Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Trouble Setting Up VPN - RV042 v3

Hi guys,


I just bought a Cisco/Linksys RV042 version 3 and am having trouble getting my Macbook Pro running IPSecuritas to establish a client to gateway VPN tunnel.

 

I get an "Error - IKE - none message must be encrypted" message in the IPSecuritas connection log. It will keep retrying which results in the same error. Eventually it just gives up.

 

I am pretty sure I have the settings on the router end and Macbook end of the VPN configured identically.

 

Here is a screenshot of the RV042 configuration page. Any input would be greatly appreciated, thanks.

7 REPLIES
Cisco Employee

Trouble Setting Up VPN - RV042 v3

Hi Harry,


since this question is about a product in the Cisco Small Business / Linksys range, I suggest you move it to the community, where you will have a better chance of getting expert advice.


best regards,

Herbert
Cisco Moderator

New Member

Trouble Setting Up VPN - RV042 v3

i have the same problem, but now answer ... please help.

i think it is a bug.....

New Member

Trouble Setting Up VPN - RV042 v3

Hi Stephan,

Take a look at this guide: https://supportforums.cisco.com/docs/DOC-10266

It helped me get the VPN to work.

New Member

Trouble Setting Up VPN - RV042 v3

thanks, but i have now also errors.

please post your working configuration from rv042 an ipsecuritas.

thanks

stephan

New Member

Re: Trouble Setting Up VPN - RV042 v3

Stephan,

The RV042 configuration is in my original post.  It hasn't changed.

Here is the IPSecuritas configuration

  1. General
    • Remote IPSec Device:
    • Local Side - Endpoint Mode: Host
    • Local Side - IP Address: Leave this blank
    • Remote Side - Endpoint Mode: Network
    • Remote Side - Network Address: 192.168.2.0
    • Network Mask (CIDR): 24
    • NOTE: These are my settings and they might not work for you.  For instance, when connecting to the VPN from a remote location that uses the 192.168.2.x subnet, the VPN will not work due to address collision.
  2. Phase 1
    • Lifetime: 28800 Seconds
    • DH Group: 1024 (2)
    • Encryption: AES 256
    • Authentication: SHA-1
    • Exchange Mode: Main
    • Proposal Check: Obey
    • Nonce Size: 16
  3. Phase 2
    • Lifetime: 3600 Seconds
    • PFS Group: 1024 (2)
    • Encryption: AES 256
    • Authentication: HMAC SHA-1
  4. ID
    • Local identifier: User FQDN / user@home.private
    • Remote identifier: User FQDN / user@home.private
    • Authentication Method: Preshared Key /
  5. DNS
    • leave "enable domain specific DNS servers" unchecked unless needed
  6. Options (put a check mark next to the following)
    • IPSec DOI
    • SIT_IDENTITY_ONLY
    • Initial Contact
    • Request Certificate
    • Send Certificate
    • Unique SAs
    • IKE Fragmentation

Hope that helps.

New Member

Trouble Setting Up VPN - RV042 v3

Hey Harry,

were you able to solve this issue sucessfully?

I have noticed, that your config of ipSecuritas uses the "Main Mode" whereas I am always using "Agressive Mode" VPNs for Client to Gateway Setups (I think I had to due to the Cisco RV042).

Funny thing that I am experiencing here is:

VPNs IPsec <-> Cisco RV042 first generation work

VPNS IPsec <-> Cisco RV042 latest generation (newest 4.1...Firmware) does not work

IPsec is always complaining about "none message must be encrypted" and I assume that the "Phase 1" cannot be established but I have no clue anymore. (did try different setup combinations).

Thank you for any clarification whether you managed it or your workaround.

Stefan

New Member

Trouble Setting Up VPN - RV042 v3

Hi Stefan,

Yes I was able to establish a VPN tunnel successfully using the settings above.  For me, Aggressive Mode would not work regardless of any other setting that I changed, so I set it to Main Mode.  I'm still running on 4.0.4.02 firmware.  Haven't tried the 4.1 firmware yet.  Maybe they haven't ironed out the bugs?  I can't think of much else that might help you as this would be my first time working with VPNs.

Harry

5366
Views
5
Helpful
7
Replies
CreatePlease login to create content