Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 912
  • Last Modified:

VPN connection problems

I am trying to connect a Netgear DGFV338 to a Draytek 2820 with a VPN, I have managed plenty of other times butIhave not used a Draytek before, therfore I think i am missing something.

The following is the error log from the Netgear

2011-05-06 14:06:00: INFO:  Using IPsec SA configuration: 192.168.1.0/24<->192.168.14.0/24
2011-05-06 14:06:00: INFO:  Configuration found for 81.yy.yy.59.
2011-05-06 14:06:00: INFO:  Initiating new phase 2 negotiation: 84.xx.xx.125[0]<=>81.yy.yy.59[0]
2011-05-06 14:06:06: INFO:  Responding to new phase 2 negotiation: 84.xx.xx.125[0]<=>81.yy.yy.59[0]
2011-05-06 14:06:06: INFO:  Using IPsec SA configuration: 192.168.1.0/24<->192.168.14.0/24
2011-05-06 14:06:06: WARNING:  Peer's Proposal:
2011-05-06 14:06:06: WARNING:   (proto_id=ESP spisize=4 spi=0828b86f spi_p=00000000 encmode=Tunnel reqid=0:0)
2011-05-06 14:06:06: WARNING:    (trns_id=3DES encklen=0 authtype=254)
2011-05-06 14:06:06: WARNING:  Local Proposal:
2011-05-06 14:06:06: WARNING:   (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=1:1)
2011-05-06 14:06:06: WARNING:    (trns_id=3DES encklen=0 authtype=hmac-md5)
2011-05-06 14:06:06: WARNING:  Phase 2 proposal by 81.yy.yy.59[0] did not match.
2011-05-06 14:06:06: ERROR:  No suitable policy found for 81.yy.yy.59[0]
2011-05-06 14:06:06: INFO:  Sending Informational Exchange: notify payload[NO-PROPOSAL-CHOSEN]
2011-05-06 14:06:07: INFO:  Purged ISAKMP-SA with proto_id=ISAKMP and spi=bb990840ddac1448:d181ba3ad07611625.

Open in new window


if someone could point me in the right direction please.


 
0
Carpe--Diem
Asked:
Carpe--Diem
1 Solution
 
SouljaCommented:
Both router's policies have to match or the tunnel won't negotiate. Based on your log it looks like they are using different types of authentication

2011-05-06 14:06:06: WARNING: Peer's Proposal:2011-05-06 14:06:06: WARNING:   (proto_id=ESP spisize=4 spi=0828b86f spi_p=00000000 encmode=Tunnel reqid=0:0)
2011-05-06 14:06:06: WARNING:    (trns_id=3DES encklen=0 authtype=254)
2011-05-06 14:06:06: WARNING:  Local Proposal:2011-05-06 14:06:06: WARNING:   (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=1:1)
2011-05-06 14:06:06: WARNING:    (trns_id=3DES encklen=0 authtype=hmac-md5)
0
 
Carpe--DiemAuthor Commented:
Sorry am I bad, found it the problem it should have been 3des with authentication.

thank for reading.

0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now