[GRLUG] VPN Help

[scott.tanner at comcast.net]

Even though you've said otherwise, I'd suggest setting the preshared to something simple for testing purposes and try again. Also verify the settings and timeouts are the same on both devices. 

http://www.cisco.com/en/US/docs/routers/csbr/rv0xx/administration/guide/rv0xx_AG_78-19576.pdf - page 170. 

Would need to know more about the network and exact configs to help any further. 


Good luck! 
Scott 

----- Original Message -----
From: "L. V. Lammert" <lvl at omnitec.net> 
To: "Mailing List for LUG in greater Grand Rapids, MI area." <grlug at grlug.org> 
Sent: Sunday, August 4, 2013 4:38:01 PM 
Subject: Re: [GRLUG] VPN Help 

On Sun, 4 Aug 2013 scott.tanner at comcast.net wrote: 

> Was the linksys RVN42 rebranded to RV042? 
> 
Don't know about rebranding, but it's definately a Cisco box now - new 
form factor. 

> Can you post any screenshots of the VPN config? 
> 
Can't save a screenshot for some reason (accessing via TV), but here is 
the log I captured Friday: 


Aug 2 14:24:25 2013 VPN Log (g2gips0) #2085: [Tunnel Negotiation Info] 
>>> Responder Send Main Mode 2nd packet 
Aug 2 14:24:25 2013 VPN Log (g2gips0) #2085: [Tunnel Negotiation Info] 
>>> Responder Send Main Mode 2nd packet 
Aug 2 14:24:25 2013 VPN Log (g2gips0) #2085: [Tunnel Negotiation Info] 
<<< Responder Received Main Mode 3rd packet 
Aug 2 14:24:25 2013 VPN Log (g2gips0) #2085: [Tunnel Negotiation Info] 
<<< Responder Received Main Mode 3rd packet 
Aug 2 14:24:25 2013 VPN Log (g2gips0) #2085: NAT-Traversal: Result 
using RFC 3947: no NAT detected 
Aug 2 14:24:25 2013 VPN Log (g2gips0) #2085: NAT-Traversal: Result 
using RFC 3947: no NAT detected 
Aug 2 14:24:25 2013 VPN Log (g2gips0) #2085: [Tunnel Negotiation Info] 
>>> Responder send Main Mode 4th packet 
Aug 2 14:24:25 2013 VPN Log (g2gips0) #2085: [Tunnel Negotiation Info] 
>>> Responder send Main Mode 4th packet 
Aug 2 14:24:25 2013 VPN Log (g2gips0) #2085: next payload type of 
ISAKMP Identification Payload has an unknown value: 227 
Aug 2 14:24:25 2013 VPN Log (g2gips0) #2085: next payload type of 
ISAKMP Identification Payload has an unknown value: 227 
Aug 2 14:24:25 2013 VPN Log (g2gips0) #2085: probable authentication 
failure (mismatch of preshared secrets?): malformed payload in packet 
Aug 2 14:24:25 2013 VPN Log (g2gips0) #2085: probable authentication 
failure (mismatch of preshared secrets?): malformed payload in packet 
Aug 2 14:24:25 2013 VPN Log (g2gips0) #2085: sending encrypted 
notification PAYLOAD_MALFORMED to 96.35.167.38:500 
Aug 2 14:24:35 2013 VPN Log (g2gips0) #2085: next payload type of 
ISAKMP Identification Payload has an unknown value: 227 
Aug 2 14:24:35 2013 VPN Log (g2gips0) #2085: next payload type of 
ISAKMP Identification Payload has an unknown value: 227 
Aug 2 14:24:35 2013 VPN Log (g2gips0) #2085: probable authentication 
failure (mismatch of preshared secrets?): malformed payload in packet 
Aug 2 14:24:35 2013 VPN Log (g2gips0) #2085: probable authentication 
failure (mismatch of preshared secrets?): malformed payload in packet 
Aug 2 14:24:35 2013 VPN Log (g2gips0) #2085: sending encrypted 
notification PAYLOAD_MALFORMED to 96.35.167.38:500 

The preshared secrets are the same, .. copy & paste, so the malformed 
paylod is a question. 

> We inherited some LinkCisco equipment and any advanced configuration 
> has been a nightmare. 
> 
Seems like it should be simple, but what I cannot get straight in my mind 
is how a user at the remote site (192.168.2.0) would connect to an IP at 
the main office (192.167.1.149). Seems like there has to be a specific 
forward setup in the the remote router, but I can't figure that out from 
the config screens. 

Thanks!! 

Lee 
_______________________________________________ 
grlug mailing list 
grlug at grlug.org 
http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shinobu.grlug.org/pipermail/grlug/attachments/20130805/0c48216f/attachment-0001.html>