jmellis777
asked on
Site-to-Site VPN Cisco ASA 5505 to Cisco RV320
I'm trying to connect a site-to-site IPSec VPN between a Cisco ASA5505 and RV320. The same basic settings are being used on both sides but the tunnel is not connecting. When pressing Connect on the RV320 it fails to connect. Clearly, there is advanced settings that need to be adjusted. Anyone know of a tutorial on connecting these particular units? Any help would be appreciated. Thanks! Setting are:
RV320:
Gateway to Gateway
Interface:WAN1
Keying Mode: IKE with Preshared Key
Enabled: checked
Local Group Setup
Local Security Gateway Type: IP Only
IP Address: Local WAN
Local Security Group Type: Subnet
IP Address: 192.168.1.0
SM: 255.255.255.0
Remote Group Setup
Remote Security Gateway Type: IP Only
IP Address: Remote WAN
Remote Security Group Type: Subnet
IP Address: 192.168.3.0
SM: 255.255.255.0
IPSec Setup
Phase 1 DH Group: Group 1 – 768bit
P1 Enc: DES
P1 Auth: MD5
P1 SA Lifetime: 86400
PFS: checked
P2 DH Group: Group 1
P2 Encr: DES
P2 Auth: MD5
P2 SA Lifetime: 3600
Advanced: the only thing checked is Dead Peer Detection Interval 10 sec
ASA 5505:
Stepped through site-to-site wizard with same settings as above
RV320:
Gateway to Gateway
Interface:WAN1
Keying Mode: IKE with Preshared Key
Enabled: checked
Local Group Setup
Local Security Gateway Type: IP Only
IP Address: Local WAN
Local Security Group Type: Subnet
IP Address: 192.168.1.0
SM: 255.255.255.0
Remote Group Setup
Remote Security Gateway Type: IP Only
IP Address: Remote WAN
Remote Security Group Type: Subnet
IP Address: 192.168.3.0
SM: 255.255.255.0
IPSec Setup
Phase 1 DH Group: Group 1 – 768bit
P1 Enc: DES
P1 Auth: MD5
P1 SA Lifetime: 86400
PFS: checked
P2 DH Group: Group 1
P2 Encr: DES
P2 Auth: MD5
P2 SA Lifetime: 3600
Advanced: the only thing checked is Dead Peer Detection Interval 10 sec
ASA 5505:
Stepped through site-to-site wizard with same settings as above
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Any feedback on my suggestions? My tunnels all work
ASKER
It turns out the IT guy on the other end misspelled his own PSK he gave me. However, your suggestion to turn on logging is what helped pinpoint the issue. Thanks!
Thanks for update and I was happy to help you resolve this.