Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1501
  • Last Modified:

VPN Between CISCO ASA 505 and RVS4000

Hello,

I have a big probleme to make a VPN Between a CISCO ASA and a RVS4000.
I've got 3 sites (A,B,C)

On site A:

CISCO ASA 505 + Linksys Modem AM200
IP Public: xxx.xxx.xxx.192
Local IP : 192.1xx.0.1
Local Network: 192.1xx.0.0
Submask: 255.255.255.0
Preshared Key: abcdef

On site B:

CISCO ASA 505 + Linksys Modem AM200
IP Public: xxx.xxx.xxx.184
Local IP : 192.1xx.1.1
Local Network: 192.1xx.1.0
Submask: 255.255.255.0
Preshared Key: abcdef

On site C:

RVS4000 + TPLINK Modem Router (Brigde mode)
IP Public: xxx.xxx.xxx.122
Local IP : 10.1xx.2x.1
Local Network: 10.1xx.2x.0
Submask: 255.255.255.0
Preshared Key: abcdef

- There's no Probleme to mount a VPN Tunnel connection between site A and B

- However, I can't do the same thing between site A and C

The preshared Key is the same
Encryption is 3DES + SHA1

When i take a look on the log i have this return:

[VPN Log]: "DEWA-RS" #1: received Vendor ID payload [Cisco-Unity]
[VPN Log]: "DEWA-RS" #1: received Vendor ID payload [XAUTH]
[VPN Log]: "DEWA-RS" #1: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set to=108
[VPN Log]: "DEWA-RS" #1: ignoring unknown Vendor ID payload [4048b7d56ebce88525e7de7f00d6c2d3c0000000]
[VPN Log]: "DEWA-RS" #1: ignoring Vendor ID payload [Cisco VPN 3000 Series]
[VPN Log]: "DEWA-RS" #1: protocol/port in Phase 1 ID Payload must be 0/0 or 17/500 but are 17/0
[VPN Log]: "DEWA-RS" #1: initial Aggressive Mode packet claiming to be from xxx.xxx.xxx.192 on xxx.xxx.xxx.192 but no connection has been authorized
[VPN Log]: "DEWA-RS" #1: sending notification INVALID_ID_INFORMATION to xxx.xxx.xxx.192:500


All firewall are disable on the TPLINK modem routeur and on the RVS4000
Can you help me?
0
JUGGER97139
Asked:
JUGGER97139
1 Solution
 
pegasysCommented:
[VPN Log]: "DEWA-RS" #1: ignoring unknown Vendor ID payload

Hmm seen this before.. If you have chosen for a specific sort of VPN (IPSEC etc....) switch to OpenVPN
0
 
JUGGER97139Author Commented:
What do you you mean by switch to Open VPN.
On my RVS4000 and my ASA it's a IPSEC VPN Tunnel.

I have the same groupe on both  side
0
 
fgasimzadeCommented:
Make sure access list on ASA and LAN/remote LAN networks on RVS are correct
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now