cancel
Showing results for 
Search instead for 
Did you mean: 

Incoming VPN Issue

Richard_C
Hooked
Posts: 6
Thanks: 1
Registered: 27-07-2017

Incoming VPN Issue

Hello,

I have recently joined PlusNet and have been connected to your Fibre Extra Service for a few days now and all was working great. I now have an issue and was wondering if someone could point me in the right direction to get it resolved..

I have a Cisco RV320 VPN Router connetced to a Draytek Vigor 130 VDSL2 modem. I occsionally VPN in to my home network to securely copy files to and from my NAS, or connect to more securely perform certain tasks on the internet when connected via an open or public access point.

When my PlusNet Fibre first went live, one of the first things I checked was that my VPN still functioned as it did when I was on my old broadband with Talk Talk, and this all check out OK.. However, later that same day it suddenly stopped for no reason.. I had made no configuration changes to either the Server or Client end, but I did notice that my service disconnected very briefly, and when it came back online it had changed to a completely different WAN IP Address.. I only noticed this change after reviewing my DDNS service logs.

Since this point, I can no longer get my VPN to function. It is throwing up some sort of error in the log which I have investigated and it could be pointing to some sort of Natting problem on the WAN side. I have checked all the Firewall and SecureGuard settings etc on the service at your end and all tis is turned off..

Does anyone have any Idea what is causing the issue and help me get it resolved?

 

Many thanks in advance...

8 REPLIES
Community Gaffer
Community Gaffer
Posts: 13,423
Thanks: 1,184
Fixes: 92
Registered: 04-04-2007

Re: Incoming VPN Issue

No natting out on our network and no obvious reason why this wouldn't work. Where are you trying to VPN from and can you reach your home machine at all? i.e. via a traceroute or similar?

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Richard_C
Hooked
Posts: 6
Thanks: 1
Registered: 27-07-2017

Re: Incoming VPN Issue

Hi..

 

Yes.. I can reach my home WAN IP fine either directly or by my DDNS host..

I have tried to VPN from 3 different devices and from 3 different network sources (Three, O2 & my Work open Guest WIFI).

i get the following error in my VPN log when I attempt to connect:

[Tunnel Authorize Fail] no connection has been authorized with policy=AGGRESSIVE+XAUTHPSK+XAUTHSERVER

I have changed no configuration ration and I cannot understand what can be causing this issue, as I have had this working in exactly the same config for the last 2/3 years with no issues..

Many Thanks...

Richard_C
Hooked
Posts: 6
Thanks: 1
Registered: 27-07-2017

Re: Incoming VPN Issue

As a further update... when I was out and about today I did some further investigation and testing

 

Cisco EasyVPN (which the router uses) requires the following ports:

ISAKMP - UDP 500
ESP - Protocol 50
NAT-T - UDP 4500
IPSEC Over UDP - UDP 10000 (Default)
IPSEC Over TCP - TCP 10000 (Default)

 

Having done a port scan against my Wan IP from an external source, It appears that port 10000 used for IPSEC is blocked.. However, this is not being blocked by my firewall..

many thanks

Community Gaffer
Community Gaffer
Posts: 13,423
Thanks: 1,184
Fixes: 92
Registered: 04-04-2007

Re: Incoming VPN Issue

Struggling to think what else it could be that's under our control. Recognise you may not have intentionally changed anything, but the error does look like something specific to the VPN or client config to me Huh

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Richard_C
Hooked
Posts: 6
Thanks: 1
Registered: 27-07-2017

Re: Incoming VPN Issue

I know, I am struggling with this too..

i am certain it is nothing I have done... I was at work on Tuesday morning this week and I was able to VPN in fine several times, then suddenly it stopped working.. nothing could have changed on the VPN router because there was no one at home (and in fact I am the only one who knows the password to make the changes). And I had certainly not made any config changes to the VPN client on my device (iPhone).. it's just damn strange...

Community Gaffer
Community Gaffer
Posts: 13,423
Thanks: 1,184
Fixes: 92
Registered: 04-04-2007

Re: Incoming VPN Issue

Happy to temporarily assign you a static IP to see if it makes any difference?

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Richard_C
Hooked
Posts: 6
Thanks: 1
Registered: 27-07-2017

Re: Incoming VPN Issue

Hi Bob

 

I guess we could give that a go..

im not sure how that would make a difference but willing to give anything a try at this point..

 

many thanks

Richard

Richard_C
Hooked
Posts: 6
Thanks: 1
Registered: 27-07-2017

Re: Incoming VPN Issue

Hang on don't do anything.... it has miraculously started working again... 

 

ill try it for a couple of days and see if it goes again...

many tganks

 

richard