Solved

Cisco RV042 Gateway to Gateway VPN - cannot ping.

Posted on 2012-03-28
8
2,172 Views
Last Modified: 2012-08-29
Hi,

I have recently set up a gateway to gateway vpn using cisco RV042 routers at either end, The VPN connects fine however I cannot ping devices from either end i.e. using a device at site A I cannot ping a device at site B and vice versa.

It also looks to me that the VPN connection hasn't actually established (even though the the status of the tunnel is listed as connected). Devices as site be appear offline as they cannot access the required resources at site A.

The VPN config is as follows:

Local Security Gateway Type :  IP Only
IP Address :  WAN IP of site A
Local Security Group Type :IP Range
Begin IP :  192.168.0.1
End IP :  192.168.0.254
 
 

--------------------------------------------------------------------------------
 
 
Remote Group Setup
Remote Security Gateway Type :  IP Only
IP Address: Wan IP of site 2  
Remote Security Group Type :  IP Range
Begin IP : 192.168.1.1  
End IP:   192.168.1.254
 
 

--------------------------------------------------------------------------------
 
 
IPSec Setup
Keying Mode :  IKE with Preshared key
Phase 1 DH Group :  Group 1 - 768 bit
Phase 1 Encryption :  AES-256
Phase 1 Authentication :  SHA1
Phase 1 SA Life Time :  86400 seconds
Perfect Forward Secrecy :   Enabled
Phase 2 DH Group :  Group 1 - 768 bit
Phase 2 Encryption :  AES-256
Phase 2 Authentication :  SHA1
Phase 2 SA Life Time :  seconds
0
Comment
Question by:Adma1
  • 4
  • 2
8 Comments
 

Author Comment

by:Adma1
ID: 37781292
I am in desperate need of help on this one, any advise anyone has would be greatly appreciated.

Thanks,
A
0
 
LVL 2

Accepted Solution

by:
JonyHolt earned 500 total points
ID: 37788530
0
 

Author Comment

by:Adma1
ID: 37794466
Thanks JohnHolt for your response,

I have read through the threads on your post. I have checked the following:

Using the ping tool under the router diagnostics I can ping site A from remote site B but cannot ping site B from local site A, if that makes sense?

I then checked the 'Advance Routing' table and there are quite a few entries in the list that I cannot make sense of. However none of the entries from what I can tell relate the VPN in question.

I then tried adding a static route within the router at local site A to include the WAN IP subnet mask and local default gateway(192.168.1.1) of site B. This made difference and from what i can tell it looks like this entry hasn't made it to the advance routing list.

Any further advise you may have would be greatly appreciated.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:Adma1
ID: 37794470
see attached picture of routing table
routing-table.jpg
0
 

Author Comment

by:Adma1
ID: 37794838
Hi JonyHolt

I notice your closing remarks on your post.

JonyHolt requested that this question be closed by accepting JonyHolt's comment #37727419 (0 points) as the solution for the following reason:

Great answer, I had to do a little bit of work around but was able to get it up and running =)


Can you please advise what it was you did in order to get you VPN tunnel working correctly.

Many Thanks.
0
 
LVL 2

Expert Comment

by:JonyHolt
ID: 37816557
Hi Adma1,

 For testing purposes, did you disable your firewall on both sides? Are they both directly connected to the modem with a static IP?

 What is acting as the DNS server by the way?
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Setup router as access point - no internet 5 32
Security Alert 2 45
NSD FAIL 2 25
Cisco Any Connect Client 5 16
Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now