10126 questions

12103 answers

18763 comments

20282 members

0 votes
2,715 views 14 comments
by
Hello
I have configured on RUT955 two VPN IPsec.
I have notice two issue.
1- FQDN in remote destination don't work (I must configuring IP ADDRESS).
2- I have done configured some network in remote network but function only first.

NB:The RUT955 is upgrade at the last firmware.

There is a tool to debug this? or command on the CLI?

Regards
Dario
by
Hello

One Moderator from FORUM sent me an new firmware "beta" RUT9XX_T_F1380_00.06.03.40_WEBUI

Before to upgrade I have need to answer my questions because my RUT995 is in production.
I can't risk.

I have some question for this new firmware:

1-Is mandatory delete all configuratioon at RUT955 or I can test the new firmware also keep the configuration?
2- Can I rollback from old firmware and restore the configuration (in case to problem)?
3-Can you send me some command line to test VPN o DEBUG? (I have work hard to configure RUT995 to VPN Cisco Router 1841 end Cisco ASA 5505 was't simple)
4-In the new firmware is possible to see when the VPN are connect? 5-Which are the issue resolved in this new firmware?

Thanks in advance for your support

Regards Dario
by
Hi zio77, I saw you configured a VPN with cisco router and Cisco ASA, can you help me with that? i really need help.

Hope you can and thanks in advance.
by
Hello Oaguirre
I can try help you.
What is you issue?

4 Answers

0 votes
by
Hi,

Could you write me a private message for this case?
by
Yes of course.
But I can't see your email address..
by
Just press on my account (username) and will apear possibility to send private message.
by

Sorry

I check with tre browser but I see = anonymous

I don't see yur username, I see only anonymous 

I must register on the site?

Regards

Dario

by
Yes, you should register, then you will be able to send private messages.
by
Hello

One Moderator from FORUM sent me an new firmware "beta" RUT9XX_T_F1380_00.06.03.40_WEBUI

I have some question for this new firmware:

1-Is mandatory delete all configuratioon at RUT955 or I can test the new firmware also keep the configuration?
2- Can I rollback from old firmware and restore the configuration (in case to problem)?
3-Can you send me some command line to test VPN o DEBUG? (I have work hard to configure RUT995 to VPN Cisco Router 1841 end Cisco ASA 5505 was't simple)
4-In the new firmware is possible to see when the VPN are connect?

5-Which are the issue resolved in this new firmware?

Thanks in advance for your support

Regards Dario
by
Hi,

1-2 - it is test release, so do not keep settings when flashing.

3.For debug you can use logread -f or ipsec --help commands.

4. ipsec status

5. Was made some changes for IPSec connection.
by
Thanks

This Sunday I'll test the new firmware and inform you.

Regards
Dario
by
Hello

Today I upgraded the RUT995 with the BETA Firmware (default reset)

The FQDN issue is the same.

I have see on debug commad this:

Modena[2]: CONNECTING, %any6[%any]...64:ff9b::9743:7de9[%any]

I think the system try resolve the name in IPv6 ? (this is a mistake)

Sun Jul  7 10:36:54 2019 daemon.info syslog: 06[IKE] initiating Main Mode IKE_SA Modena[2] to 64:ff9b::9743:7de9

Sun Jul  7 10:36:54 2019 authpriv.info syslog: 06[IKE] initiating Main Mode IKE_SA Modena[2] to 64:ff9b::9743:7de9

Sun Jul  7 10:36:54 2019 daemon.info syslog: 07[ENC] parsed INFORMATIONAL_V1 request 2532502331 [ HASH N(INVAL_ID) ]

Sun Jul  7 10:36:54 2019 daemon.info syslog: 07[IKE] received INVALID_ID_INFORMATION error notify

Sun Jul  7 10:36:58 2019 daemon.info syslog: 10[IKE] sending retransmit 1 of request message ID 0, seq 1

Sun Jul  7 10:36:58 2019 daemon.info syslog: 10[NET] sending packet: from ::[500] to 64:ff9b::9743:7de9[500] (216 bytes)

Sun Jul  7 10:36:58 2019 daemon.info syslog: 04[NET] error writing to socket: Permission denied

Sun Jul  7 10:37:05 2019 daemon.info syslog: 06[IKE] sending retransmit 2 of request message ID 0, seq 1

Sun Jul  7 10:37:05 2019 daemon.info syslog: 06[NET] sending packet: from ::[500] to 64:ff9b::9743:7de9[500] (216 bytes)

And for the network issue is the same:

i see only one network on debug:

SanGer{1}:   192.168.91.0/24 === 192.168.99.0/24

I configured 4 network

192.168.98.0/29

192.168.98.8/29

172.31.31.0/29

 

Can you help me?
0 votes
by
Hello
I upgrade the RUT995 with the BETA Firmware (default reset)
I have re-check the network issue and now is OK (Work fine)

The FQDN issue is the same.
You'll check issue on your laboratory ?
Let me know asap
Regards
by

Hello,

try to add custom option:

left=%any4

by
Hello

Many thanks

Tomorrow I test it

Regards
Dario
by
OK Very Very Good!!!

Finally work fine!!

Thenks very moutch!!!
0 votes
by
Hello Oaguirre
I can try help you.
What is you issue?
0 votes
by
I sent you a private massage zio77