkha-au

2 REPLIES
New Member

2nd pic of Modem 3

2nd pic of Modem 3

New Member

2nd pic of Modem 3

2nd pic of Modem 3

190
Views
0
Helpful
2
Replies
CreatePlease login to create content