Cisco RV 042 VPN and NCP Configuration

Hi,
I'm trying to configure a Cisco RV042 VPN router and allow client access using NCP.  I need to use NCP as I use it for other VPN connections.  

Current config in the router
IPSEC setup
Keying mode IKE with preshare key
Group 1
SHA 1
Phase 2
Group 1
AES 256
SHA1

NCP
IKE policy
AES 256
SHA
DH Group1

IPSEC Policy
ESP ( not editable)
AES 256
SHA
Exchange aggressive
PFS group 1

NCP LOG
4/7/2011 10:44:23 PM  IPSec: Start building connection
4/7/2011 10:44:23 PM  IPSec: DNSREQ: resolving dnserver over lan: pmcgi.dyndns-free.com
4/7/2011 10:44:23 PM  IPSec: DNSREQ: resolved ipadr: 071.224.042.175
4/7/2011 10:44:23 PM  Ike: Outgoing connect request AGGRESSIVE mode - gateway=71.224.42.175 : PMCGi
4/7/2011 10:44:23 PM  Ike: XMIT_MSG1_AGGRESSIVE - PMCGi
4/7/2011 10:44:23 PM  Ike: RECV_MSG2_AGGRESSIVE - PMCGi
4/7/2011 10:44:23 PM  Ike: IKE phase I: Setting LifeTime to 28800 seconds
4/7/2011 10:44:23 PM  Ike: IkeSa negotiated with the following properties -
4/7/2011 10:44:23 PM    Authentication=PRE_SHARED_KEY,Encryption=AES,Hash=SHA,DHGroup=1,KeyLen=256
4/7/2011 10:44:23 PM  IPSec: Final Tunnel EndPoint is:071.224.042.175
4/7/2011 10:44:23 PM  Ike: XMIT_MSG3_AGGRESSIVE - PMCGi
4/7/2011 10:44:23 PM  Ike: IkeSa negotiated with the following properties -
4/7/2011 10:44:23 PM    Authentication=PRE_SHARED_KEY,Encryption=AES,Hash=SHA,DHGroup=1,KeyLen=256
4/7/2011 10:44:23 PM  Ike: phase1:name(PMCGi) - connected
4/7/2011 10:44:23 PM  SUCCESS: IKE phase 1 ready
4/7/2011 10:44:23 PM  IPSec: Phase1 is Ready - IkeIndex=29,AltRekey=1
4/7/2011 10:44:23 PM  IPSec: Quick Mode is Ready: IkeIndex = 0000001d , VpnSrcPort = 500
4/7/2011 10:44:23 PM  IPSec: Assigned IP Address: 192.168.0.150
4/7/2011 10:44:23 PM  IkeQuick: XMIT_MSG1_QUICK - PMCGi
4/7/2011 10:44:24 PM  Ike: NOTIFY : PMCGi : RECEIVED : INVALID_ID_INFORMATION : 18
4/7/2011 10:44:29 PM  Ike: NOTIFY : PMCGi : RECEIVED : INVALID_MESSAGE_ID : 9
4/7/2011 10:44:35 PM  Ike: NOTIFY : PMCGi : RECEIVED : INVALID_MESSAGE_ID : 9
4/7/2011 10:44:41 PM  Ike: NOTIFY : PMCGi : RECEIVED : INVALID_MESSAGE_ID : 9
4/7/2011 10:44:42 PM  IkeQuick: phase2:name(PMCGi) - error - cleared by phase1
4/7/2011 10:44:42 PM  ERROR - 4037: IKE(phase2):Waiting for message2, cleared by phase1 - PMCGi.
4/7/2011 10:44:42 PM  IPSec: Disconnected from PMCGi on channel 1.

I get through Phase 1 but not through phase 2.  

Any ideas?
Thanks
/Joe
LVL 1
Joe_CoolAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AllvirtualCommented:
The advantage of using NCP is you can contact their excellent support. The support email is helpdesk@ncp-e.com. They will respond quickly and get you going! This company rocks.
I have this document from them - attached. I think it will help you. Something is not configured correctly.
Installation-Linksys-20100714.pdf
0
Joe_CoolAuthor Commented:
Thanks for the feedback.  I looked over your doc and a similar one from their web page to no avail.  I filed a support request so we'll see what comes of that.  I agree this is a setup issue as others have used this combination successfully in the past - just frustrating.  
0
Joe_CoolAuthor Commented:
Update: So I got it working via a internet guide from NCP.  I cannot do full tunneling yet only split to my network but it is progress.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Joe_CoolAuthor Commented:
Provide half points. I usedn another document I found on my own.  NCP never replied to my requuest with is not the fault of this board however I also never received any additional info from All Virtual.  I feel half is fair for trying.  In the end I did get it to work albiet not as desired ( with Full Tunneling), so I agree it can be closed
0
Robert MarleySinger / SongwriterCommented:
I am starting the Auto-Close procedure on behalf of the question asker, to close this question, after the 'Objection' by Joe_Cool stopped the procedure. The course of action selected seems the most equitable action to take in this instance, with no responses within a timely manner to our below request(s).


-----
Everyt'ing is everyt'ing,

Mod_MarlEE
Community Support Moderator
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Services

From novice to tech pro — start learning today.