Solved

Cisco rv 180w VPN IPsec SA Not Established

Posted on 2014-11-18
5
585 Views
Last Modified: 2014-11-22
Gateway to Gateway VPN

RV 180w on both ends

This VPN was working till one location experienced a power outage over the weekend. Both locations have Internet access but can't connect VPN.

I checked all VPN settings to make sure nothing had changed in either router, WAN Static IP is still the same on both ends. Next I upgraded firmware to v. 1.0.4.14 on both ends, deleted existing settings in both routers and used the "Basic VPN Setup" option. Same problem - IPsec SA Not Established. I have searched for a VPN log in the menu but haven't found it.
0
Comment
Question by:rettif9
  • 2
  • 2
5 Comments
 
LVL 22

Expert Comment

by:Matt V
ID: 40452414
SA is usually a mismatch between encryption methods or the shared secret.

Double check that your isakmp encryption settings match up.
0
 
LVL 7

Accepted Solution

by:
rettif9 earned 0 total points
ID: 40457527
I've spent several hours on the phone with Cisco engineers all settings have been verified. Although this VPN tunnel is still not working The Cisco engineers were able to configure a VPN from their test bench to each of the two routers successfully. The only clue we have so far is; One end has a cable ISP the other end is telco. Using ping x.x.x.x (WAN address) -f -l [Mtu size] we have been able to determine that pings sent from cable ISP end at 1480 (default) are always successful. pings sent from telco end fail if Mtu is above 1440. Working with telco now to resolve.
0
 
LVL 7

Author Comment

by:rettif9
ID: 40459430
MattV-

Since you were the only expert to respond I'll give you the points but actually the Telco caused the problem. as soon as they raised the Mtu everything started working again. Thanks for trying.
0
 
LVL 22

Expert Comment

by:Matt V
ID: 40459432
Thanks rettif9, glad you got it working.

We could also have adjusted the MTU on the tunnel to overcome the telecom settings.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now