10508 questions

12508 answers


22026 members

0 votes
1,404 views 4 comments
I used to configure IPSEC with RUT 950 and everythings worked before the last firmware.

I can see a new PSK option in the new version wich needs "Secre'ts ID selector" otherwise it can not stablish the IPSEC!!

So strange without any guide .

I am using Cisco ASA on the other side and the Id is set to "Address" ,I set my host IP on the RUT as "secret's ID selectro" but it doesn't work.

Please help me with this.

2 Answers

0 votes

I opened a discussion fo FQDN in IPsec.
I think we have a similai issue

One Moderator from FORUM sent me an new firmware "beta" RUT9XX_T_F1380_00.06.03.40_WEBUI

Before to upgrade I have need to answer my questions because my RUT995 is in production.
I can't risk.

I have some question for this new firmware:

1-Is mandatory delete all configuratioon at RUT955 or I can test the new firmware also keep the configuration?
2- Can I rollback from old firmware and restore the configuration (in case to problem)?
3-Can you send me some command line to test VPN o DEBUG? (I have work hard to configure RUT995 to VPN Cisco Router 1841 end Cisco ASA 5505 was't simple)
4-In the new firmware is possible to see when the VPN are connect? 5-Which are the issue resolved in this new firmware?

Thanks in advance for your support

Regards Dario

It took my whole sunday to check all!

I have another RUT950 in production with previous firmware(I bought it 2 months ago) and it works and the new one is not in production and can test the new firmware .

Could you please send me the new firmware to me?



Ok, How I can send you firmware beta?

By mail,


Zip and send :)
0 votes
Have updated the firmware but it seems the  same problem!
When I set it up with no "secret ID" It says:
"Warning,Secret's Id selector has not benn specified.IPSEC will be unable to establish a connection."
And on the ASA router ,I get:

       A peer sent an ID payload without including any ID data, which is invalid.     

But when I set the secret Id to my Cisco IP address(interface) ,the Cisco router says:
"Recived an uncrypted Invali_KEY_INFO notify message,dropping.
My qoestions are:
1.Can I use the old firmware on the new routers?(the previous one that is working now)
2.Why it can not be left as blank(the secret Id on RUT950)?

I notice this issue.
After 3 day at work and more and more debug I have find the solution / combination.
Now the VPN are UP
JavadS will test the new firmware "beta"
I wait the notice