NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
SRX5308 IPSEC VPN to Teltonika
Hi,
I’m looking for some info and help please regarding IPSEC VPN.
I have a RUT550 with Vodafone sim that issues a private NAT IP at one end and a Netgear SRX5308 VPN firewall with a static public at the other.
I am trying to setup an IPSEC VPN from the RUT to the Netgear to allow a CCTV camera to connect back to our office but I’m having some difficulty:
1. Will the NAT-T on the RUT (SRX5308 also has NAT-T) allow this IPSEC tunnel to work over the Vodafone network (it issues a NATed 10.x.x.x address to the RUT550)
2. If so I have tried using some guides online that describe how to connect other vendors 3G routers to the Netgear in Aggressive mode but I am unable to get the VPN up using the RUT550. Do you have a guides for creating a IPSEC VPN from the RUT550 to the Netgear SRX5308?
Setup of RUT550
Enable IPSEC – tick
Key Exchange – Auto Key (IKE)
Mode – aggressive
Enable NAT Traversal – tick
Enable Initial Contact – Tick
My Identifier type – FQDN
My Identifier – remote.com
Preshare Key – test1234
Remote VPN Endpoint – 195.11.x.x (Static Public Netgear connected to, is this correct?)
PHASE 1
Encryption – 3DES
Hash – sha1
DH Group – modp1024
PHASE 2
PFS Group – modp1024
Encryption -3DES
Authentication – hmac_sha1
REMOTE NETWORK SECURE GROUP (Not entirely sure what this is so I enter the remote LAN network address range I’m trying to connect to is this correct?)
I also put in a tunnel keep alive.
Netgear VPN setup
1. This VPN tunnel will connect to the following peers – selected 'VPN Client'
2. connection name - test01
3. pre-shared key - test1234.
4. Remote Identifier FQDN and is remote.com
5. Local Identifier FQDN and is local.com
Policy Settings
Policy Name – SRX5308 to RUT
Policy Type – Auto
Remote endpoint – FQDN: remote.com
The rest is the same as the RUT Encryption, etc…
Any help/info/advice would be greatly appreciated. Sorry really new to this.
Tony
I’m looking for some info and help please regarding IPSEC VPN.
I have a RUT550 with Vodafone sim that issues a private NAT IP at one end and a Netgear SRX5308 VPN firewall with a static public at the other.
I am trying to setup an IPSEC VPN from the RUT to the Netgear to allow a CCTV camera to connect back to our office but I’m having some difficulty:
1. Will the NAT-T on the RUT (SRX5308 also has NAT-T) allow this IPSEC tunnel to work over the Vodafone network (it issues a NATed 10.x.x.x address to the RUT550)
2. If so I have tried using some guides online that describe how to connect other vendors 3G routers to the Netgear in Aggressive mode but I am unable to get the VPN up using the RUT550. Do you have a guides for creating a IPSEC VPN from the RUT550 to the Netgear SRX5308?
Setup of RUT550
Enable IPSEC – tick
Key Exchange – Auto Key (IKE)
Mode – aggressive
Enable NAT Traversal – tick
Enable Initial Contact – Tick
My Identifier type – FQDN
My Identifier – remote.com
Preshare Key – test1234
Remote VPN Endpoint – 195.11.x.x (Static Public Netgear connected to, is this correct?)
PHASE 1
Encryption – 3DES
Hash – sha1
DH Group – modp1024
PHASE 2
PFS Group – modp1024
Encryption -3DES
Authentication – hmac_sha1
REMOTE NETWORK SECURE GROUP (Not entirely sure what this is so I enter the remote LAN network address range I’m trying to connect to is this correct?)
I also put in a tunnel keep alive.
Netgear VPN setup
1. This VPN tunnel will connect to the following peers – selected 'VPN Client'
2. connection name - test01
3. pre-shared key - test1234.
4. Remote Identifier FQDN and is remote.com
5. Local Identifier FQDN and is local.com
Policy Settings
Policy Name – SRX5308 to RUT
Policy Type – Auto
Remote endpoint – FQDN: remote.com
The rest is the same as the RUT Encryption, etc…
Any help/info/advice would be greatly appreciated. Sorry really new to this.
Tony
2 Replies
- You probably need to do box to box configuration instead of client.
http://kb.netgear.com/app/answers/detail/a_id/24278/~/configuring-a-box-to-box-vpn-on-prosafe%2Fprosecure-routers - Don't use remote.com & local.com as the identifiers - those are real, "resolveable" domain names, and the Netgear/RUT will attempt to resolve them.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
