I've got a problem with VPN configuration as L2TP (yes, I saw manual, it seems to be easy-to-go but it not works 😉
I've configured L2TP VPN, add user - after restart router configuration seems to be working. I can connect through VPN but in tunnel only router is accessible.
VPN pool is 10.10.50.50 - 10.10.50.60. Router in VPN tunnel has auto assigned IP 10.10.50.50 and I can connect with admin panel. But I cannot connect with devices in remote LAN (pool 192.168.50.0 /24).
Please help me - I've absolutely no idea why it doesn't work!
Firmware 4.3.4-1, connected both WAN as load balance.
Model: FVS336Gv3|ProSafe dual WAN gigabit firewall with SSL and IPSec VPN
We’d greatly appreciate hearing your feedback letting us know if the information I’ve provided has helped resolve your concern or if you need further assistance.
If ever your concern has been resolved, I encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution. The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!
I did everything exactly like in this instruction (of course using my subnet parameters). Previously I've deleted all configuration I've made before starting configuration again.
I can connect to VPN, open admin panel of my router but I have no access to remote lan 😞
a. Is the FVS336Gv3 behind another firewall router?
b. How is everything connected? Kindly post an image or screenshot of your detailed network setup.
c. Is L2TP have a check mark under VPN Pass through? To verify, go to Security > Firewall > Attack Checks on the web-GUI of the FVS336Gv3. Kindly check the image below as reference:
b) I've connected both WAN's (as load balancing). One LAN is connected to switch 24-port (without DMZ).
c) Yes - vpn-pass through is marked as enabled.
Config is exactly like in tutorial (only one modification is local network address/netmask but it's obvious I think :-)))))).
is there any way to restore/delete all vpn options to default without restoring whole router options to default?
I've upgraded firmware to 4.3.4-2
I've noticed few things:
a) In my opinion connection takes a little bit too long time and often disconnects without any reason.
b) After connection is established only ONE ping goes to target host in remote LAN - others are marked as "timeout". Why only ONE packet is redirected to target host in remote LAN?
I've changed Identifier Type (in IKE Policy -> section Local) from FQDN to Local WAN IP and I've tried to connect using virtual machine (win7 installed on Oracle VirtualBox) - as act of total desperation.... :-)))) Miracle! It WORKS! But......
I've damn Windows 10 and still I can't connect to VPN. Configuration is exactly like in virtual machine Win7 but it doesn't work.
Problem is in vpn client built in Win10 I think.
EDIT: Connection from Win 7 works randomly - one conenction works perfect (fast connection, access to remote LAN).
Few minutes later connection takes a long time, with error 809. When I'm finally connected to VPN I can ping to router using tunnel IP but I've no access to remote LAN.
According to e-mail notifications sent to me - problem is still NOT resolved!
I think it was really bad idea to buy this router 😞
I was doing everything like in recommended solutions - no result, using everything like in knowledge base (btw wrote in 2007) - no result.
In addition I tried to run content filtering, using keyword or site name. Result? Of course - DOESN'T WORK! (yes - I've added computers to group, etc.)
I've configured VPN on other, borrowed router, made by other manufacturer (no matter of the name and model - it's not advertisement) - 10 minutes and everything works fine, WITHOUT problems! VPN connects quick and perfect on Windows 10, using L2TP!
So why it's impossible on FVS336G v3 ????????
Why everything on this router make so many troubles?????
That's how pings to router in VPN tunnel are looking (I have no access to remote LAN):
With regard to this, I suggest you to open an online case with NETGEAR Support at anytime. Let them know about your concern and the troubleshooting steps you did to isolate the problem for further assistance.
I tried to contact support but I've bought router more than 3 months ago so bye bye support....
Please help me to make some kind of resolution of my problems with VPN:
1. I've configured my Win Server to work as VPN server (L2TP with IPSec) - is there any way to connect with server using NAT or DMZ? I need to forward ports using UDP and protocol 50, 51 - is this possible on FVS336G ?
2. Where can I find manual how to config VPN in CLI ?
3. I've noticed that I can connect with router using VPN L2TP (with PSK) on FVS336G using Win7 and Win10, sometimes also I can get access to remote LAN (randomly), but after few seconds (sometimes about one minute) seems to be disconnected (ping are dying).
Connection takes a long time. Best result was on Win7 installed on VirtualBox - connection duration was about 10 minutes without problems. It was only one time 🙂
4. I'm afraid I threw away box and documentation of router - can I recover serial number to VPN Client Lite? Maybe using this software give me a chance to win this battle with VPN...!!!!
You may open ports 50 and 51 on the FVS336Gv3. Kindly read pages 230-233 and 255-261 of the FVS336Gv3 reference manual here.
There is no CLI manual for the FVS336Gv3.
I suggest you to enable WAN to LAN logging on the firewall. The logs will tell if the L2TP traffic coming from external is hitting the FVS336Gv3 and if it is then forwarding the traffic to the correct LAN IP for the Windows Server. This will help to see if the problem is before the FVS336Gv3 or after the traffic hits the FVS336Gv3. Also, configure a simple firewall rule to pass other traffic to the server, like RDP (TCP 3389) just to see if it can pass just fine to the server.
With regard to the license key to activate the VPN Client Lite software, do you still have the CD that came with the FVS336Gv3? If ever you lost it, kindly register your FVS336Gv3 to your MyNETGEAR account and try to open an online case with either the NETGEAR E-mail Support or NETGEAR Chat Support here to inquire on how to get the license key.
