I have 2 locations. On each location is installed VPN device Cisco RV042. Link between location is optical fiber. ISP is the same. Link speed on location A is symetric 3/3 Mbps, and there is
static address. Link speed on the location B is 10/10 Mbps also with static IP address. Distance between locations is 350 km.
When I create VPN IPsec tunnel between offices everything works fine for about 10 minutes and then it crashes. Then, after some time connection is back and again fail after couple of minutes.
For test purposes, I have created another IPsec tunnel from my home to Location A and B. I have ADSL 4/512kb with dynamic ip address. Everything works fine between my home and location A,
connection never crashes, but at the same time location B keep crashes from location A and from my test device. I've conntacted ISP and they told me to change MTU.
I was changing MTU from 1500 to 1100 in steps from 10, but no luck. I went to location B and change device with one that worked from my home lab, and stil the same problem. ISP did some tests
but as they said, everything OK on they side. There are some logs from my device:
System Log NSD SUCCESS WAN[1] ˙˙Sep 24 13:10:28 2011
System Log NSD FAIL WAN[1] Sep 24 13:16:18 2011
System Log NSD SUCCESS WAN[1] Sep 24 13:20:48 2011
System Log NSD FAIL WAN[1] Sep 24 13:24:08 2011
System Log NSD SUCCESS WAN[1] Sep 24 13:27:18 2011
System Log NSD FAIL WAN[1] Sep 24 13:35:08 2011
System Log NSD SUCCESS WAN[1] Sep 24 13:39:38 2011
System Log NSD FAIL WAN[1] Sep 24 13:46:28 2011
System Log NSD SUCCESS WAN[1] Sep 24 13:49:38 2011
System Log NSD FAIL WAN[1] Sep 24 13:55:58 2011
System Log NSD SUCCESS WAN[1] Sep 24 14:00:28 2011
System Log NSD FAIL WAN[1] Sep 24 14:07:48 2011
System Log NSD SUCCESS WAN[1] Sep 24 14:10:18 2011
System Log NSD FAIL WAN[1] Sep 24 14:16:09 2011
System Log NSD SUCCESS WAN[1] Sep 24 14:19:19 2011
System Log NSD FAIL WAN[1] Sep 24 14:24:39 2011
System Log NSD SUCCESS WAN[1] Sep 24 14:27:49 2011
System Log NSD FAIL WAN[1] Sep 24 14:33:09 2011
System Log NSD SUCCESS WAN[1] Sep 24 14:36:19 2011
System Log NSD FAIL WAN[1] Sep 24 14:42:39 2011
Is there anyone with similiar problem, or any idea? Thanks in advance
There is more output:
VPN Log (g2gips0) #3694: Peer ID is ID_IPV4_ADDR: 'xxx.xxx.xxx.xxx'
VPN Log (g2gips0) #3694: responding to Aggressive Mode, state #3694, connection 'g2gips0' from xxx.xxx.xxx.xxx
VPN Log (g2gips0) #3694: [Tunnel Negotiation Info] >>> Responder Send Aggressive Mode 2nd packet
VPN Log (g2gips0) #3694: [Tunnel Negotiation Info] >>> Responder Send Aggressive Mode 2nd packet
VPN Log (g2gips0) #3691: max number of retransmissions (2) reached STATE_AGGR_R1
VPN Log (g2gips0) #3691: max number of retransmissions (2) reached STATE_AGGR_R1
VPN Log packet from xxx.xxx.xxx.xxx:500: received Vendor ID payload [Dead Peer Detection]
VPN Log packet from xxx.xxx.xxx.xxx:500: received Vendor ID payload [Dead Peer Detection]
VPN Log packet from xxx.xxx.xxx.xxx:500: [Tunnel Negotiation Info] <<< Responder Received Aggressive Mode 1st packet
VPN Log packet from xxx.xxx.xxx.xxx:500: [Tunnel Negotiation Info] <<< Responder Received Aggressive Mode 1st packet
Best Answer
Are either of the RV042 behind a firewall? Have you tried an older firmware on both? Can you get a third RV042 and try swapping out site B then try site A? Do both RV042 have identical date / time (do they look at the same NTP server)?