Solved

Linksys RV042 VPN connectivity problem

Posted on 2006-11-04
9
3,539 Views
Last Modified: 2008-01-09
Have a VPN connectivity between our branches using Cisco 2800 router and Linksys RV042. Everything was working fine, till I tried to make some changes in NAT and Port forwarding on RV042. Finally I undid the changes, but VPN stopped working. Status is 'waiting for connection'. Restarted and verified everything.

Settings seem to be the same, but the VPN is still down. I can not ping the Public IP of RV042 from Cisco 2800, but it is accessible from outside. Similarly, can not ping Remote gateway from(2800's IP) RV042.

Could it be a firmware corruption? Please help.
0
Comment
Question by:Rachelb
  • 5
  • 4
9 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 17872970
I assume the configuration has been restored to the original configuration ? I have set up dozens of RV042's, and on a couple of occasions I have found making a lot of changes when "tinkering" has resulted in lost connections such as you have described. The only solution I have found is to do a hard reset (hold the button on the back of the router) and re-configure all over again.

Tip #1:  :-)  When you have a working config, back it up. If you ever have to a hard reset, or replace the router it only takes a couple of minutes to restore the config.
0
 

Author Comment

by:Rachelb
ID: 17875575
Before trying that, I wanted to confirm it is the problem with RV042. When I trace route RV042 IP from Cisco Router, it goes up to Broadband router IP (which is connected to WAN port of RV042) and stops.

The problem with hard restting is, it is in a remote place. Non-technical people will be available for a short time. Could there be a block on the ISP side? (on the RV042 side?)
0
 

Author Comment

by:Rachelb
ID: 17875913
This is the log of RV042:

Ignoring Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-03]  
Nov 4 02:41:54 2006     VPN Log    Ignoring Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-02_n]  
Nov 4 02:41:54 2006     VPN Log    [Tunnel Negotiation Info] <<< Responder Received Main Mode 1st packet  
Nov 4 02:41:54 2006     VPN Log    [Tunnel Negotiation Info] >>> Responder Send Main Mode 2nd packet  
Nov 4 02:42:04 2006     VPN Log    Ignoring Vendor ID payload [439b59f8ba676c4c...]  
Nov 4 02:42:04 2006     VPN Log    Ignoring Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-03]  
Nov 4 02:42:04 2006     VPN Log    Ignoring Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-02_n]  
Nov 4 02:42:04 2006     VPN Log    [Tunnel Negotiation Info] <<< Responder Received Main Mode 1st packet  
Nov 4 02:42:04 2006     VPN Log    [Tunnel Negotiation Info] >>> Responder Send Main Mode 2nd packet  
Nov 4 02:42:14 2006     VPN Log    Ignoring Vendor ID payload [439b59f8ba676c4c...]  
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17876389
>>"Could there be a block on the ISP side? (on the RV042 side?)"
It is possible, but unlikely it would coincide with your adjustments. If someone is available at the remote site first have them unplug the power to the modem and router for 5 minutes, then plug the modem in, wait 1 minute and then the router. That might clear it up.

As for the log, I am not very good at diagnosing from the logs but "Ignoring Vendor ID payload " to me indicates the router is refusing the connection, probably due to an incorrect parameter such as pass-phrase or encryption setting. Are you sure it has been reset to the previous configuration?
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:Rachelb
ID: 17879376
Restarting did not work. Asked the person at the other end to hard reset it.
After that, they are able to ping 192.168.1.1.
Telnet 192.168.1.1 gives something like SME boot..
But, http://192.168.1.1 is giving 'page can not be displayed'  error.
They have the Setting backup as 'exp' file. Asked them to import it from the Web management.
Don't know why web management is not working.
Any idea how to proceed.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17880877
I have had Linksys routers become completely dis-functional before. As a matter of fact an RVL200 did almost the same thing to me last week. It must be a little bit common as Linksys supplies a repair tool/method. Seems you have to re-install the firmware when you can't get to the management console. However, to do so you need their little TFTP utility. The TFTP utility allows you to install the update remotely. Very simple and works well. It is available from:
  ftp://ftp.Linksys.com/pub/network/tftp.exe  
It comes with .pdf file instructions. You will also need the firmware file, I would recomend the most recent:
http://www.linksys.com/servlet/Satellite?c=L_Download_C2&childpagename=US%2FLayout&cid=1115417109974&packedargs=sku%3D1115416833192&pagename=Linksys%2FCommon%2FVisitorWrapper
I see the TFTP tool is now available from that site as well.
Once updated you should be able to re-import your .exp/config file. It will wipe the current configuration, and also it needs to be done from the lan, not over a remote WAN connection.

0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18005088
Rachelb, were you able to restore functionality to the RV042 ?
--Rob
0
 

Author Comment

by:Rachelb
ID: 18017242
Sorry Rob, for not posting earlier. We were able to access web management page, I sent them the .exp file, asked them to import. It worked. Don't know why it did not work last time.
Thank you for your help.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18019354
Thanks Rachelb, glad to hear you were able to resolve.
Cheers.
--Rob
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now