We just purchased a BR500 router and are trying to connect it to a FVS318. We have not been able to get the vpn connected. we are using firmware version 5.7.04 on the BR500. All of the authentication and encryption are the same on both boxes. Do we need to login to the insight portal to all this or setup a vpn group? do we need license?
How are you connecting? The FVS318 can't connect to the Insight System. You could do an IPSec VPN between the two, if the IPSec part of the BR500 works. I say this because the BR500 is missing the Client to LAN portion of its code.
I ran IPSec between two FVS336 units for many years, until NETGEAR decided to no longer support them.
I have a FVS318, but never ended up using it. I do believe the internal setup screens are similar to the FVS336
It looks like the BR500 only supports Pre-shared key and Tunnel. I would select those on the FVS318. If you are getting through Phase 1, then the PSK is working. Phase 2 sets up the tunnel.
I had the FVS336 set to "both directions" on Direction/Type. It looks like the BR500 wants this to be specific. And they need to be set opposite at each end. And make sure that both ends use "Main Mode" as it is more secure.
And make sure the PFS is on at both ends and selected the same.
Thanks. I will look at those items. I have had all FVS318's, SRX5803's etc and have had no problems with them. The BR500 is nice; however getting this VPN working has been a pain.
Yes I have been noticing those issues as well. I may have to send it back and get something different. I will try it again this week and let you know what I find out.
I was able to finally get it to work with a Netgear SRX5308 firewall. You were correct, you have to make it either initiator or responsed. I am going to check the FVS318, because I know it set to both.
I totally agree. I actually am experimenting with the Cisco Meraki MX65 (received free one from attending a webinar). I put it at one of our family fun centers and it seems pretty solid and can handle the traffic.
I like the new features the BR500 has for visualization and for blocking access, it just not as robust like you say. I have all Prosafe managed switches and used to be a full prosafe vpn appliance as well; however, I had to change that when it wouldn't block DDOS attacks. I ended up switching to Fortinet for two facilities.
