NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
SRX5308 vpn for iphone, laptop
I am not sure this is the right board, but I didn't see another board that was closer. I have an SEX5308 at my office, and an older FV2318g (??) at my home. Both are connected to Xfinity cable modem...
Thanks, but that is not my question. I have played around with the settings a bit, and I have made some progress, but I am not thre yet.
I have a stable VPN between my 2 netgear routrs. Everything works fine there. I now need to allow users to VPN into the SRX5308 from various devices. The setup I am having trouble with is if users thther their laptops (Windows) to their iphones to get access (for example if they are in the field and have no other internet). After a lot of trial and errors, I have set up an ipsec connection that the ihones can connect to (When I open the VPN tunnel, the iphone asks for the password, and then shows "connected".) When I then DISCONNECT the iPhone and use my Windows laptop thethered to the iphone to use the same VPN connection, it also connects. I do have internet access then, and I can pink internal resources, but when I try to open a folder on those resources, I can see some, but not others. I typically see an error message that "the resource is not accessible, and that I might not have permission to use the resource". In some instances I can access the first 2 llayers of folders, but when I try to access a sub-folder from there, I get this message (after quite some time). I am using the Windows VPN client. Why would that happen?
Ok, after spending all day to get this working it gets ridiculous. Where can I find information? I have described my issues here, and nobody cares to respond. So, I started all over again. And again. And again. Multiple reboots. And this is where I am now:
I can connect my iphone. It says it is connected. So I believe it.
I then set it into Hotspot mode and connect my laptop. the laptop does connect to the iphone and I can surf the web.
But the laptop will not set up a VPN channel with the Router using the same settings I use for the iphone. Typcally, what I see in the log is this:
ERROR: Failed to get matching proposal for <<ipaddress>>[28606].
Sun Jul 23 15:47:19 2017 (GMT -0600): [SRX5308] [IKE] ERROR: No suitable proposal found for <<ipaddress>>[28606].
Sun Jul 23 15:47:19 2017 (GMT -0600): [SRX5308] [IKE] WARNING: Rejected phase 1 proposal as Peer's encryption type "3DES-CBC" mismatched with Local "AES-CBC".
Sun Jul 23 15:47:19 2017 (GMT -0600): [SRX5308] [IKE] WARNING: Rejected phase 1 proposal as Peer's dh_group "2048-bit MODP group" mismatched with Local "1024-bit MODP group".
Sun Jul 23 15:47:19 2017 (GMT -0600): [SRX5308] [IKE] WARNING: Rejected phase 1 proposal as Peer's encryption type "3DES-CBC" mismatched with Local "AES-CBC".
Sun Jul 23 15:47:19 2017 (GMT -0600): [SRX5308] [IKE] WARNING: Rejected phase 1 proposal as Peer's dh_group "2048-bit MODP group" mismatched with Local "1024-bit MODP group".
So, I guess that the iphone and my Windows laptop require non-compatible communications parameters. Unfortunately, I don't seem to be able to change the paramters in Windows. So, I seem to be stuck, unless there is a way to have multiple different IPSEC chanels on the router. How would I set that up, so that when I try to establish a tunnel with the iphone the router uses one set of policies, and when I try to use my laptop, it uses a different set of policies?
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
