RV042 VPN drop outs

RV042 VPN drop outs

Postby stephen » Fri Oct 16, 2009 9:55 am

I have a WAN VPN with two RV042 at each end of the link.
One of the RV024 is set up as a Dual WAN with two ADSL connections,
My problem is that the VPN link stops working. but the VPN Connection says connected.

To get the link to work I have to click disconnect at one of the routers and then the link is restablished automatically and the tunnel now works until the next drop out.

I am running the latest firmware Version: 1.3.12.19-tm, downloaded from the CISCO web site.

Local Security Gateway type is IP only
Remote Security Gateway type is IP only
Keying Mode is IKE with Preshared key
Perfect Forward Security is ticked.
In the Advanced at the remote end we have ticked:
Aggressive Mode and
Compress
In the Advanced at the head office end we have ticked
Aggressive Mode and
Compress ticked
Keep Alive
Dead Peer Detection interval 10 seconds


Researched this site which says to Uncheck Perfect Forward Secrecy
http://forums.linksysbycisco.com/linksys/board/message?board.id=Wired_Routers&message.id=23818
However unchecking Perfect Forward Secrecy did not fix the problem.

I have also tried the suggestions at
http://www.linksysinfo.org/forums/showthread.php?t=56229&page=4
But these have not helped either.

The remote site that has just one WAN connection was set up as Dual Wan, I have now changed that so that WAN2 is set as DMZ pointing to a non existent ip of 192.168.200.1 mask 255.255.255.255 and will see if that helps the problem.
Changing the Dual Wan to DMZ has not fixed the problem the drop outs still occur.
stephen
 
Posts: 507
Joined: Thu Feb 09, 2006 9:37 am
Location: Brisbane

Re: RV042 VPN drop outs

Postby stephen » Mon Nov 09, 2009 7:46 pm

I have logged a call with the Cisco Small Business Support,
They have recommended to reset the RV042 routers to factory default then re-flash the firmware to version 1.3.12.19-tm, then reset to factory defaults then manually key in the router settings.

I have done the above at the 3 sites where the routers are located. However this has not fixed the problem. The VPN still shows connected but the users cannot access the remote server down the VPN pings to the server time out. It is only after disconnecting the VPN and letting the tunnel reconnect that the tunnel starts functioning again.
stephen
 
Posts: 507
Joined: Thu Feb 09, 2006 9:37 am
Location: Brisbane

Re: RV042 VPN drop outs

Postby stephen » Mon Nov 09, 2009 7:57 pm

Franki from Hon Kong has reported a fix for the broken VPN problem
http://www.linksysinfo.org/forums/showthread.php?t=56229&page=4

I found that the problem occurred when I set "Phase2 Encryption".

Finally, I found a solution to fix it.
1. Set "Phase2 Encryption" as NULL
2. In "Advanced" option, set "AH Hash Algorithm" as MD5
3. Enable "Aggressive Mode"
4. Enable "Compress (Support IP Payload Compression Protocol(IPComp))"
5. Enable "Keep-Alive"
6. Enable "Dead Peer Detection (DPD) Interval 10 seconds"

My VPN links is very stable without any problem up to now.
stephen
 
Posts: 507
Joined: Thu Feb 09, 2006 9:37 am
Location: Brisbane

Re: RV042 VPN drop outs

Postby stephen » Tue Nov 17, 2009 5:57 am

I tried Franki's suggestion but the router is still drop out.

I contacted Cisco and they had me take note of all the RV042 router settings then reset the router to default settings, then re-install the latest firmware 1.3.12.19-tm, then reset to default settings, then manually rekey the settings back into the RV042 router. I did this at both the head office site and the remote site.
But this did not fix the problem.

We have found that the VPN drop outs occur when the activity on the tunnel is low eg when the users have breaks, or overnight.

Temporary Solution is to run a regular ping or tracert from one side of the vpn tunnel to the other. So on one of the servers or PC's at the one end of the tunnel we run every 5 minutes a tracert to the local ip address at the end of the tunnel at the head office. eg tracert 192.168.30.2 where the 192.168.30.2 is an ip address of a PC at the local side of the VPN tunnel at the remote end.
stephen
 
Posts: 507
Joined: Thu Feb 09, 2006 9:37 am
Location: Brisbane

Re: RV042 VPN drop outs

Postby stephen » Wed Nov 25, 2009 5:32 am

The next option suggested from Cisco was to swap out one of the routers.
I swapped the router and the link stayed up a bit longer but the VPn drop out still occures.

I have found a solution that seems to keep the tunnel from dropping out.
I have managed to get the STC GGA tunnel to stay up by turning on the Netbios broadcast option in the Advanced section of the tunnel configuration.
stephen
 
Posts: 507
Joined: Thu Feb 09, 2006 9:37 am
Location: Brisbane


Return to Linksys VPN

Who is online

Users browsing this forum: No registered users and 1 guest

cron