NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
SRX5308 IPSEC VPN Problems
Hi,
yesterday I replaced a FVS336Gv2 (3.x Firmware) with a SRX5308 (4.3.1-22).
2 WANs are configured, WAN2 with static public IP-Adress is used for all VPNs.
VPNs are configured to other FVS336, SRX5308, a Fritzbox and Client VPNs (Android NCP and Shrew Soft VPN on Windows)
On the FVS336 all VPNs were running for months/years with no problems.
Since the replacement of the device I have nothing but problems.
I configured all IPSEC-VPNs identically to them on the FVS336.
Now (after 20h of making nothing but testing different configurations) 4 of the LAN-LAN-Configs are running.
But I don't know, how stable those connections are.
Some others have problems to connect.
Errors are f.e.
The worst is, that I can not connect with Clients to several SRX5308 (Firmware 4.x).
I'm using Shrew soft on Windows Clients and NCP for Android on smartphones.
Today I contacted the Netgear support due to this issue (Case # 23146500)
The supporter tried to connect to one of my SRX5308 with his iphone and failed.
In his lab he had the same result,connecting to SRX5308 with iphone.
I have the following errors:
Android 4.4.3 and NCP-Client:
Windows 7/8 with Shrew Soft VPN Client 2.2.0:
Is here someone who can help me?
yesterday I replaced a FVS336Gv2 (3.x Firmware) with a SRX5308 (4.3.1-22).
2 WANs are configured, WAN2 with static public IP-Adress is used for all VPNs.
VPNs are configured to other FVS336, SRX5308, a Fritzbox and Client VPNs (Android NCP and Shrew Soft VPN on Windows)
On the FVS336 all VPNs were running for months/years with no problems.
Since the replacement of the device I have nothing but problems.
I configured all IPSEC-VPNs identically to them on the FVS336.
Now (after 20h of making nothing but testing different configurations) 4 of the LAN-LAN-Configs are running.
But I don't know, how stable those connections are.
Some others have problems to connect.
Errors are f.e.
[SRX5308] [IKE] ERROR: Invalid SA protocol type: 0
The worst is, that I can not connect with Clients to several SRX5308 (Firmware 4.x).
I'm using Shrew soft on Windows Clients and NCP for Android on smartphones.
Today I contacted the Netgear support due to this issue (Case # 23146500)
The supporter tried to connect to one of my SRX5308 with his iphone and failed.
In his lab he had the same result,connecting to SRX5308 with iphone.
I have the following errors:
Android 4.4.3 and NCP-Client:
Could not contact Gateway (no response) in state
Windows 7/8 with Shrew Soft VPN Client 2.2.0:
[SRX5308] [IKE] ERROR: Could not find configuration for
Is here someone who can help me?
5 Replies
In his lab he had the same result,connecting to SRX5308 with iphone.
This should flag you that you need to deal with support :)- Update:
Just to remember:
All connections worked fine with FVS336Gv2 (3.x firmware). - Hi
all problems are now solved.
Issues with LAN-LAN-VPNs wouldn't occur with Beta-Firmware 4.1.3.28, got from Netgear Support.
Client-VPN are working to.
Have to use FQDN as ID for the gateway, not IP-Adress - I have the same problem with VPN LAN-LAN after update to firmware 4.3.1-22
We need to restart SRX5308 devices each 2-3 hours to maintain VPN LAN-LAN functionality! We use SRX5308 firewalls with 4.3.1-22 firmware and FVS318G with 3.1.1-14 firmware.
In VPN Log appears string:
[IKE] ERROR: Phase 1 negotiation failed due to time up for goscho wrote: Hi
all problems are now solved.
Issues with LAN-LAN-VPNs wouldn't occur with Beta-Firmware 4.1.3.28, got from Netgear Support.
Client-VPN are working to.
Have to use FQDN as ID for the gateway, not IP-Adress
They gave you the 4.3.1-28 beta firmware. I am using 4.3.1-22 and so far so good.
Would be interested to know what has been updated in the 4.3.1-28 beta firmware?
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
