NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
ERROR: invalid ID payload. on SRX5308 with firmware 4.3.5.3
since I'v upgrades firmware to 4.3.5.3 IPSEC VPN dont work ...
no change made on SRX an client
any body have an idea ?
Client log :
20170522 10:39:42:029 Default (SA MIG2009-P1) SEND phase 1 Aggressive Mode [SA] [KEY_EXCH] [NONCE] [ID] [VID] [VID] [VID] [VID] [VID]
20170522 10:39:47:044 Default (SA MIG2009-P1) SEND phase 1 Aggressive Mode [SA] [KEY_EXCH] [NONCE] [ID] [VID] [VID] [VID] [VID] [VID]
20170522 10:40:00:045 Default (SA MIG2009-P1) SEND phase 1 Aggressive Mode [SA] [KEY_EXCH] [NONCE] [ID] [VID] [VID] [VID] [VID] [VID]
Router LOG
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] ERROR: invalid ID payload.
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] WARNING: ID type mismatched.
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received Vendor ID: DPD
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received Vendor ID: RFC 3947
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Beginning Aggressive mode.
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received request for new phase 1 negotiation: 192.168.0.253[500]<=>217.74.108.106[500]
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Remote configuration for identifier "MIG2009" found
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] ERROR: invalid ID payload.
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] WARNING: ID type mismatched.
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received Vendor ID: DPD
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received Vendor ID: RFC 3947
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Beginning Aggressive mode.
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received request for new phase 1 negotiation: 192.168.0.253[500]<=>217.74.108.106[500]
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Remote configuration for identifier "MIG2009" found
OK I will try to add a new VPN, but I can't delete existing VPN used by others pepoles
4 Replies
Replies have been turned off for this discussion
Hi Golgotha,
Based from the logs you have posted, it seems that there is an Aggressive Mode request error. I suggest you to delete the existing IKE / VPN policies then use the VPN Wizard to setup a client-to-box VPN. Kindly access the articles below and use it as reference guides:
ProSAFE VPN Client: Client to Box Configuration
VPN Configuration of ProSafe VPN Lite software and NETGEAR ProSafe Router
Regards,
DaneA
NETGEAR Community Team
I just want to follow-up on this. Were you able to try to delete the existing IKE / VPN policies then use the VPN Wizard to setup a client-to-box VPN? Also, were you able to access the articles I've shared and use it as reference guides? If yes, what is the result?
If ever your concern has been resolved, I encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution. The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!
Regards,DaneA
NETGEAR Community Team
OK I will try to add a new VPN, but I can't delete existing VPN used by others pepoles
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
