Set up Netgear FVS318v3 VPN Client Connection to Netgear Prosafe VPN Client

I have attached both the code from the log viewer on my newly failed attempt to connect, and all of the original pictures that were edited since you last helped me. If I did not include a picture, the settings present in the old pictures did not change.

I was not sure on your first comment, "On router for Local fully qualified domain name specify creativethermalsolutions.dyndns.org"  what you wanted me to do.  Would you like me to change a setting on the VPN router, because I didn't do that.

I had already entered in my pre-shared key in the correct place, so that's not the failure.

In the email space, I entered "employee" since that is the remote ID i specified on my router.  Is that still correct? There is also a local ID which is netgear.  I'm not terrible sure on what the need for those two ID is.

This wouldn't be hindered because I'm doing this already within the network I'm on, would it?  Do I have to find an outside network to test this on?

Also, on my last picture from my first post, I have seen places change the retransmit interval and enable other logs and things in that menu.  Anything in there I should be worried about?

Thanks again for all your help.

This is the code from the router.

[2009-04-08 14:43:39][==== IKE PHASE 1(from 192.168.15.100) START (responder) ====]
[2009-04-08 14:43:39]**** RECEIVED  FIRST MESSAGE OF AGGR MODE ****
[2009-04-08 14:43:39]<POLICY: > PAYLOADS: SA,PROP,TRANS,KE,NONCE,ID,VID,VID,VID,VID,VID
[2009-04-08 14:43:39]SENDING NOTIFY MSG:
[2009-04-08 14:43:39]INVALID_ID_INFORMATION
[2009-04-08 14:43:39]**** SENT OUT INFORMATIONAL EXCHANGE MESSAGE ****
[2009-04-08 14:43:39]<POLICY: > PAYLOADS: NOTIFY
[2009-04-08 14:45:25][==== IKE PHASE 1(from 192.168.15.100) START (responder) ====]
[2009-04-08 14:45:25]**** RECEIVED  FIRST MESSAGE OF AGGR MODE ****
[2009-04-08 14:45:25]<POLICY: > PAYLOADS: SA,PROP,TRANS,KE,NONCE,ID,VID,VID,VID,VID,VID
[2009-04-08 14:45:25]SENDING NOTIFY MSG:
[2009-04-08 14:45:25]INVALID_ID_INFORMATION
[2009-04-08 14:45:25]**** SENT OUT INFORMATIONAL EXCHANGE MESSAGE ****
[2009-04-08 14:45:25]<POLICY: > PAYLOADS: NOTIFY

This is the code from the client side.

 4-08: 14:43:22.578 Filter table loaded.
4-08: 14:43:36.625
 4-08: 14:43:36.718 My Connections\Employee - Initiating IKE Phase 1 (IP ADDR=192.168.15.1)
4-08: 14:43:36.953 My Connections\Employee - SENDING>>>> ISAKMP OAK AG (SA, KE, NON, ID, VID 5x)
4-08: 14:43:36.968 My Connections\Employee - RECEIVED<<< ISAKMP OAK INFO (NOTIFY:INVALID_ID_INFO)
4-08: 14:43:36.968 My Connections\Employee - Discarding SA negotiation
4-08: 14:44:25.296 Filter table loaded.
4-08: 14:44:25.296 My Connections\Employee - Filter record 1 updated.
4-08: 14:44:37.359 Filter table loaded.
4-08: 14:44:37.359 My Connections\Employee - Filter record 1 updated.
4-08: 14:44:48.593 Filter table loaded.
4-08: 14:45:18.765 Filter table loaded.
4-08: 14:45:18.765 My Connections\Employee - Filter record 1 updated.
4-08: 14:45:23.640
 4-08: 14:45:23.640 My Connections\Employee - Initiating IKE Phase 1 (IP ADDR=192.168.15.1)
4-08: 14:45:23.734 My Connections\Employee - SENDING>>>> ISAKMP OAK AG (SA, KE, NON, ID, VID 5x)
4-08: 14:45:23.750 My Connections\Employee - RECEIVED<<< ISAKMP OAK INFO (NOTIFY:INVALID_ID_INFO)
4-08: 14:45:23.750 My Connections\Employee - Discarding SA negotiation

I tried today to connect to my network from an outside connection, and it did not work.  I am wondering now if my router is the offending agent in all this.  I downloaded a trial version of TheGreenBow since the Netgear client I have been referencing doesn't work with Vista.  From my outside connection, I was able to connect to thegreenbow test vpn flawlessly, but now when I am inside my network, I don't even think VPN pass through is set up.  I tried to open the correct ports, but then the router tells me that IKE policies are using those ports and if I change them, I will effect my ability to use VPN tunneling.  I'm about ready to give up on this problem and accept it can't be done.

not to discount anything posted erlier, there is great advice in there, but...

I install a lot of Netgear routers, and I have to say the Netgear branded VPN client is crap.  Use the Shrew client @ http://www.shrew.net/download and follow the steps at http://www.shrew.net/support/wiki/HowtoNetgear.  This tutorial is for the FVX538 or FVS338 but it should be pretty easy to match up with the 318.

I will definitely take a look at that Shrew client.  I have been looking for a good, free VPN client and this just may fit the bill.  Any ideas on why the router is not seemingly responding to outside clients?  Also, should I start a new thread about the inability to do a VPN passthrough on my current router?

I would guess the lack of router response is because of the Firewall setup and that you are using Dynamic DNS.  Ma sure that TCP & UDP 500 are open and pointed to your gateway (192.168.15.1) and log into DynDNS.org and check what the host table shows your IP to be, then go to ipchicken.com and verify its the same.  If not, there's you problem.  If so, could be a thousand different things, but I'd start with with services and rules.  

If you want, set the router password and your DynDNS account info to something other than what you use now, save the config and email it to me, then set the password back.  I have a 318 sitting around that I can throw the config on and do some testing.  Might take me a couple of days to get to it (depending on what tomorow is like) but if you dont get it runnign soon I'd be glad to.

I checked my DynDNS login and IP's and that all checks out.  I have been able to use that for an FTP server on my network, which you'll be able to see in my attached Router Rule screenshot.  The problem is I am unable to open those two TCP and UDP ports on 500 because it says it interferes with an IKE policy in place.  Should I still force that to open and "break" the supposed IKE policy that is already running?  I'm going to attempt to use the Shrew Client now, and maybe that will fix this.  Any insight on my rules configuration would be amazing though.  Thanks again for all the help.

Thank you for all of your insight.  Everyone helped a lot in diagnosing the problems we have.  In the end, I believe it comes down to the router itself and it's inability to do what it advertises.  I have played with enough things like this in my day, and after all of this, it just comes down to a poorly implemented hardware router.  Thank you for both configuration help and, in the end, the knowledge that can only come with experience, and that is that some things just aren't designed well and will never do what you want.  I have decided to purchase an FVS338 and I will reference this along with the many other tutorials that exist for this router as opposed to the 318.  Thanks again. This was extremely helpful.