Site to Site VPN issue: Cisco to Netgear
Hi,
Background
Netgear ProSafe FVS336Gv3, Firmware 4.3.5-3
Cisco ASA 5505, ASA V 9.1(4)
Trying to set up a site to site VPN. have used the wizards on both devices but will not connect.
Anything I need to alter to make them work together?
Thanks
Gareth
Background
Netgear ProSafe FVS336Gv3, Firmware 4.3.5-3
Cisco ASA 5505, ASA V 9.1(4)
Trying to set up a site to site VPN. have used the wizards on both devices but will not connect.
Anything I need to alter to make them work together?
Thanks
Gareth
I think we are going to need more info if you want responses
ASKER
I suppose my real question is are they compatible.
the settings are correct as far as remote and local external IPs and also Internal IPs.
The availble encryption levels are the same, the shared password is the same.
both can use IKE 1 and 2
As far as i can see it should work, is there some weird and wonderful tick box somewhere?
Thanks
Gareth
the settings are correct as far as remote and local external IPs and also Internal IPs.
The availble encryption levels are the same, the shared password is the same.
both can use IKE 1 and 2
As far as i can see it should work, is there some weird and wonderful tick box somewhere?
Thanks
Gareth
Please see this document that suggests is can be done and the settings to do it.
https://media3.webcollage.net/e2433c8d193206ce539d5c72268718451ddd3706?response-content-type=application%2Fpdf&AWSAccessKeyId=AKIAIIE5CHZ4PRWSLYKQ&Expires=1893503622&Signature=wI393f%2FedDvlUFZ1laorh7k8k%2Bw%3D
https://media3.webcollage.net/e2433c8d193206ce539d5c72268718451ddd3706?response-content-type=application%2Fpdf&AWSAccessKeyId=AKIAIIE5CHZ4PRWSLYKQ&Expires=1893503622&Signature=wI393f%2FedDvlUFZ1laorh7k8k%2Bw%3D
Check your logs on the Netgear and degugs on the ASA. It should tell you why the VPN isn't coming up. If your phase1 and phase2 settings match. There is not reason the vpn shouldn't come up. On the ASA, make sure if you are Natting to the internet, that you create a NoNat policy to not NAT the internal subnet you are trying to span across the VPN.
ASKER
the logs from the Netgear
Tue Oct 16 16:00:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 16:00:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 16:00:45 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. 689d9cc8dd833452:ea666f201
Tue Oct 16 15:58:55 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Purged ISAKMP-SA with proto_id=ISAKMP and spi=689d9cc8dd833452:ea666
Tue Oct 16 15:58:55 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Unknown notify message from REMOTE-SITE-EXT-IP[500].No
Tue Oct 16 15:58:55 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 2 negotiation: LOCAL-SITE-EXT-IP[0]<=>REM
Tue Oct 16 15:58:55 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
Tue Oct 16 15:58:55 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA established for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT not detected
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: For REMOTE-SITE-EXT-IP[500], Selected NAT-T version: RFC 3947
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for REMOTE-SITE-EXT-IP[500]
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for LOCAL-SITE-EXT-IP[500]
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: RFC 3947
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: DPD
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xa
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 9
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 8
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 4
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:257]: XXX: NUMNATTVENDORIDS: 3
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-Traversal is Enabled
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Beginning Aggressive mode.
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 1 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Using IPsec SA configuration: 192.168.50.0/24<->10.3.3.0
Tue Oct 16 15:58:37 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:58:37 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 15:58:37 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. 197aef690e4cf2ab:b5959a11b
Tue Oct 16 15:56:47 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Purged ISAKMP-SA with proto_id=ISAKMP and spi=197aef690e4cf2ab:b5959
Tue Oct 16 15:56:47 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Unknown notify message from REMOTE-SITE-EXT-IP[500].No
Tue Oct 16 15:56:47 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 2 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:56:47 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
Tue Oct 16 15:56:47 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA established for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT not detected
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: For REMOTE-SITE-EXT-IP[500], Selected NAT-T version: RFC 3947
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for REMOTE-SITE-EXT-IP[500]
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for LOCAL-SITE-EXT-IP[500]
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: RFC 3947
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: DPD
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xa
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 9
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 8
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 4
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:257]: XXX: NUMNATTVENDORIDS: 3
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-Traversal is Enabled
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Beginning Aggressive mode.
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 1 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: accept a request to establish IKE-SA: REMOTE-SITE-EXT-IP
Tue Oct 16 15:56:18 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:56:18 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 15:56:18 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. 79e57ab6ef3e9ca6:0123eb05e
Tue Oct 16 15:56:16 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:56:16 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 15:56:16 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. e00002bf74cbb102:263a0846f
Tue Oct 16 15:55:38 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:55:38 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 15:55:38 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. 3f4349edba77ba5a:0d45dbae0
Tue Oct 16 15:54:28 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Purged ISAKMP-SA with proto_id=ISAKMP and spi=79e57ab6ef3e9ca6:0123e
Tue Oct 16 15:54:28 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Unknown notify message from REMOTE-SITE-EXT-IP[500].No
Tue Oct 16 15:54:28 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 2 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA established for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT not detected
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: For REMOTE-SITE-EXT-IP[500], Selected NAT-T version: RFC 3947
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for REMOTE-SITE-EXT-IP[500]
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for LOCAL-SITE-EXT-IP[500]
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: RFC 3947
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: DPD
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xa
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 9
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 8
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 4
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:257]: XXX: NUMNATTVENDORIDS: 3
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-Traversal is Enabled
Tue Oct 16 15:54:26 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Beginning Aggressive mode.
Tue Oct 16 15:54:26 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 1 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:54:26 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:54:26 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:54:26 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: accept a request to establish IKE-SA: REMOTE-SITE-EXT-IP
Tue Oct 16 15:54:25 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Purged ISAKMP-SA with proto_id=ISAKMP and spi=e00002bf74cbb102:263a0
Tue Oct 16 15:54:25 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Unknown notify message from REMOTE-SITE-EXT-IP[500].No
Tue Oct 16 15:54:25 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 2 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA established for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT not detected
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: For REMOTE-SITE-EXT-IP[500], Selected NAT-T version: RFC 3947
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for REMOTE-SITE-EXT-IP[500]
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for LOCAL-SITE-EXT-IP[500]
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: RFC 3947
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: DPD
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xa
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 9
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 8
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 4
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:257]: XXX: NUMNATTVENDORIDS: 3
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-Traversal is Enabled
Tue Oct 16 15:54:23 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Beginning Aggressive mode.
Tue Oct 16 15:54:23 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 1 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:54:23 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:54:23 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:54:23 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: accept a request to establish IKE-SA: REMOTE-SITE-EXT-IP
Tue Oct 16 15:53:47 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Purged ISAKMP-SA with proto_id=ISAKMP and spi=3f4349edba77ba5a:0d45d
Tue Oct 16 15:53:47 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Unknown notify message from REMOTE-SITE-EXT-IP[500].No
Tue Oct 16 15:53:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 2 negotiation: LOCAL-SITE-EXT-IP[0]<=>REM
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA established for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT not detected
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: For REMOTE-SITE-EXT-IP[500], Selected NAT-T version: RFC 3947
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for REMOTE-SITE-EXT-IP[500]
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for LOCAL-SITE-EXT-IP[500]
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: RFC 3947
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: DPD
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xa
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 9
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 8
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 4
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:257]: XXX: NUMNATTVENDORIDS: 3
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-Traversal is Enabled
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Beginning Aggressive mode.
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 1 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Using IPsec SA configuration: 192.168.50.0/24<->10.3.3.0
Tue Oct 16 15:52:40 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:52:40 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 15:52:40 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. 043968a13a17be36:c94dd3341
Tue Oct 16 15:52:03 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:52:03 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 15:52:03 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. bdb4b9857a174498:8aaa6b7ac
Tue Oct 16 15:50:50 2018 (GMT -0600): [FVS336GV3] [IKE] I
Tue Oct 16 16:00:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 16:00:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 16:00:45 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. 689d9cc8dd833452:ea666f201
Tue Oct 16 15:58:55 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Purged ISAKMP-SA with proto_id=ISAKMP and spi=689d9cc8dd833452:ea666
Tue Oct 16 15:58:55 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Unknown notify message from REMOTE-SITE-EXT-IP[500].No
Tue Oct 16 15:58:55 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 2 negotiation: LOCAL-SITE-EXT-IP[0]<=>REM
Tue Oct 16 15:58:55 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
Tue Oct 16 15:58:55 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA established for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT not detected
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: For REMOTE-SITE-EXT-IP[500], Selected NAT-T version: RFC 3947
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for REMOTE-SITE-EXT-IP[500]
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for LOCAL-SITE-EXT-IP[500]
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: RFC 3947
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: DPD
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xa
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 9
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 8
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 4
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:257]: XXX: NUMNATTVENDORIDS: 3
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-Traversal is Enabled
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Beginning Aggressive mode.
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 1 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:58:54 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Using IPsec SA configuration: 192.168.50.0/24<->10.3.3.0
Tue Oct 16 15:58:37 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:58:37 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 15:58:37 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. 197aef690e4cf2ab:b5959a11b
Tue Oct 16 15:56:47 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Purged ISAKMP-SA with proto_id=ISAKMP and spi=197aef690e4cf2ab:b5959
Tue Oct 16 15:56:47 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Unknown notify message from REMOTE-SITE-EXT-IP[500].No
Tue Oct 16 15:56:47 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 2 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:56:47 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
Tue Oct 16 15:56:47 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA established for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT not detected
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: For REMOTE-SITE-EXT-IP[500], Selected NAT-T version: RFC 3947
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for REMOTE-SITE-EXT-IP[500]
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for LOCAL-SITE-EXT-IP[500]
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: RFC 3947
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: DPD
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xa
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 9
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 8
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 4
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:257]: XXX: NUMNATTVENDORIDS: 3
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-Traversal is Enabled
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Beginning Aggressive mode.
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 1 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:56:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: accept a request to establish IKE-SA: REMOTE-SITE-EXT-IP
Tue Oct 16 15:56:18 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:56:18 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 15:56:18 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. 79e57ab6ef3e9ca6:0123eb05e
Tue Oct 16 15:56:16 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:56:16 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 15:56:16 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. e00002bf74cbb102:263a0846f
Tue Oct 16 15:55:38 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:55:38 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 15:55:38 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. 3f4349edba77ba5a:0d45dbae0
Tue Oct 16 15:54:28 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Purged ISAKMP-SA with proto_id=ISAKMP and spi=79e57ab6ef3e9ca6:0123e
Tue Oct 16 15:54:28 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Unknown notify message from REMOTE-SITE-EXT-IP[500].No
Tue Oct 16 15:54:28 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 2 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA established for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT not detected
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: For REMOTE-SITE-EXT-IP[500], Selected NAT-T version: RFC 3947
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for REMOTE-SITE-EXT-IP[500]
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for LOCAL-SITE-EXT-IP[500]
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: RFC 3947
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: DPD
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xa
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 9
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 8
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 4
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:257]: XXX: NUMNATTVENDORIDS: 3
Tue Oct 16 15:54:27 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-Traversal is Enabled
Tue Oct 16 15:54:26 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Beginning Aggressive mode.
Tue Oct 16 15:54:26 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 1 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:54:26 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:54:26 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:54:26 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: accept a request to establish IKE-SA: REMOTE-SITE-EXT-IP
Tue Oct 16 15:54:25 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Purged ISAKMP-SA with proto_id=ISAKMP and spi=e00002bf74cbb102:263a0
Tue Oct 16 15:54:25 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Unknown notify message from REMOTE-SITE-EXT-IP[500].No
Tue Oct 16 15:54:25 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 2 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA established for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT not detected
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: For REMOTE-SITE-EXT-IP[500], Selected NAT-T version: RFC 3947
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for REMOTE-SITE-EXT-IP[500]
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for LOCAL-SITE-EXT-IP[500]
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: RFC 3947
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: DPD
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xa
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 9
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 8
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 4
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:257]: XXX: NUMNATTVENDORIDS: 3
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-Traversal is Enabled
Tue Oct 16 15:54:23 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Beginning Aggressive mode.
Tue Oct 16 15:54:23 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 1 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:54:23 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:54:23 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:54:23 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: accept a request to establish IKE-SA: REMOTE-SITE-EXT-IP
Tue Oct 16 15:53:47 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Purged ISAKMP-SA with proto_id=ISAKMP and spi=3f4349edba77ba5a:0d45d
Tue Oct 16 15:53:47 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Unknown notify message from REMOTE-SITE-EXT-IP[500].No
Tue Oct 16 15:53:46 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 2 negotiation: LOCAL-SITE-EXT-IP[0]<=>REM
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA established for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT not detected
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: For REMOTE-SITE-EXT-IP[500], Selected NAT-T version: RFC 3947
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for REMOTE-SITE-EXT-IP[500]
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-D payload matches for LOCAL-SITE-EXT-IP[500]
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received unknown Vendor ID
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: RFC 3947
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: DPD
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xa
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 9
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 8
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:261]: XXX: setting vendorid: 4
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: [isakmp_agg.c:257]: XXX: NUMNATTVENDORIDS: 3
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-Traversal is Enabled
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Beginning Aggressive mode.
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Initiating new phase 1 negotiation: LOCAL-SITE-EXT-IP[500]<=>R
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Configuration found for REMOTE-SITE-EXT-IP.
Tue Oct 16 15:53:45 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Using IPsec SA configuration: 192.168.50.0/24<->10.3.3.0
Tue Oct 16 15:52:40 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:52:40 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 15:52:40 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. 043968a13a17be36:c94dd3341
Tue Oct 16 15:52:03 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: ISAKMP-SA deleted for LOCAL-SITE-EXT-IP[500]-REM
Tue Oct 16 15:52:03 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: an undead schedule has been deleted: 'quick_i1prep'.
Tue Oct 16 15:52:03 2018 (GMT -0600): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up. bdb4b9857a174498:8aaa6b7ac
Tue Oct 16 15:50:50 2018 (GMT -0600): [FVS336GV3] [IKE] I
I would check your settings. The first three or four lines above are errors including Phase 2 not connecting.
Make sure Main Mode is ON for Site to Site.
You may need NAT Traversal ON.
Check Phase I and 2 settings that they match each other on each end.
I normally keep PFS off.
Make sure both ends have static external IP addresses and that the internal subnets are different.
Make sure Main Mode is ON for Site to Site.
You may need NAT Traversal ON.
Check Phase I and 2 settings that they match each other on each end.
I normally keep PFS off.
Make sure both ends have static external IP addresses and that the internal subnets are different.
ASKER
Hi John,
thanks as always.
Main mode is on
Nat T is enabled on the cisco, cant find a setting on the Netgear
phase 1 and 2 settings match
IP addressing is correct.
the logon the cisco is bit cumbersome, but I will throw a few errors at you.
thanks as always.
Main mode is on
Nat T is enabled on the cisco, cant find a setting on the Netgear
phase 1 and 2 settings match
IP addressing is correct.
the logon the cisco is bit cumbersome, but I will throw a few errors at you.
Nat T is enabled on the cisco, cant find a setting on the Netgear
You may wish to disable this to see if that helps. If you have plain external networking (not double NAT) you may not need it. If you do, you will need a router that works with it. Cisco RVxx VPN routers will do this.
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-Traversal is Enabled
Tue Oct 16 15:54:23 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Beginning Aggressive mode.
If Main Mode is on (both ends) you should not see this second message.
You may wish to disable this to see if that helps. If you have plain external networking (not double NAT) you may not need it. If you do, you will need a router that works with it. Cisco RVxx VPN routers will do this.
Tue Oct 16 15:54:24 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: NAT-Traversal is Enabled
Tue Oct 16 15:54:23 2018 (GMT -0600): [FVS336GV3] [IKE] INFO: Beginning Aggressive mode.
If Main Mode is on (both ends) you should not see this second message.
ASKER
Thanks again John,
changed to main mode, apologies i thought i had done that.
i have disabled and re-enabled nat-t on the cisco box.
I have also tried another site with the same netgear router in to the cisco box, does not work.
netgear to netgear works.
Something i noticed. both netgear sites external IP has a subnet mask of /24, the cisco site has /25. In my head this shouldnt matter, but could it matter?
I am going to try a netgear at the cisco site, unless you have any other ideas?
thanks
Gareth
changed to main mode, apologies i thought i had done that.
i have disabled and re-enabled nat-t on the cisco box.
I have also tried another site with the same netgear router in to the cisco box, does not work.
netgear to netgear works.
Something i noticed. both netgear sites external IP has a subnet mask of /24, the cisco site has /25. In my head this shouldnt matter, but could it matter?
I am going to try a netgear at the cisco site, unless you have any other ideas?
thanks
Gareth
Keep us posted so we can help.
ASKER
Thanks John.
The external ip masks shouldn't effect vpn connectivity. As long as you have reachability to the public address of the other vpn endpoint and nothing is being filtered, you are fine.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.