WRVS4400N IPSEC VPN

[Guest]

Hello Everyone, We  have a customer that recently changed IT Vedors and came to us. We  needed to change the ISP and need to make changes in their Firewall. I  went out on site and wasn able to get into the Routers and I contacted  the previos company but they wouldn release that information. So we  had to reset the devices and set everything back up. Everything works  great except before they had an IPSEC VPN Tunnel between the 2  buildings. Both Buildings have WRVS4400N Routers and I have setup a VPN  IPSEC Tunnel on both sides. I have named them the same and the summary  says that both are up. But when I try to go from one side to the other I  am unable to Ping or resolve anything. I will put all the information  that I may think is relavent to this problem and hope someone can help  me. I called Cisco but they said they are out of warranty and will not  be able to help. Cisco directed me here. Site A: Internal:     192.59.1.1 IP     255.255.255.0 (SN)External:     96.10.218.14 (IP)     255.255.255.252 (SN)     96.10.218.13 (GW)     24.25.5.60 (DNS1)     24.25.5.61 (DNS2) Site B: Internal:     192.39.1.1 (IP)     255.255.255.0 (SN)External:     50.52.145.50 (IP)     255.255.255.252 (SN)     50.52.145.49 (GW)     184.16.4.22 (DNS1)     184.16.33.54 (DNS2)VPN Tunnels Site A Site B For security purposes the IPs are not exactly what is being posted  but I have checked them 10 times and they match what the remote side  says. Again both say they are up but I am unable to ping or see devices  from the tunnel. Please help.  Thanks in advanceMike

[Guest]

   The problem is most likely in the "Local Group" configuration. The way they are set up is basically to only allow 192.39.1.1 and 192.59.1.1 to talk to each other. Those fields should read as the subnet ID like this: 192.39.1.0 and 192.59.1.0 Try that restart the tunnels, and let us know how it worked out.

[Guest]

Thanks so much for the response. I changed them to what was suggested because that does make sense. But I tried to ping the Gateways and Printers from each side but no luck. Any other ideas?   Mike Cross

[Guest]

Got it fixed!!! You got me on the right track it was the Local Group as well as the Remote Group. Once I change them it is working here is a screenshot so if you ever need to reference it. Thanks so much and have a nice weekend. Mike Cross

[Guest]

That is good news. Thanks for pointing out what I missed. That was what I meant when I wrote the response but I am sure you learned a lot more from my small omission.  Good Luck