Orbi WiFi 7 RBE973

Re: ERROR: invalid ID payload. on SRX5308 with firmware 4.3.5.3

Golgotha
Aspirant

ERROR: invalid ID payload. on SRX5308 with firmware 4.3.5.3

since I'v upgrades firmware to 4.3.5.3  IPSEC VPN dont work ...

no change made on SRX an client

any body have an idea ? 

Client log : 

 

20170522 10:39:42:029 Default (SA MIG2009-P1) SEND phase 1 Aggressive Mode [SA] [KEY_EXCH] [NONCE] [ID] [VID] [VID] [VID] [VID] [VID]
20170522 10:39:47:044 Default (SA MIG2009-P1) SEND phase 1 Aggressive Mode [SA] [KEY_EXCH] [NONCE] [ID] [VID] [VID] [VID] [VID] [VID]
20170522 10:40:00:045 Default (SA MIG2009-P1) SEND phase 1 Aggressive Mode [SA] [KEY_EXCH] [NONCE] [ID] [VID] [VID] [VID] [VID] [VID]

 

Router LOG 

 

Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] ERROR: invalid ID payload.
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] WARNING: ID type mismatched.
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received Vendor ID: DPD
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received Vendor ID: RFC 3947
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received unknown Vendor ID

Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Beginning Aggressive mode.
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received request for new phase 1 negotiation: 192.168.0.253[500]<=>217.74.108.106[500]
Mon May 22 10:39:47 2017 (GMT +0200): [SRX5308] [IKE] INFO: Remote configuration for identifier "MIG2009" found
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] ERROR: invalid ID payload.
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] WARNING: ID type mismatched.
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received Vendor ID: DPD
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received Vendor ID: RFC 3947
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received unknown Vendor ID

Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Beginning Aggressive mode.
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Received request for new phase 1 negotiation: 192.168.0.253[500]<=>217.74.108.106[500]
Mon May 22 10:39:42 2017 (GMT +0200): [SRX5308] [IKE] INFO: Remote configuration for identifier "MIG2009" found

 

Message 1 of 5

Accepted Solutions
Golgotha
Aspirant

Re: ERROR: invalid ID payload. on SRX5308 with firmware 4.3.5.3

OK I will try to add a new VPN, but I can't delete existing VPN used by others pepoles

View solution in original post

Message 4 of 5

All Replies
DaneA
NETGEAR Employee Retired

Re: ERROR: invalid ID payload. on SRX5308 with firmware 4.3.5.3

Hi Golgotha,

 

Based from the logs you have posted, it seems that there is an Aggressive Mode request error.  I suggest you to delete the existing IKE / VPN policies then use the VPN Wizard to setup a client-to-box VPN.  Kindly access the articles below and use it as reference guides:

 

ProSAFE VPN Client: Client to Box Configuration

 

VPN Configuration of ProSafe VPN Lite software and NETGEAR ProSafe Router

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 2 of 5
DaneA
NETGEAR Employee Retired

Re: ERROR: invalid ID payload. on SRX5308 with firmware 4.3.5.3

@Golgotha,

 

I just want to follow-up on this.  Were you able to try to delete the existing IKE / VPN policies then use the VPN Wizard to setup a client-to-box VPN?  Also, were you able to access the articles I've shared and use it as reference guides?  If yes, what is the result? 

 

If ever your concern has been resolved, I encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution. The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!

 


Regards,

 

DaneA

NETGEAR Community Team

Message 3 of 5
Golgotha
Aspirant

Re: ERROR: invalid ID payload. on SRX5308 with firmware 4.3.5.3

OK I will try to add a new VPN, but I can't delete existing VPN used by others pepoles

Message 4 of 5
Golgotha
Aspirant

Re: ERROR: invalid ID payload. on SRX5308 with firmware 4.3.5.3

deleted exsisting VPN config, creatred new one (identic) :  OK  it's working fine

Message 5 of 5
Discussion stats
  • 4 replies
  • 8191 views
  • 0 kudos
  • 2 in conversation
Announcements