This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
I have a FSV318G for years. I'm using shrewsoft VPN client to to connect to it from multiple locations and its worked for months and months with no problems until last thursday... Now I can't connect to the VPN router from any client.
Shrewsoft client output:
config loaded for site 'office.vpn' attached to key daemon ... peer configured iskamp proposal configured esp proposal configured client configured local id configured remote id configured pre-shared key configured bringing up tunnel ... network device configured tunnel enabled negotiation timout occurred tunnel disabled detached from key daemon
Which usually indicates that phase one completes. But the router VPN logs:
2015 Oct 28 12:24:41 [FVS318g] [IKE] Phase 1 negotiation failed due to time up for 17.58.98.236[500]. 7dbe94b6e00a6439:1152eb82ad35cc99_
2015 Oct 28 12:23:41 [FVS318g] [IKE] Setting DPD Vendor ID_
2015 Oct 28 12:23:40 [FVS318g] [IKE] For 17.58.98.236[500], Selected NAT-T version: draft-ietf-ipsec-nat-t-ike-02_
2015 Oct 28 12:23:40 [FVS318g] [IKE] Received Vendor ID: CISCO-UNITY_
- Last output repeated 5 times -
2015 Oct 28 12:23:40 [FVS318g] [IKE] Received unknown Vendor ID_
2015 Oct 28 12:23:40 [FVS318g] [IKE] Received Vendor ID: draft-ietf-ipsec-nat-t-ike-02__
- Last output repeated twice -
2015 Oct 28 12:23:40 [FVS318g] [IKE] Received unknown Vendor ID_
2015 Oct 28 12:23:40 [FVS318g] [IKE] Beginning Aggressive mode._
2015 Oct 28 12:23:40 [FVS318g] [IKE] Received request for new phase 1 negotiation: 10.1.10.191[500]<=>17.58.98.236[500]_
2015 Oct 28 12:23:40 [FVS318g] [IKE] Remote configuration for identifier "pb.local" found_
There is a cable modem router in front of the FVS318G buts its been there all along.
No, it goes back to the ISP router. It was either "bridged" like I said, or they had the 318 in the ISP router DMZ and were forwarding the ports to the 318 (not the ideal setup).
I cant test that solution until next week because the cable modem and router will be in constant use. But im skeptical, the settings on the cable modem haven't changed: it was never in bridge mode and the netgear Firewall VPN never had a public IP address. Is there another possible reason the VPN has suddenly failed?
No, it goes back to the ISP router. It was either "bridged" like I said, or they had the 318 in the ISP router DMZ and were forwarding the ports to the 318 (not the ideal setup).
Comcast cable modem/router is now in bridge mode. The FVS318G has been assigned a static IP address. All users have access to internet . An RDC port is oped to a specific PC as test to make sure IP address is accessible. VPN still down: VPN client connects, tunnel is enabled but eventually times out. Suggestions?
