[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1783
  • Last Modified:

Site to Site VPN Using D-Link DI-804HV and Netgear Prosafe DGFV338 ADSL Routers

We have taken on a new customer who has 4 remote sites which are connected via VPN router to router.

1 site has stopped working. When looking at the VPN logs I get the following messages...

2010 Aug 17 15:21:26 [MC.LUTON-DGFV338] [VPNKA] Peer 10.1.1.254 failed 534 of 3 times_
2010 Aug 17 15:21:26 [MC.LUTON-DGFV338] [VPNKA] Failed to send Keep-Alive Request to _
2010 Aug 17 15:21:33 [MC.LUTON-DGFV338] [IKE] accept a request to establish IKE-SA: 213.123.227.14_
2010 Aug 17 15:21:34 [MC.LUTON-DGFV338] [IKE] Configuration found for 213.123.227.14._
2010 Aug 17 15:21:36 [MC.LUTON-DGFV338] [VPNKA] Peer 10.1.1.254 failed 535 of 3 times_
2010 Aug 17 15:21:36 [MC.LUTON-DGFV338] [VPNKA] Failed to send Keep-Alive Request to _
2010 Aug 17 15:21:40 [MC.LUTON-DGFV338] [IKE] The packet is retransmitted by 222.222.222.22[500]._
2010 Aug 17 15:21:41 [MC.LUTON-DGFV338] [IKE] Ignore information because ISAKMP-SA has not been established yet._
2010 Aug 17 15:21:46 [MC.LUTON-DGFV338] [VPNKA] Peer 10.1.1.254 failed 536 of 3 times_
2010 Aug 17 15:21:46 [MC.LUTON-DGFV338] [VPNKA] Failed to send Keep-Alive Request to _
2010 Aug 17 15:21:50 [MC.LUTON-DGFV338] [IKE] Phase 1 negotiation failed due to time up for 222.222.222.22[500]. 64858552ec1cc8d0:27462c5f9167dded_
2010 Aug 17 15:21:56 [MC.LUTON-DGFV338] [VPNKA] Peer 10.1.1.254 failed 537 of 3 times_
2010 Aug 17 15:21:56 [MC.LUTON-DGFV338] [VPNKA] Failed to send Keep-Alive Request to _
2010 Aug 17 15:22:05 [MC.LUTON-DGFV338] [IKE] Invalid SA protocol type: 0_
2010 Aug 17 15:22:05 [MC.LUTON-DGFV338] [IKE] Phase 2 negotiation failed due to time up waiting for phase1. _
2010 Aug 17 15:22:06 [MC.LUTON-DGFV338] [VPNKA] Peer 10.1.1.254 failed 538 of 3 times_
2010 Aug 17 15:22:06 [MC.LUTON-DGFV338] [VPNKA] Failed to send Keep-Alive Request to _
2010 Aug 17 15:22:06 [MC.LUTON-DGFV338] [IKE] Using IPsec SA configuration: 10.3.1.0/24<->10.1.1.0/24_
2010 Aug 17 15:22:06 [MC.LUTON-DGFV338] [IKE] Configuration found for 222.222.222.22._
2010 Aug 17 15:22:06 [MC.LUTON-DGFV338] [IKE] Initiating new phase 1 negotiation: 222.222.222.22[500]<=>222.222.222.21[500]_
2010 Aug 17 15:22:06 [MC.LUTON-DGFV338] [IKE] Beginning Identity Protection mode._
2010 Aug 17 15:22:12 [MC.LUTON-DGFV338] [IKE] The packet is retransmitted by 222.222.222.22[500]._
2010 Aug 17 15:22:16 [MC.LUTON-DGFV338] [VPNKA] Peer 10.1.1.254 failed 539 of 3 times_
2010 Aug 17 15:22:16 [MC.LUTON-DGFV338] [VPNKA] Failed to send Keep-Alive Request to _
2010 Aug 17 15:22:17 [MC.LUTON-DGFV338] [IKE] The packet is retransmitted by 222.222.222.22[500]._

I have tried to create another VPN using the same settings but still get the same error message. As far as we can tell nothing has changed as the other 3 sites are working fine.

I have update the ADSL and Router firmware on the Netgear Prosafe.

Can anyone help me try and find out whats going on?
0
techies123
Asked:
techies123
  • 2
1 Solution
 
digitapCommented:
do you have clients connecting to the netgear?  try disabling the keep alive on the netgear and post back.
0
 
SysExpertCommented:
Also - look at the logs on the other end, since it may contain more info.

Do you have any saved config ?
Can you compare the settings of the other routers ?

What has changed ?

It may be cheaper to buy another router to test with,
0
 
SysExpertCommented:
ALso - is there a Dynamic address  involved ( not a static IP ), that may have changed ?

0
 
techies123Author Commented:
After some hours of going over the settings again and again I found the PassPhrase to be incorrect on the D-Link Router.

Recreated the rule again and now connects OK.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now