Reply
Contributor
Posts: 48
Registered: ‎2012-04-26

connect Win7 VPN client to DGND3700 server

Having No Joy connecting Windows7 (or Android 2.3.6 or 3.1.?) VPN clients to DGND3700 VPN server.

Typical DGND3700 log from Win7 connection attempt (the Android logs also get to INVALID_ID_INFORMATION):

Sun, 2012-04-29 14:27:44 - [myvpn] responding to Main Mode from unknown peer 192.168.1.34
Sun, 2012-04-29 14:27:44 - [myvpn] sent MR3, ISAKMP SA established
Sun, 2012-04-29 14:27:44 - [myvpn] Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it
Sun, 2012-04-29 14:27:45 - [myvpn] sending encrypted notification INVALID_ID_INFORMATION to 192.168.1.34:500
Sun, 2012-04-29 14:27:46 - [myvpn] sending encrypted notification INVALID_MESSAGE_ID to 192.168.1.34:500
Sun, 2012-04-29 14:27:49 - [myvpn] sending encrypted notification INVALID_MESSAGE_ID to 192.168.1.34:500
Sun, 2012-04-29 14:27:54 - [myvpn] sending encrypted notification INVALID_MESSAGE_ID to 192.168.1.34:500
Sun, 2012-04-29 14:28:02 - [myvpn] sending encrypted notification INVALID_MESSAGE_ID to 192.168.1.34:500
Sun, 2012-04-29 14:28:18 - [myvpn] sending encrypted notification INVALID_MESSAGE_ID to 192.168.1.34:500
Sun, 2012-04-29 14:28:34 - [myvpn] sending encrypted notification INVALID_MESSAGE_ID to 192.168.1.34:500
Sun, 2012-04-29 14:28:49 - [myvpn] received Delete SA payload: deleting ISAKMP State #26


The VPN policies for this connection, from /etc/ipsec.conf, with WAN IP obscured:

conn myvpn
rekeymargin=0
rekeyfuzz=100%
esp=3des
authby=secret
left=xx.xxx.xxx.xxx
leftid=xx.xxx.xxx.xxx
leftsubnet=192.168.1.0/24
right=%any
ikelifetime=28800s
keylife=3600s
ike=3des
pfs=no
dpddelay=10
dpdtimeout=10
dpdaction=restart
leftsourceip=192.168.1.254
auto=add


I'm guessing, from some other spelunking, that right=%any means that any remote ID should be accepted. I've tried this with every combination of Authentication methods Win7 offers (PAP, CHAP, MS-CHAPv2, EAP...) and with garbage, a valid ID on the far net, and the DGND3700 admin/password. Still No Joy.

Any insights/thoughts appreciated.
Regular Contributor
Posts: 89,285
Registered: ‎2009-01-27

Re: connect Win7 VPN client to DGND3700 server

andriod will not work of the ipsec client

win7 native vpn client will not work

see my site for "url links" for all the compatible VPN client.
VPN Case Study

VPNCASESTUDY.COM

"Our Second To None VPN Related Setup Case Study[/COLOR][/URL]

"One Stop Solution To Your Netgear VPN Connectivity"

*Visit the site for Non-VPN related Doc & Links* [Windows & Mac user/support]





June Mizoguchi-
Contributor
Posts: 48
Registered: ‎2012-04-26

Re: connect Win7 VPN client to DGND3700 server

I was afraid you were going to say that. Any particular reasn, do you suspect, that NETGEAR refuses to work with such mainstream platforms?
Regular Contributor
Posts: 89,285
Registered: ‎2009-01-27

Re: connect Win7 VPN client to DGND3700 server

Have no clue
iPhone is supported in prosafe routers
VPN Case Study

VPNCASESTUDY.COM

"Our Second To None VPN Related Setup Case Study[/COLOR][/URL]

"One Stop Solution To Your Netgear VPN Connectivity"

*Visit the site for Non-VPN related Doc & Links* [Windows & Mac user/support]





June Mizoguchi-
Highlighted
Contributor
Posts: 48
Registered: ‎2012-04-26

Re: connect Win7 VPN client to DGND3700 server

Screwed around with shrew client for two hours. Never even got any logging of anything on the VPN server side. Who knows what its problem was? "Negotiation timeout"...

Life is too short. I guess it wasn't meant to be. Delete, uninstall, cleanup, move on...

Thanks for your help.
Discussion Stats
  • 4 replies
  • 8338 views
  • 0 kudos
  • 2 in conversation
Top Contributors