Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco RV082 and Avaya 9620L

Status
Not open for further replies.
Trems

Trems

Programmer
Joined
Feb 13, 2003
Messages
75
Location
US
Has anyone had success getting the 9620L to link through this router? I am working with the customer's IT guy but have had no luck. He does not think it supports XAuth which was the only settings I found online.Connection between Avaya 9600 VPN phone to Cisco (Linksys) RV082 small business router.

Avaya Phone configuration
1 VPN : Enabled
2 VPN Vendor: Cisco
3 Gateway Address: xxx.xxx.xxx.xxx
4 External Router: 0.0.0.0 (provided by dhcp from home Network).
5 External Telephone IPAddress:0.0.0.0 (Same as above).
6 External Subnet Mask: 0.0.0.0 (Same as above).
7 External DNS Server: (Provided by Service provider).
8 Encapsulation : 4500-4500
9 Copy TOS: No
10 Auth. Type: PSK with XAUTH
11 VPN User Type: Any
12 VPN User: xxx@xxx.com
13 Password XXXXX: Save in Flash (save password XXXXX flash memory)
14 User Password: xxxxx
15 IKE ID (Group Name): antvpnphones
16 Pre-Shared Key (PSK) XXXXXXXXXXXXXXXX
17 IKE ID Type: USER_FQDN
18 IKE Xchg Mode: Aggressive.
19 IKE DH Group: 1
20 IKE Encryption Alg: DES
21 IKE Auth. Alg. : MD5
22 IKE Config. Mode: Enabled
23 IPsec PFS DH Group: 1
24 IPsec Encryption Alg: DES
25 IPsec Auth. Alg.: MD5
26 Protected Network: 192.168.1.0/24
27 IKE Over TCP: Auto

IKE config in RV082 is the same.
 
Sort by date Sort by votes
Here is how we deploy 9620's with Cisco ASA's on a daily basis. The firewall you are referring to is actually a legacy linksys firewall which does not guarantee interop like the ASA's do per Avaya's guides.

ADDR Tab: (I have always had better luck entering this information accordingly per the subnet the IP Office is on instead of dynamically - we verify these settings by getting the phone to load locally per these settings before deploying remotely)
Phone: XXX.XXX.X.XXX (open IP address on subnet matching IPO unless special routes are created)
Call Server: IP address of IP Office
Router: IP address of router on same subnet as IP office (unless special routes are created)
Mask: 255.255.255.0 (generally - not always)
HTTP Server: (IP address of SD card if set per provisioning or IP address of independent HTTP file server)
HTTPS Server: 0.0.0.0
VLAN ID: 0
VLAN Test: 60



NOTE: You must page all the way right to the right on the VPN tab after entering settings then press press exit button to commit changes. Pressing cancel on other pages will not properly save settings.

VPN Tab:
VPN Enabled
VPN Vendor: Cisco
Gateway: XXX.XX.XXX.XXX (Public IP Address of ASA)
EXT Router: 0.0.0.0 (Let DHCP Server Distribute)
Ext Subnet: 0.0.0.0 (Let DHCP Server Distribute)
Ext DNS: 0.0.0.0 (Let DHCP Server Distribute)
Encapsulation: 4500-4500
Copy TOS: No
Auth Type: PSK w/ XAuth
VPN User Type: Any
VPN User: As assigned in ASA
Password Type: Save in flash
User Password: As assigned in ASA (See below)
IKE ID: (must match the group name of which the user is assigned to user for VPN)
PSK: (must match the password for the group of which the user is assigned)
IKE ID: KEY_ID
IKE Xchg Mode: Aggressive
IKE DH Group: 2 (this varies quite a bit depending on security settings of the ASA)
IKE Encryption Alg: Any
IKE Auth Alg: Any
IKE Config Mode: Enabled
IPSec PFSDH Group: 2 (this also varies quite a bit depending on security settings of the ASA)
IPSec Encryption Alg: Any
IPSec Auth Alg: Any
Protected Network: 0.0.0.0/0
IKE Over TCP: Never


If the 9620 fails on phase 1 or phase 2, changing the DH group per what is actually set in the ASA will often times fix the issue.

I have not spent a whole lot of time with the rv082 as it is not really a Cisco device. The methodology is all the same but hope this helps all the same. Best of luck
 
Upvote 0 Downvote
From what the IT tech states the RV082 does not support XAUTH which is the issue we are running into..I was not sure if anyone had experience with that particular router or the RV042 which I believe is the same.
 
Upvote 0 Downvote
I think you will find the RV082 wont cut it. It will do site to site IPSEC but as you state, no XAUTH on client access. hey use "QuickVPN" for that on the linksys.

Use Cisco or Watchguard or at least Netgear.

ACSS - SME
General Geek



1832163.png
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

cheikhdtn
  • Locked
  • Question Question
9620L
Replies
1
Views
379
NYSTECH
NYSTECH
BernPed
  • Locked
  • Question Question
Ring Central and Avaya
Replies
8
Views
1K
telecomtekperson
T
hibroth
  • Locked
  • Question Question
Avaya SPACES EoS and Pepix ?
Replies
3
Views
560
sizbut
sizbut
calin84
  • Question Question
Avaya SBCE, IP Office Server Edition and GoDaddy certs doesn't work
Replies
0
Views
104
calin84
calin84
Scuzzie2k
  • Locked
  • Question Question
IP Office 500 and Avaya Workplace
Replies
6
Views
907
derfloh
derfloh

Part and Inventory Search

Sponsor

Back
Top