- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: DOI erros
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Starting off by excusing my ignorance of this process
I have a FVS318v3 router at my office and have been using a prosafe client software from my home
for several years on a windows xp
Now I am trying to change to windows 10 and to include other users to be able to access my office computers.
I have downloaded trial version of vpng05l software but can not establish a connection.
I have copied existing parameter from the xp software but must be missing something
Tried to contact support but I guess I must be annoying them by asking questions I suppose they expect
to already know the answers too.
I am getting an error message "exchange_validate failed, DOI error" .
I get it.. something is not the same on the exchange, but I can not find any reference on Google or any other source
as to what a DOI error is and therefore have no idea how to correct it.
20150808 11:13:21:623 Default (SA Ikev1Gateway-P1) SEND phase 1 Aggressive Mode [SA] [KEY_EXCH] [NONCE] [ID] [VID] [VID] [VID] [VID] [VID]
20150808 11:13:24:680 Default (SA Ikev1Gateway-P1) RECV phase 1 Aggressive Mode [HASH] [SA] [KEY_EXCH] [NONCE] [ID] [NAT_D] [NAT_D] [NAT_D] [VID]
20150808 11:13:24:696 Default (SA Ikev1Gateway-P1) SEND phase 1 Aggressive Mode [HASH] [NAT_D] [NAT_D]
20150808 11:13:24:696 Default phase 1 done: initiator id fvs_remote_Peter, responder id 65.41.59.155
20150808 11:13:24:727 Default (SA Ikev1Gateway-Ikev1Tunnel-P2) SEND phase 2 Quick Mode [HASH] [SA] [NONCE] [ID] [ID]
20150808 11:13:29:688 Default (SA Ikev1Gateway-P1) SEND phase 1 Aggressive Mode [HASH] [NAT_D] [NAT_D]
20150808 11:13:29:688 Default (SA Ikev1Gateway-Ikev1Tunnel-P2) SEND phase 2 Quick Mode [HASH] [SA] [NONCE] [ID] [ID]
20150808 11:13:34:696 Default (SA Ikev1Gateway-P1) SEND phase 1 Aggressive Mode [HASH] [NAT_D] [NAT_D]
20150808 11:13:34:696 Default (SA Ikev1Gateway-Ikev1Tunnel-P2) SEND phase 2 Quick Mode [HASH] [SA] [NONCE] [ID] [ID]
20150808 11:13:39:703 Default (SA Ikev1Gateway-P1) SEND phase 1 Aggressive Mode [HASH] [NAT_D] [NAT_D]
20150808 11:13:39:703 Default (SA Ikev1Gateway-Ikev1Tunnel-P2) SEND phase 2 Quick Mode [HASH] [SA] [NONCE] [ID] [ID]
20150808 11:13:44:726 Default (SA Ikev1Gateway-P1) RECV Informational [DELETE]
20150808 11:13:44:726 Default exchange_run: exchange_validate failed, DOI error
20150808 11:13:44:742 Default (SA Ikev1Gateway-Ikev1Tunnel-P2) SEND phase 2 Quick Mode [HASH] [SA] [NONCE] [ID] [ID]
20150808 11:14:40:731 Default (SA Ikev1Gateway-Ikev1Tunnel-P2) SEND phase 2 Quick Mode [HASH] [SA] [NONCE] [ID] [ID]
20150808 11:14:40:731 Default transport_send_messages: giving up on message 0116E520
Sure would appreciate knowing what the problem means, how to address it so I can buy a license. Thank You
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi golfbird,
I am glad that it worked! We'll be reporting the latest version of the firmware and do more tests on win7 and win10.
Thank you for your contribution.
Regards,
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
Hi golfbird,
I have sent you a pm to ask for more info and to speed up the resolution. You may also want to check the articles below for more information.
http://kb.netgear.com/app/answers/detail/a_id/24245/~/client-to-box-vpn
Kind regards,
BrianL
NETGEAR Community
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
Thank You
I have read those before, and unfortunately I dont understand all I read
I also have replied to your offer to help, but do not see how I can attach images
so if you would provide me with your email, I can get those screen shots to you.
Just knowing you making an attempt to help this old man out, has made my day.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
There are some differences between the old FVS318v3 and the newer client.
I would use the wizard on the client after using it on the device. The number values would need to be changed. Looking at both articles and comparing them to your device and client on the PC, should get the correct ones in place, though your exchanging them, and so it will be a little odd.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
I’m lost.
I have no idea what you mean.
Sounds great, but it’s a foreign language I don’t understand
That must translate to that there is no hope for me.
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
Hello golfbird,
I understand that is a bit confusing when using an older router with a new client. First, we have to take note of the public IP of your router, second the LAN network range (ex. 192.168.1.0) and passphrase. Also, we need to take note of the local and remote identifier, see image below:
fig1.
Once you have all the information that we need, we'll go to configuring the client software.
We'll be using the wizard for this one:
fig.2
Enter the necessary information neede (Public IP/WAN IP, passprhase and LAN IP range), click next.
fig.3
Once you have this window, review your settings and click on finish.
fig4
After clicking finish, we should be able to see the main window:
fig.5
Let us click on Ikev1 Gateway>Advanced:
fig.6
Remember we took note of out Local and Remote identifier (see fig.1).
We will enter those information here.
fig.7
Note that they are reversed. Once done, try opening the tunnel.
fig.8
If everything is successful, you should see a "Tunnel open" message on the bottom right hand side of your screen.
I hope this one helps, if you have more questions please feel free to ask.
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
I have taken screen shots of the windows in the router
but still having same problems
link above, a pdf file, as I dont know how to show the images like you did
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
i have attached a pdf of screen shots on the router
and screen shots of the vpn software
still cannot connect
f
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
Hello golfbird
I have noticed that you are using 200.200.200.0 as your LAN IP as declared on the VPN auto policy (please take note that this should be you local IP which your devices are using).
However, the one you have declared on the client software is 192.168.1.0. The local IP on the VPN policy and the client software should match.
Check the correct LAN IP by going to Network Configuration>LAN Settings>LAN Setup. You should see something like this (see image below), and that is the network IP range that you have to declare on both VPN Policy and Client Software.
I'll look forward to your response.
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
I changed to 192.168.1.0 on the router
And 192.168.1.0 client ipsec page
Subnet on both is 255.255.255.0
That did not connect
I then changed both to 200 200 200 0
And that also did not connect
Log message
Exchange_validate failed: DOI error
I have noticed that you are using 200.200.200.0 as your LAN IP as declared on the VPN auto policy (please take note that this should be you local IP which your devices are using).
However, the one you have declared on the client software is 192.168.1.0. The local IP on the VPN policy and the client software should match.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
Hello golfbird,
I have sent additional questions via PM. Also, if you could provide us your firmware version that would help a lot.
I'll look forward to your response.
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
a pdf file with screen shots, hope these are pages,
all from the router
318v4 firmware .028
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
Hi golfbird,
I'll try to connect to your tunnel on a windows 7 PC, I'll see if other version of the software works.
I'll get back to you.
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
Hi golfbird,
Tested connection to your tunnel using VPN software version 5.14.003 on a windows 7 PC. Tunnel shows open and connected, ping tests also indicates that the connection is active.
Please install VPN client version 5.14.003 and try to connect to the tunnel. For the meantime, please disable firewalls on the PC when trying to connect.
I hope this one will work on your PC, I'll look forward to your update.
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
The version you are asking for me to install
Is the version that I did install last week and am trying to connect with
But good to hear that the router side is ok
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
I appreciate all the work that went in to helping me.
Thank You
Thank You
Thank You
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi golfbird,
I am glad that it worked! We'll be reporting the latest version of the firmware and do more tests on win7 and win10.
Thank you for your contribution.
Regards,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: DOI erros
Got issue resolved
Rennee discovered that using the most recent vpn client software would not open a tunnel to fvs318v3 but previous version would. Testing proved it over and over. As as result I have purchaced new router fvs318G and will be buying the
newest vpng05l. Apprecaite all the effort.