NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
SRX5308 Box to Box VPN with 192.168.0.0/18 Not Working
Hi,
I've been using Netgear VPN routers/switches for many years and things have been solid during this time. We currently have two SRX 5308 units configured in a box-to-box VPN configuration between two remote offices. This is working fine to VPN our two ClassC/25 subnets. In addition to this VPN policy we've also successfully added a second policy for providing a tunnel from office A to Office B for 172.20.0.0/24 addresses.This allows for connectivty for the ClassC/25 nodes between both offices and also connectivity from the Office A side to the 172.20.0.0/24 nodes on the Office B side.
However, I've been unable to do the same for 192.168.0.0/18 addresses (in order to provide connectivity to Office B 192.168.0.0/18 nodes from the Office A side). I've configured the VPN policy on the Office B SRX 5308 and this appears as enabled (green) in the VPN policy table (along with the default and 172.20.0.0/24 policies). However, when I try to enable the same policy on the Office A SRX 5308 unit I get the following error message: "IPsec VPN configuration failed as the remote end point is already in use".
Any ideas?
Office A SRX 5308 is running 4.2.1-2 firmware
Office B SRX 5308 is running 3.0.8-12 firmware
Thanks!
-David
4 Replies
Hello NACC,
Welcome to the community!
I have seen that error message before, this usually comes up when you are using the same remote WAN IP on another policy. Can you PM me the screenshots of the policies?
I'll look forward to your response.
Thanks,
Hi John,
This took some doing, including recovering from several false starts and some inexplicable SRX5308 behaviour, but I was finally able to get this working. Indeed the key thing ended up being both/either of: 1) updating the Office A firmware to 4.3.3-5, and 2) *resetting* this router to factory defaults and *re-creating* its configuration manually.
I really can't come up with any root cause for why this didn't work before (or why the error message was displayed previously); the remote Office B SRX 5308 (running the older firmware) was never re-configured in any way.
Regards,
-David
Hello NACC,
I'm glad you got it to work, I also had a hard time trying to replicate the issue so I wasn't able to get back to you right away. Did not see any notes on the older firmware that you have used regarding VPN. If you have any more questions, I'll be happy to assist.
Thanks,
Make sure it is not connected to guest network,most of router's IP is 192.168.1.1
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
