Cisco rv 180w VPN IPsec SA Not Established

Posted on 2014-11-18
Last Modified: 2014-11-22
Gateway to Gateway VPN

RV 180w on both ends

This VPN was working till one location experienced a power outage over the weekend. Both locations have Internet access but can't connect VPN.

I checked all VPN settings to make sure nothing had changed in either router, WAN Static IP is still the same on both ends. Next I upgraded firmware to v. on both ends, deleted existing settings in both routers and used the "Basic VPN Setup" option. Same problem - IPsec SA Not Established. I have searched for a VPN log in the menu but haven't found it.
Question by:rettif9
  • 2
  • 2
LVL 22

Expert Comment

by:Matt V
ID: 40452414
SA is usually a mismatch between encryption methods or the shared secret.

Double check that your isakmp encryption settings match up.

Accepted Solution

rettif9 earned 0 total points
ID: 40457527
I've spent several hours on the phone with Cisco engineers all settings have been verified. Although this VPN tunnel is still not working The Cisco engineers were able to configure a VPN from their test bench to each of the two routers successfully. The only clue we have so far is; One end has a cable ISP the other end is telco. Using ping x.x.x.x (WAN address) -f -l [Mtu size] we have been able to determine that pings sent from cable ISP end at 1480 (default) are always successful. pings sent from telco end fail if Mtu is above 1440. Working with telco now to resolve.

Author Comment

ID: 40459430

Since you were the only expert to respond I'll give you the points but actually the Telco caused the problem. as soon as they raised the Mtu everything started working again. Thanks for trying.
LVL 22

Expert Comment

by:Matt V
ID: 40459432
Thanks rettif9, glad you got it working.

We could also have adjusted the MTU on the tunnel to overcome the telecom settings.

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

New Server  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question