Showing results for 
Search instead for 
Do you mean 
Reply
cinghiuz
Posts: 3
Registered: ‎07-30-2009
Accepted Solution

Can't establish a VPN tunnel between AG241 and WAG54GP2

[ Edited ]

Hi there,

 

this is my first post on this forum and I send my best greetings to everybody!

 

I registered because I've got a problem with establishing a VPN tunnel between an AG241 modem/router and a WAG54GP2 modem/router with wireless and VoIP.

 

The scenario is simple: both ends have dynamic IP so I configured an account with dyndns.org for both routers.

WAG54GP2 has 192.168.1.1/255.255.255.0 IP and AG241 has 192.168.3.254/255.255.255.0 IP.

In both routers i turned of the block of anonymous internet requests, so I can ping both routers.

 

That's the WAG54GP2 configuration:

VPN Passthrough
 IPSec PassThrough: Enable
  PPPoE PassThrough: Enable
  PPTP PassThrough: Enable
  L2TP PassThrough: Enable

IPSec VPN Tunnel
 Select Tunnel:  1
 IPSec VPN Tunnel: Enabled
 Tunnel Name:   Office

Local Secure Group:
    Subnet
  IP:   192.168.1.0
  Mask:   255.255.255.0

Local Security Gateway:  PVC 1 (ppp0)

Remote Secure Group:              
  IP:   192.168.3.0
  Mask:   255.255.255.0

Remote Security Gateway:
    IP Addr.
 IP Address:  w.x.y.z The public IP address of the remote router
 Encryption:      DES (I also tried 3DES and disabled)
 Authentication:  SHA   

Key Management:                
    Auto.(IKE)
 PFS:   Enabled
 Pre-shared Key:    the password I choosed
 Key Lifetime:     3600 Sec.

Advanced Settings

Phase 1
 Operation mode:  Main mode (I also tried Aggressive mode)

Proposal1
 Encryption:  DES
 Authentication:  SHA
 Group:   768-bit
 Key lifetime:  3600 sec.

Proposal2
 Encryption:  ESP_NULL
 Authentication:  SHA
 Group:   768-bit
 Key lifetime:  3600 sec.

Other Setting
 Nat traversal  Not checked
 Netbios broadcast Checked
 Anti-reply  Not checked
 Keep-Alive  Not checked
 If IKE failedmore than 5 times
    Not checked

That's the AG241 configuration:

VPN Passthrough
 IPSec PassThrough: Enable
  PPPoE PassThrough: Enable
  PPTP PassThrough: Enable
  L2TP PassThrough: Enable

IPSec VPN Tunnel
 Select Tunnel:  1
 IPSec VPN Tunnel: Enabled
 Tunnel Name:   User 1

Local Secure Group:
    Subnet
  IP:   192.168.3.0
  Mask:   255.255.255.0

Local Security Gateway:  PVC 1 (ppp0)

Remote Secure Group:              
  IP:   192.168.1.0
  Mask:   255.255.255.0

Remote Security Gateway:
    Any

Key Management:                
    Auto.(IKE)
 PFS:   Enabled
 Pre-shared Key:    the same password I put on the WAG54GP2
 Key Lifetime:     3600 Sec.

Advanced Settings

Phase 1
 Operation mode:  Main mode (I also tried Aggressive mode)

Proposal1
 Encryption:  DES
 Authentication:  SHA
 Group:   768-bit
 Key lifetime:  3600 sec.

Proposal2
 Encryption:  DES
 Authentication:  SHA
 Group:   768-bit
 Key lifetime:  3600 sec.

Other Setting
 Nat traversal  Not checked
 Netbios broadcast Checked
 Anti-reply  Not checked
 Keep-Alive  Not checked
 If IKE failedmore than 5 times
    Not checked

 

When I click Connect on the WAG54GP2 router it doesn't connect and in the Logs I see:

2009-07-30T16:16:10+01:00 IKE["Office"] Tx >> MM_I1 : w.x.y.z SA 

2009-07-30T16:16:20+01:00 IKE["Office"] ERROR: for message to w.x.y.z port 500 :Connection refused

 

If I use the dynamic FQDN instead of the dynamic IP (w.x.y.z) the message change to:

2009-07-30T16:46:16+01:00 IKE["Office"] ERROR: Remote Security Gateway domain name problem!

 

Is there someone that could help me to establish this tunnel?

 

Many thanks to everybody that will help me!!

 

Cinghiuz

Message Edited by cinghiuz on 07-30-2009 07:51 AM
helm
Posts: 3,650
Registered: ‎09-07-2006

Re: Can't establish a VPN tunnel between AG241 and WAG54GP2

If you are Encountering Difficulties Connecting to the VPN Tunnel Using a ADSL Gateway you should see this

 

Also make sure that you have the latest firmware installed on your Gateway and tweak the MTU Setting...

cinghiuz
Posts: 3
Registered: ‎07-30-2009

Re: Can't establish a VPN tunnel between AG241 and WAG54GP2

Hi Helm,

 

Thank you for your tips, I checked out your link and I confirm that all is ok: ADSL gateways have different IPs, the key and its life is the same and also other parameters are the same.

 

I also confirm that both gateways have the latest firmware.

 

What do you mena with tweak the MTU setting?

 

Thanks again!

 

Cinghiuz

cinghiuz
Posts: 3
Registered: ‎07-30-2009

Re: Can't establish a VPN tunnel between AG241 and WAG54GP2

Hi Helm!

 

It works!!!!!

 

I set MTU tu 1300 on both gateways and now it works fine!

 

Thank you very much for your hints!

 

Cinghiuz