Getting VPN tunnel working

When trying to bring up a VPN tunnel I get the following log messages:

 3-27: 16:32:15.143 My Connections\QCC-VPN - Initiating IKE Phase 1 (IP ADDR=70.100.xxx.xxx)
 3-27: 16:32:15.159 My Connections\QCC-VPN - SENDING>>>> ISAKMP OAK MM (SA, VID 2x)
 3-27: 16:32:30.194 My Connections\QCC-VPN - message not received! Retransmitting!
 3-27: 16:32:30.194 My Connections\QCC-VPN - SENDING>>>> ISAKMP OAK MM (Retransmission)
 3-27: 16:32:30.257 My Connections\QCC-VPN - RECEIVED<<< ISAKMP OAK INFO (NOTIFY:NO_PROPOSAL_CHOSEN)
 3-27: 16:32:30.257 My Connections\QCC-VPN - Discarding IKE SA negotiation

Any idea what this means?
tonykmanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Steviek411Commented:
Recheck your authentication and encryption settings. They don't match.
0
tonykmanAuthor Commented:
I set everything up as default on the firewall and the client.  I double checked both of there auth and encrytion settings are they appear the same.
0
tonykmanAuthor Commented:
I changed the negotiation on the client from main to aggressive and now this is the message:

 3-28: 14:15:05.250 My Connections\QCC-VPN - Initiating IKE Phase 1 (IP ADDR=70.100.xxx.xxx)
 3-28: 14:15:05.562 My Connections\QCC-VPN - SENDING>>>> ISAKMP OAK AG (SA, KE, NON, ID, VID 6x)
 3-28: 14:15:05.625 My Connections\QCC-VPN - RECEIVED<<< ISAKMP OAK INFO (NOTIFY:INVALID_ID_INFO)
 3-28: 14:15:05.625 My Connections\QCC-VPN - Discarding SA negotiation
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

Steviek411Commented:
These logs look like a watchguard product. Am I correct? Check your phase 1 settings. Thats where it looks like the problem is. If all else fails delete the tunnels and recreate them from scratch.
0
Steviek411Commented:
Also, only one end should be configured as aggressive.
0
tonykmanAuthor Commented:
This is a netgear vpn/firewall.  I have deleted the tunnel settings and recreated them multiple times so far.  I even looked at the manual and set this up using its simplest settings and still nothing.
0
tonykmanAuthor Commented:
If I configure the client to be main and the netgear firewall to be aggressive, I get the first error.
0
Steviek411Commented:
Try this link I just found on the net. Do a search for Invalid_id_info and read the results.

http://www.sonicwall.com/support/pdfs/technotes/Troubleshooting_Guide_IKE_VPN_Initialization_rev0.pdf
0
tonykmanAuthor Commented:
No luck...but after I changed the client back to main (netgear box is aggressive), I get the first error message.
0
Steviek411Commented:
Try changing your parameters on both ends to something else. Maybe your current settings are not compatible with your hardware/internet/etc settings. Everything that I know about this points to a misconfiguration. Check out your client settings closely.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tonykmanAuthor Commented:
I had to setup FQDN on both sides for authorization and that seemed to work.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.