NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Noreadib's avatar
Noreadib
Aspirant
Apr 24, 2017

need advise to configure SRX5308 SSL VPN access

Dear Mates,

 

I am new to the SRX5308, I have installed an SRX5308 behind an ADSL2+ modem/Router in a small office and trying to configure SSL VPN for remote access. I have created the portal layout, domain, groups and users for SSL VPN access. Since it's behind a modem/router, the WAN port gets an IP address from the modem and thus the portal URL becomes https://192.168.1.102/portal/<PortalSite>. While the ISP IP address is different. The ISP IP address seems to be a fixed one and not changing, but not pingable

 

I have tried accessing  both the above addresses via the internet but still not able to connect. How can I configure this to allow remote users to SSL VPN connect to the site and login to access local office resources?

 

Any advices are appreciated. Let me know if any further information is needed.

 

Cheers

 

 

Hardware
srx5308
ssl vpn
Troubleshooting

4 Replies

    • DaneA's avatar
      DaneA
      NETGEAR Employee Retired
      May 01, 2017

      Noreadib,

       

      Let me share this article as it shows a step-by-step guide on how to configure a client-to-box VPN between the ProSAFE VPN Firewall and the ProSAFE VPN Client software.

       

      Hope it helps. :)

       

       

      Regards,

       

      DaneA
      NETGEAR Community Team

       

      • DaneA's avatar
        DaneA
        NETGEAR Employee Retired
        May 08, 2017

        Noreadib,

         

        I just want to follow-up on this.  Were you able to access the article I've shared and follow the steps indicated?  If yes, what is the result?

         

         

        Regards,

         

        DaneA
        NETGEAR Community Team

    • Noreadib's avatar
      Noreadib
      Aspirant
      Apr 28, 2017

      Hi Dane,

       

      Thank you for your reply. It seems that the clients are not supported in the matrix. Thus, I'm looking at the IPSec configuration. https://kb.netgear.com/24245/ProSAFE-VPN-Client-Client-to-Box-Configuration

       

      I've followed every step of the above but still not able to connect. Below is the logs from the session.

       

      20170428 12:28:10:109 Upgrading configuration...
      20170428 12:28:10:109 Reading configuration...
      20170428 12:28:10:112 IKEv1 configuration detected
      20170428 12:28:10:112 No IKEv2 configuration
      20170428 12:28:10:112 Default IKE daemon is removing SAs...
      20170428 12:28:10:113 No SSL configuration
      20170428 12:28:10:113 Default reinitializing daemon
      20170428 12:28:10:537 Default (SA Ikev1Gateway-Ikev1Tunnel-P2) is opening.
      20170428 12:28:10:540 Default ike_phase_1_initiator_send_SA: section [3DES-Auto-GRP2] has unsupported attribute(s)
      20170428 12:28:10:540 Default exchange_run: doi->initiator (0119ABA0) failed

       

      Any advise to move forward is appreciated.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More