IPSec VPN with Cisco RV180. Aggressive mode not compatible?


#1

Howdy,

We are trying to use the Max Br1 with our Cisco Rv180s to create an IPSec tunnel back for management. We have a static on our hosted site but not one with our Max Br1. This is fine as aggressive mode allows this configuration. However when setting up the devices I am using User-FQDN for our remote identifier and the Cisco will not allow the ‘@’ character.

EG: Max Br1

Local identifier: Type U-FQDN: cisco@peplink
Remote identifier: peplink@cisco

Cisco Rv180s

Local identifier: Type U-FQDN: cisco@peplink - "Rejects @ symbol"
Remote identifier: peplink@cisco

Is there a way around this config rejection? It seems that this is the only way with aggressive mode for access using a single side static. Has anyone set up a Max Br1 with a Cisco Rv180s in aggressive mode succesfully?

EDIT: Link to error on cisco http://i.imgur.com/XPfsWRh.jpg


#2

Do note the RV180 is part of the LINKSYS line and they do not have the same IOS as other Cisco devices.


#3

On the same note, connecting this rv180s to a FusionHub in a star configuration, is that possible as well?


#4

Hi,

Based on the article here, U-FQDN is supported by Cisco RV180 router. You may need to confirm with Cisco.

Alternatively, you may try to put IP address as U-FQDN. We do support this. I noticed Cisco RV180 router also supported this based on the article above.

Thank you.


#5

U-FQDN does not work with these two devices evidently. The Peplink wants an @ character between devices which the RV180 rejects.

FusionHUB IPSEC settings
EG Local FQDN: peplink@cisco
Remote FQDN: cisco@peplink

Cisco RV180: peplink@cisco - ERR "you may not use an @ sign"



I’ve tried working around this with using a " . " in place of the @ on the peplink, which the cisco accepts, but the peplink only takes @.


#6

Hi,

Please refer to the URL below:

http://sbkb.cisco.com/CiscoSB/GetArticle.aspx?docid=74d10d8ca7344c8fa1e4030d9d01668e_IKE_Policy_Settings_on_RV180_and_RV180W_VPN_Routers.xml&

Base on the above article, ‘@’ should be accept for RV180 (You may need to further verify with product principle)

Alternatively, please try to put IP address for the “Local ID” & “Remote ID” fields.

Beside that, possible to share us the firmware version running for the MAX BR1 ?

Thank You


#7

I actually ended up replacing the Rv180 with a Balance 20 and used PepVPN for everything. Much easier!


#8

Thanks for the update and good to hear! As always, should you have future questions/inquiries don’t hesitate to reach out.