NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
SRX5308 IPsec Mode Config - [IKE] ERROR: No configuration found for...
I have a real simple configuration for a Client-to-Gateway VPN setup. Basic tunnels seem to be working fine, but when I try to setup a Mode Config policy I'm getting an error upon connect and can't ...
Thanks for the reply okadis and thanks for the link to that site, it's very helpful!
I was able to find a solution. Turns out the firewall configuration works just fine. All I needed to do was use 192.168.1.0 in the CLIENT configuration as the Remote LAN Address, then everything worked.
Now to me this is 2 "bugs" in the SRX5308 for Mode Config Record:
1. 192.168.1.0 isn't the subnet address on the Local LAN, it's 192.168.1.1 ; The manual says if left blank it will default to the LAN subnet, which it doesn't, it defaults to 192.168.1.0
2. It will not let you enter ANY ip address here; It has to be left blank.
Maybe I'm missing something here, but it's working perfectly after just using what's there in the client end.
Should have been simple. Oh well...
CC
Hi,
I compared your screnshots to our local configuration. On http://www.vpncasestudy.com/ I read that you should use an pool IP-range that is not part of your network (in your case e.g. 192.168.2.1 to 192.168.2.100). You don't need to specify those Adresses elsewhere which gave me a hard time to accept, too. The device seems to automatically treat those IP adresses as part of your network even if not declared at network configuration page.
Based on your screenshots this are the only differences I can see. I don't know if it solves your problem, too.
Best regards
okadis
Thanks for the reply okadis and thanks for the link to that site, it's very helpful!
I was able to find a solution. Turns out the firewall configuration works just fine. All I needed to do was use 192.168.1.0 in the CLIENT configuration as the Remote LAN Address, then everything worked.
Now to me this is 2 "bugs" in the SRX5308 for Mode Config Record:
1. 192.168.1.0 isn't the subnet address on the Local LAN, it's 192.168.1.1 ; The manual says if left blank it will default to the LAN subnet, which it doesn't, it defaults to 192.168.1.0
2. It will not let you enter ANY ip address here; It has to be left blank.
Maybe I'm missing something here, but it's working perfectly after just using what's there in the client end.
Should have been simple. Oh well...
CC
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
