Home/Support/Support Forum/Error VPN between WR21 and WR31
Welcome to Digi Forum, where you can ask questions and receive answers from other members of the community.

Error VPN between WR21 and WR31

0 votes
Hello,

I'm trying to connect 2 Digi Transport by VPN (WR31 and WR21,the first one is the initiator and the second one the responder).

I followed this steps: http://ftp1.digi.com/support/documentation/AN_010_IPSec_Over_Cellular_using_Digi_Tport_Routers.pdf but in the end, the VPN doesn't conect.

My initiator's log (the order is from botton to top):
15:08:44, 05 Oct 2018,Eroute 0 VPN up created by WR21
15:08:44, 05 Oct 2018,IPSec SA Deleted ID WR31, Remote Deleted
15:08:44, 05 Oct 2018,Eruoute 0 VPN down peer: WR21

My responder's log:
15:08:44, 05 Oct 2018,Eroute 0 VPN down peer: WR31
15:08:44, 05 Oct 2018,IPSec SA Deleted ID WR31,Eroute/SA mismatch
15:08:44, 05 Oct 2018,Eroute 0 VPN up peer: WR31
15:08:44, 05 Oct 2018,New IPSec SA created by WR31

According to the things that I had read, the VPN should be stay UP.

Is there something that I'm forgeting? Thanks for advance.
asked Oct 16, 2018 in Digi TransPort Cellular by ingenieroIoT New to the Community (1 point)

Please log in or register to answer this question.

1 Answer

0 votes
This would depend on how the configuration is on the routers.

on initiator should not have responder switched on in the configuration this is on by default

on the responder this does not need the peer ip address as this can cause the responder totry to also build tunnels .

this can cause on of the routers to have to many SA's and when sending traffic out it can be wrong SA as the othere side could have cleared them out.

try above save configurations and then reboot them together and see what is happening with the SA's

check you are on current firmware incase there has been some fixes
answered Oct 17, 2018 by James.Wilson Veteran of the Digi Community (1,187 points)
...