This topic has been closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
Start a New Discussion
trying to set up a IPSEC VPN between 2 networks - DGND3700V2 at one end, Cisco Firewall at the other. Cannot complete connection to Cisco, phase 1 is fine Phase 2 fails - Logs on DGDN are shown below -
2018-09-27 11:32:32 [=== Initiating PHASE 1 Main Mode (to 185.98.181.192) ===]2018-09-27 11:32:32 ****** SENDING FIRST Main Mode PACKET (to 185.98.181.192) ******2018-09-27 11:32:32 ****** RECEIVE PACKET PAYLOADS (SA,VID,VID)******2018-09-27 11:32:32 ****** SENDING PACKET (to 185.98.181.192) ******2018-09-27 11:32:32 ****** RECEIVE PACKET PAYLOADS (KE,NONCE)******2018-09-27 11:32:32 ****** SENDING PACKET (to 185.98.181.192) ******2018-09-27 11:32:32 ****** RECEIVE PACKET PAYLOADS (ID,HASH)******2018-09-27 11:32:32 ****** SENDING NOTIFICATION (INVALID_ID_INFORMATION) ******
Cisco reports -
seems to be getting through ike phase 1...
ike 0:Cherry_Tree-VPN:31383: PSK authentication succeeded
ike 0:Cherry_Tree-VPN:31383: authentication OK
ike 0:Cherry_Tree-VPN:31383: established IKE SA d1c81605a2255509/f5a2cf20eb63445a
ike 0:Cherry_Tree-VPN: schedule auto-negotiate
ike 0:Cherry_Tree-VPN:31383: no pending Quick-Mode negotiations
Suggestion si might be that Netgear is not supporting the Nat'd address of the outehr to inner firewall - needs to allow NAT-T. ?
Any Ideas anyone ?
All newer Netgear routers are supposed to support VPN passthrough.
There is some generic Troubleshooting VPN passthrough for home routers in the Netgear KB, however it does mention the DGND3700V2 does support a VPN Wizard, see the DGND3700v2 User Manual p.45 ff.
I agree, a generic "no brainer" support for NAT-T would be perfect.
