Orbi WiFi 7 RBE973
Reply

FVS318N Mobile VPN How To?

Digithead
Aspirant

FVS318N Mobile VPN How To?

I've been trying to figure this out for some time now as the documentation for this device is NOT real clear about it at all.

 

I'd like to configure the firewall such that I can get a VPN connection into the LAN from my laptop while out on the road. Using the VPN Wizzard apparently does NOT create the IKE / IPSec policies to make this WORK at all and unfortunately I cannot figure out how to create them manually. I've tried searching the community on this specific subject but it appears that the search engine doesn't really work either is the only results that come up have nothing to do with it what I'm looking for. I've tried every search term combination I can think of and still nothing. I purchased the full version of the Mobile VPN Client for the laptop and would really like to get it working.

 

Can anyone point me to a DETAILED explanation of just exactly how to do this?

 

Model: FVS318N|ProSafe Wireless N 8 port gigabit VPN firewall
Message 1 of 9

Accepted Solutions
Dan_Z
NETGEAR Expert

Re: FVS318N Mobile VPN How To?

Hi Digithead,
Welcome to the community!
If you want to use VPN connect to LAN from your laptop,you can use prosafe vpn client.
Firstly,create a client-to-gateway vpn on FVS318N,then use prosafe vpn client connect to the VPN.
Please see below reference:
http://www.downloads.netgear.com/files/GDC/FVS318N/QSGVPN_4Apr2012.pdf

 

Thanks,

Dan

View solution in original post

Message 2 of 9

All Replies
Dan_Z
NETGEAR Expert

Re: FVS318N Mobile VPN How To?

Hi Digithead,
Welcome to the community!
If you want to use VPN connect to LAN from your laptop,you can use prosafe vpn client.
Firstly,create a client-to-gateway vpn on FVS318N,then use prosafe vpn client connect to the VPN.
Please see below reference:
http://www.downloads.netgear.com/files/GDC/FVS318N/QSGVPN_4Apr2012.pdf

 

Thanks,

Dan

Message 2 of 9
Digithead
Aspirant

Re: FVS318N Mobile VPN How To?

Hello Dan,

 

Thank you for your reply and please forgive my tardiness in getting back to you.

 

I actually have that PDF already and have tried multiple times to get the Client-to-FVS318N VPN to work but I must be missing something somewhere. It simply would not work. As I mentioned in my initial post, I did purchase a full licensed version of the VPN client so that's not an issue. What seems to be happening is that the firewall's Wizzard never creates the Phase I and Phase II components of the policy so of course no "hand-shaking" ever gets completed resulting in no VPN connection. I just verified yesterday morning that both of my FVS318N firewalls are completely up to date with the latest firmware available so that shouldn't be the problem either.

 

I'll give this yet another go over the weekend though and see what happens. I'd really like to get this figured out and functioing though as  I have two trips coming up soon and I don't like the idea of "poking holes" through the firewalls to get into the network remotely.

 

Model: FVS318N|ProSafe Wireless N 8 port gigabit VPN firewall
Message 3 of 9
Dan_Z
NETGEAR Expert

Re: FVS318N Mobile VPN How To?

Hi Digithead,

How do you configed firewall's wan port?  The firewall connect to internet directly,or connect to other device?

 

Thanks,

Dan

 

Message 4 of 9
Digithead
Aspirant

Re: FVS318N Mobile VPN How To?

Yes of course the firewall is connected directly to the outside world, static IP address and all.

 

Actually about to just give up on this and find another solution as I've seen several other threads thus far with pretty much the same problem but no resolution.

 

I at least got to the point where the Client at least tries to connect but then fails with:

SEMD phase 1 Aggressive Mode [SA][KEY_EXCH][NONCE][ID][VID][VID][VID][VID][VID]

 

Repeats that three times and then quits. Everything on EACH end set exaclt the same. "Authentication (IKE) 28800" and "Encryption (IPSec) 3600" exactly as the PDF recommends... DH-1 set at both ends... but still nothing.

 

Message 5 of 9
DaneA
NETGEAR Employee Retired

Re: FVS318N Mobile VPN How To?

@Digithead,

 

I think it would be best that you post the settings you have configured step-by-step on your laptop and on the FVS318N.  In this way, the community members might be able to help figure out what needs to be corrected.  

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 6 of 9
Digithead
Aspirant

Re: FVS318N Mobile VPN How To?

Ok ... I am an IDIOT!

 

I kept digging at this for serveral hours yesterday and still could not get it to work. But what started to become obvious is this. I have the FVS318N's logging cranked up pretty high but I noticed there was nothing in the VPN log at all. Obviosuly the laptop wasn't even trying to connec to it at all. I finally realized (in my infinite stupidity) that something on the laptop itself had to be the culprit.

 

After thinking that chances are really high that the End Point Security software on the laptop might the issue, I schlepped it into the office with me this morning, dissabled the EPS software's local firewall and >BANG!< ... the laptop connect right up to the LAN at home with NO problem.

 

I can't begin to tell you how stupid I feel about this... but I do hope that you all get a really good laugh out of it.

<hanging head in deep shame>

 

Message 7 of 9
DaneA
NETGEAR Employee Retired

Re: FVS318N Mobile VPN How To?

@Digithead,

 

Thanks for the update. 🙂  Don't be harsh on yourself because these kind of scenario really happens even to me. 🙂  

 

I'm very glad to know that you were able to figure out the problem and you're the one who resolved it. 


Since your concern has been resolved, I encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution. The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!

 


Cheers,

 

DaneA

NETGEAR Community Team

Message 8 of 9
Digithead
Aspirant

Re: FVS318N Mobile VPN How To?

Hi @DaneA,

 

Not too sure I'm being harsh enough actually...

 

I also already selected the “Accepted Solution” as soon I posted that last reply so that's done.

 

I've also since created the required Policy on the End PointSecurity server's internal policies and forced the latop to re-synchronize with it (over the VPN I might add) so now that won't block it anymore.

 

I'm thrilled to have this working as I don't like poking holes though the firewalls as it defeats the purpose of having them.

Message 9 of 9
Discussion stats
  • 8 replies
  • 4036 views
  • 0 kudos
  • 3 in conversation
Announcements