Solved

Linksys RV042 VPN connectivity problem

Posted on 2006-11-04
9
3,545 Views
Last Modified: 2008-01-09
Have a VPN connectivity between our branches using Cisco 2800 router and Linksys RV042. Everything was working fine, till I tried to make some changes in NAT and Port forwarding on RV042. Finally I undid the changes, but VPN stopped working. Status is 'waiting for connection'. Restarted and verified everything.

Settings seem to be the same, but the VPN is still down. I can not ping the Public IP of RV042 from Cisco 2800, but it is accessible from outside. Similarly, can not ping Remote gateway from(2800's IP) RV042.

Could it be a firmware corruption? Please help.
0
Comment
Question by:Rachelb
  • 5
  • 4
9 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 17872970
I assume the configuration has been restored to the original configuration ? I have set up dozens of RV042's, and on a couple of occasions I have found making a lot of changes when "tinkering" has resulted in lost connections such as you have described. The only solution I have found is to do a hard reset (hold the button on the back of the router) and re-configure all over again.

Tip #1:  :-)  When you have a working config, back it up. If you ever have to a hard reset, or replace the router it only takes a couple of minutes to restore the config.
0
 

Author Comment

by:Rachelb
ID: 17875575
Before trying that, I wanted to confirm it is the problem with RV042. When I trace route RV042 IP from Cisco Router, it goes up to Broadband router IP (which is connected to WAN port of RV042) and stops.

The problem with hard restting is, it is in a remote place. Non-technical people will be available for a short time. Could there be a block on the ISP side? (on the RV042 side?)
0
 

Author Comment

by:Rachelb
ID: 17875913
This is the log of RV042:

Ignoring Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-03]  
Nov 4 02:41:54 2006     VPN Log    Ignoring Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-02_n]  
Nov 4 02:41:54 2006     VPN Log    [Tunnel Negotiation Info] <<< Responder Received Main Mode 1st packet  
Nov 4 02:41:54 2006     VPN Log    [Tunnel Negotiation Info] >>> Responder Send Main Mode 2nd packet  
Nov 4 02:42:04 2006     VPN Log    Ignoring Vendor ID payload [439b59f8ba676c4c...]  
Nov 4 02:42:04 2006     VPN Log    Ignoring Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-03]  
Nov 4 02:42:04 2006     VPN Log    Ignoring Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-02_n]  
Nov 4 02:42:04 2006     VPN Log    [Tunnel Negotiation Info] <<< Responder Received Main Mode 1st packet  
Nov 4 02:42:04 2006     VPN Log    [Tunnel Negotiation Info] >>> Responder Send Main Mode 2nd packet  
Nov 4 02:42:14 2006     VPN Log    Ignoring Vendor ID payload [439b59f8ba676c4c...]  
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 77

Expert Comment

by:Rob Williams
ID: 17876389
>>"Could there be a block on the ISP side? (on the RV042 side?)"
It is possible, but unlikely it would coincide with your adjustments. If someone is available at the remote site first have them unplug the power to the modem and router for 5 minutes, then plug the modem in, wait 1 minute and then the router. That might clear it up.

As for the log, I am not very good at diagnosing from the logs but "Ignoring Vendor ID payload " to me indicates the router is refusing the connection, probably due to an incorrect parameter such as pass-phrase or encryption setting. Are you sure it has been reset to the previous configuration?
0
 

Author Comment

by:Rachelb
ID: 17879376
Restarting did not work. Asked the person at the other end to hard reset it.
After that, they are able to ping 192.168.1.1.
Telnet 192.168.1.1 gives something like SME boot..
But, http://192.168.1.1 is giving 'page can not be displayed'  error.
They have the Setting backup as 'exp' file. Asked them to import it from the Web management.
Don't know why web management is not working.
Any idea how to proceed.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17880877
I have had Linksys routers become completely dis-functional before. As a matter of fact an RVL200 did almost the same thing to me last week. It must be a little bit common as Linksys supplies a repair tool/method. Seems you have to re-install the firmware when you can't get to the management console. However, to do so you need their little TFTP utility. The TFTP utility allows you to install the update remotely. Very simple and works well. It is available from:
  ftp://ftp.Linksys.com/pub/network/tftp.exe 
It comes with .pdf file instructions. You will also need the firmware file, I would recomend the most recent:
http://www.linksys.com/servlet/Satellite?c=L_Download_C2&childpagename=US%2FLayout&cid=1115417109974&packedargs=sku%3D1115416833192&pagename=Linksys%2FCommon%2FVisitorWrapper
I see the TFTP tool is now available from that site as well.
Once updated you should be able to re-import your .exp/config file. It will wipe the current configuration, and also it needs to be done from the lan, not over a remote WAN connection.

0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18005088
Rachelb, were you able to restore functionality to the RV042 ?
--Rob
0
 

Author Comment

by:Rachelb
ID: 18017242
Sorry Rob, for not posting earlier. We were able to access web management page, I sent them the .exp file, asked them to import. It worked. Don't know why it did not work last time.
Thank you for your help.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18019354
Thanks Rachelb, glad to hear you were able to resolve.
Cheers.
--Rob
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes, you want your microsoft VPN to route all the traffic to the remote network. Usually your employer network. This makes it possible to access all the nodes inside this remote LAN, even if they have no "public DNS" entries. To do so, you wo…
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question