Link to home
Start Free TrialLog in
Avatar of Robert Wagstaff
Robert WagstaffFlag for United States of America

asked on

VPN Tunnel Stops Working Cisco RV130W

I have two networks connected with a VPN Site-to-Site Tunnel using two Cisco RV130W Routers. I have enabled NAT Traversal on both sides in order for communication across ports to work at all. (see previous post Now, the tunnel stops working all together after a few days. No pinging is successful at all. I disconnected and reconnected one side of the tunnel and it is back up and running now.

Any ideas on how to create a more stable connection??

Thank you
Avatar of John
Flag of Canada image

Did you try updating firmware on the Cisco 130W routers. I am showing RV130X_FW_1.0.3.22 for a couple of these I have at clients.
Avatar of Robert Wagstaff


I show both are running FW:  Am I correct to believe that these site-to-site VPN tunnels should work flawlessly for months on end? This is honestly my first VPN tunnel and it just seems so flaky and unstable.
Avatar of John
Flag of Canada image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I will consider that however if firmware upgrade goes south I am 3 hours away so I will need to time it right.

Thank you for your help in this matter....again! =)
I was happy to help and I will keep watching.  Thank you so much.
Avatar of Craig Beck
Forgive me, but have you actually tried the firmware upgrade and confirmed that to be the solution?
I just spent an hour on the phone with Cisco. Instability remains. Actually turned OFF NAT Traversal as that is supposed to be used when you have a router in front of the Cisco router which I do not. Now even stranger behavior....I can access the port on the remote server but I cannot ping it. WTF!!!!!!!! I am afraid to do the firmware upgrades unless I am on site. I may be forced to however if the communication keeps dropping.

Very frustrated.
I think Firmware should be updated if you can because it is behind a version or two.
Yah I assume that would be wise. I just can imagine Cisco releasing a product that is less than a year old with a bad firmware. It's not like VPN tunnels are a new thing.
I know I had an issue (as noted above) that newer firmware fixed.

Also your tunnel stays up for a few days and that means the tunnel parameters are very likely (99%) correct.
But seriously why can't I ping which is on the other side of the tunnel but yet telnet 80 works fine. Also, I can ping and telnet without a problem. I had a constant ping going on .31 when all of a sudden it timed out. I am so confused.
It is proper operation then none (as you describe above) that makes me think a problem inside the RV130W. I have several of these at another client not giving a lick of trouble.
I took your advice and upgraded the firmware on both routers to v1.0.3.22. The web interface seems much more responsive and the communication across the VPN tunnel is going strong right now. Need to see if it is stable over a week or so. Thank you
Thank you for the update. Good news!
There's lots of variables which can affect VPN traffic. See how the firmware goes but I'd expect it to be down to a network issue rather than firmware.
Ok here's the latest....The VPN Tunnel connection seemed to be running smoothly for a couple days as I was testing connecting to the port using "PORTQRY" and writing it to a log every 1 minute. Things went south however and traffic started to fail. I bounced the VPN tunnel and communication started up again with seemingly no problems. Not sure what to do other than bounce the connection daily. Any ideas???
Two days of solid connection means that the Connection Parameters are good. The firmware you have is the newest and working on my units.

So then is there a hardware issue?  or an environment problem (power supply to the unit, or internet supply to the unit)?

Is the unit properly ventilated and not overheating?
It will be a network issue.  Simply reloading the boxes or bouncing the interface does nothing for overheating, etc.

There's lots of issues that can affect IPSec tunnels... MTU, latency, clock issues, routing, etc.

I'd check the logs on the boxes to see if they reveal anything.