VPN Connections problems between FVS318 routers
I have 3 Netgear FVS318v3 routers in different offices. I am trying to setup the routers in each office to have 2 VPN tunnels (one to each of the other 2 offices). I have the VPN tunnel working between office A and B. However the problem I'm having is that I can't get either of them to connect to C. Below is a description of how its connected.
LAN -> FVS318 -> DSL Modem (in bridge mode) -> Internet -> DSL Modem (bridge mode) -> FVS318 -> LAN
Each of the offices have a dynamic IP so I have setup dyndns.org to give a domain name to each of them. Below are the policy details from office A. The settings are the same in office C, except for changes to the IP ranges and end point.
IKE Policy
Name : yellow
Direction: Both
Exchange mode: Main Mode
Local Identity Type: WAN IP Address
Remote Identity Type: Remote WAN IP
Encryption Algorith: 3DES
Auth Algorithm: SHA-1
Auth Method: Pre-shared Key
DH Group: Group 2 (1024 Bit)
SA Life Time: 28800
VPN Auto Policy
Name: yellow
IKE Policy: yellow
Remote VPN Endpoint: FQDN
Address: [my dyndns.org domain name]
SA Life Time: 28800 (Seconds)
IPSec PFS: Disabled
Local IP: Subnet address (192.168.1.0 / 255.255.255.0 )
Remote IP: Subnet address (192.168.3.0 / 255.255.255.0 )
AH Auth: Disabled
ESP Encryption: Enabled (3DES)
ESP Auth: Enabled (SHA-1)
NetBios: Enabled
When I attempt to initiate the connection from office A I see the following:
[2008-10-08 06:08:01][==== IKE PHASE 1(to x.x.x.x) START (initiator) ====]
[2008-10-08 06:08:01]**** SENT OUT FIRST MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:01]<POLICY: yellow> PAYLOADS: SA,PROP,TRANS
[2008-10-08 06:08:01]**** RECEIVED SECOND MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:01]<POLICY: yellow> PAYLOADS: SA,PROP,TRANS
[2008-10-08 06:08:02]**** SENT OUT THIRD MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:02]<POLICY: yellow> PAYLOADS: KE,NONCE
[2008-10-08 06:08:03]**** RECEIVED FOURTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:03]<POLICY: yellow> PAYLOADS: KE,NONCE
[2008-10-08 06:08:05]<ID PAYLOAD> Type = ID_IPV4_ADDR,ID Data=x.x.x.x
[2008-10-08 06:08:05]**** SENT OUT FIFTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:09]**** RECEIVED SIXTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:14]**** RECEIVED SIXTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:19]**** RECEIVED SIXTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:24]**** RECEIVED INFORMATIONAL EXCHANGE MESSAGE ****
The logs on office C show this
[2008-10-08 06:08:02][==== IKE PHASE 1(from x.x.x.x) START (responder) ====]
[2008-10-08 06:08:02]**** RECEIVED FIRST MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:02]<POLICY: Xenia> PAYLOADS: SA,PROP,TRANS
[2008-10-08 06:08:02]<POLICY: Xenia> PAYLOADS: SA,PROP,TRANS
[2008-10-08 06:08:02]**** SENT OUT SECOND MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:03]**** RECEIVED THIRD MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:03]<POLICY: Xenia> PAYLOADS: KE,NONCE
[2008-10-08 06:08:05]<POLICY: Xenia> PAYLOADS: KE,NONCE
[2008-10-08 06:08:05]**** SENT OUT FOURTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:06]**** RECEIVED FIFTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:11]**** RECEIVED FIFTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:16]**** RECEIVED FIFTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:21]**** RECEIVED FIFTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:25]**** SENT OUT INFORMATIONAL EXCHANGE MESSAGE ****
[2008-10-08 06:08:25]<POLICY: Xenia> PAYLOADS: DEL
This is where it stops. No mater which end I connect from it always does the same thing.
LAN -> FVS318 -> DSL Modem (in bridge mode) -> Internet -> DSL Modem (bridge mode) -> FVS318 -> LAN
Each of the offices have a dynamic IP so I have setup dyndns.org to give a domain name to each of them. Below are the policy details from office A. The settings are the same in office C, except for changes to the IP ranges and end point.
IKE Policy
Name : yellow
Direction: Both
Exchange mode: Main Mode
Local Identity Type: WAN IP Address
Remote Identity Type: Remote WAN IP
Encryption Algorith: 3DES
Auth Algorithm: SHA-1
Auth Method: Pre-shared Key
DH Group: Group 2 (1024 Bit)
SA Life Time: 28800
VPN Auto Policy
Name: yellow
IKE Policy: yellow
Remote VPN Endpoint: FQDN
Address: [my dyndns.org domain name]
SA Life Time: 28800 (Seconds)
IPSec PFS: Disabled
Local IP: Subnet address (192.168.1.0 / 255.255.255.0 )
Remote IP: Subnet address (192.168.3.0 / 255.255.255.0 )
AH Auth: Disabled
ESP Encryption: Enabled (3DES)
ESP Auth: Enabled (SHA-1)
NetBios: Enabled
When I attempt to initiate the connection from office A I see the following:
[2008-10-08 06:08:01][==== IKE PHASE 1(to x.x.x.x) START (initiator) ====]
[2008-10-08 06:08:01]**** SENT OUT FIRST MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:01]<POLICY: yellow> PAYLOADS: SA,PROP,TRANS
[2008-10-08 06:08:01]**** RECEIVED SECOND MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:01]<POLICY: yellow> PAYLOADS: SA,PROP,TRANS
[2008-10-08 06:08:02]**** SENT OUT THIRD MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:02]<POLICY: yellow> PAYLOADS: KE,NONCE
[2008-10-08 06:08:03]**** RECEIVED FOURTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:03]<POLICY: yellow> PAYLOADS: KE,NONCE
[2008-10-08 06:08:05]<ID PAYLOAD> Type = ID_IPV4_ADDR,ID Data=x.x.x.x
[2008-10-08 06:08:05]**** SENT OUT FIFTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:09]**** RECEIVED SIXTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:14]**** RECEIVED SIXTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:19]**** RECEIVED SIXTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:24]**** RECEIVED INFORMATIONAL EXCHANGE MESSAGE ****
The logs on office C show this
[2008-10-08 06:08:02][==== IKE PHASE 1(from x.x.x.x) START (responder) ====]
[2008-10-08 06:08:02]**** RECEIVED FIRST MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:02]<POLICY: Xenia> PAYLOADS: SA,PROP,TRANS
[2008-10-08 06:08:02]<POLICY: Xenia> PAYLOADS: SA,PROP,TRANS
[2008-10-08 06:08:02]**** SENT OUT SECOND MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:03]**** RECEIVED THIRD MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:03]<POLICY: Xenia> PAYLOADS: KE,NONCE
[2008-10-08 06:08:05]<POLICY: Xenia> PAYLOADS: KE,NONCE
[2008-10-08 06:08:05]**** SENT OUT FOURTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:06]**** RECEIVED FIFTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:11]**** RECEIVED FIFTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:16]**** RECEIVED FIFTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:21]**** RECEIVED FIFTH MESSAGE OF MAIN MODE ****
[2008-10-08 06:08:25]**** SENT OUT INFORMATIONAL EXCHANGE MESSAGE ****
[2008-10-08 06:08:25]<POLICY: Xenia> PAYLOADS: DEL
This is where it stops. No mater which end I connect from it always does the same thing.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I updated the firmware in office C and all of the links started working. Not sure what the problem was but at least its fixed now.
ASKER
As for the firmware all 3 are running version 26, the latest version is 27. I am going to upgrade office C to the latest version in a few hours.