NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Ipsec vpn between srxn3205 doesn't connect.
Hello, I'he a problem, our company has three sites connected by ipsec vpn. We are using a fvs318n and two srxn3205. Suddenly, after many months of use, the ipsec vpn doesn't connect between the ...
Hi netutente,
I'm glad to know that all of the VPN tunnels are now established between the FVS318N and the 2 SRXN3205. Its possible that the port you have configured on the firewall rules for the surveillance system have triggered the problem. It would be best that you state what happened to the surveillance system engineers and seek their advise as well.
I've noticed that the current firmware versions on both SRXN3205 and FVS318N are old already. I suggest you to upgrade the firmware of both SRXN3205 and FVS318N in a ladderized manner. For example, you will upgrade the firmware of the FVS318N from v4.2.1-2 to 4.3.0-19 then from v4.3.0-19 to v4.3.1-22 and so on until you reach the latest firmware v4.3.4-1. You may download the firmware versions for the FVS318N on this link. For the SRXN3205 firmware versions, click on this link.
Be reminded that it is recommended to perform a factory reset after doing a firmware upgrade then reconfigure it from scratch. You may want to get a screenshot of all the settings configured on the VPN firewalls as reference before you proceed with the firmware upgrade.
Regards,
DaneA
NETGEAR Community Team
Hi netutente,
Welcome to the community! :)
Kindly answer the questions below:
a. Are there any changes made within the configuration of the 2 SRXN3205 that might triggered the problem?
b. Is the ISP or Internet Service Provider the same on the sites where the 2 SRXN3205 are deployed?
c. What is the current firmware version of the 2 SRXN3205?
I look forward to your response.
Regards,
DaneA
NETGEAR Community Team
Hi DaneA,
thank you very much! :smileyhappy:
a. We added ad ip address under Security, Firewall, Lan Wan Rules to enable remote access for the surveillance system; this task hab been done on both firewalls.
b. No, the ISP are different. I can ping firewall wan address from one to other and vice versa;
b. Firmware version 3.0.7_24 on both.
Thanks again for your support.
netutente
Hi netutente,
Let us isolate the problem. Have you tried to disable the firewall rule you have newly created on both SRXN3205 then check if the VPN tunnel will establish between the 2 SRXN3205? I ask this because this is the only change you've made before the problem occurred.
Regards,
DaneA
NETGEAR Community TeamHi DaneA,
excellent!
I've disabled the rules and now it works! But I don't know how this can interfere with the vpn! However I need a remote access to the surveillance system. Any idea to solve the problem is really appreciate!
Unfortunately, now the problem concerns the connections between the two srxn3205 and the fvs318n. Ipsec vpn doesn't work!
Please, help me one more time!
Thanks and regards.
netutente
Hi netutente,
Here are my follow-up questions:
a. What port have you opened on both SRX3205 in the firewall rules you have previously created for the surveillance system?
b. Have you tried to delete the existing VPN and IKE policies between the FVS318N and the 2 SRXN3205 then re-create it using the VPN Wizard then check if the VPN tunnel will establish?
c. What is the current firmware of the FVS318N?
Regards,
DaneA
NETGEAR Community Team
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
