FVS336GV2 - IPSec VPN issues - Openswan / Orange

assistance · ‎2016-11-21

Hi,

I try to configure a site-to-site VPN with one FVS336GV2 and OpenSwan.

The log are :

Mon Nov 21 09:53:39 2016 (GMT +0100): [FVS336Gv2] [IKE] ERROR:  Unknown notify message from {REMOTE_IP}[500].No phase2 handle found.
Mon Nov 21 09:53:37 2016 (GMT +0100): [FVS336Gv2] [IKE] ERROR:  Failed to get IPsec SA configuration for: 192.168.0.64/27<->10.48.140.0/27 from {REMOTE_IP}/32
Mon Nov 21 09:53:37 2016 (GMT +0100): [FVS336Gv2] [IKE] INFO:  Responding to new phase 2 negotiation: {LOCAL_WAN_IP}[0]<=>{REMOTE_IP}[0]
Mon Nov 21 09:53:33 2016 (GMT +0100): [FVS336Gv2] [IKE] ERROR:  ignore information due to hash length mismatch
Mon Nov 21 09:53:29 2016 (GMT +0100): [FVS336Gv2] [IKE] ERROR:  Unknown notify message from {REMOTE_IP}[500].No phase2 handle found.
Mon Nov 21 09:53:27 2016 (GMT +0100): [FVS336Gv2] [IKE] ERROR:  Failed to get IPsec SA configuration for: 192.168.0.64/27<->10.48.140.0/27 from {REMOTE_IP}/32
Mon Nov 21 09:53:27 2016 (GMT +0100): [FVS336Gv2] [IKE] INFO:  Responding to new phase 2 negotiation: {LOCAL_WAN_IP}[0]<=>{REMOTE_IP}[0]
Mon Nov 21 09:53:24 2016 (GMT +0100): [FVS336Gv2] [IKE] ERROR:  ignore information due to hash length mismatch
Mon Nov 21 09:53:19 2016 (GMT +0100): [FVS336Gv2] [IKE] ERROR:  Unknown notify message from {REMOTE_IP}[500].No phase2 handle found.
Mon Nov 21 09:53:13 2016 (GMT +0100): [FVS336Gv2] [IKE] ERROR:  ignore information due to hash length mismatch
Mon Nov 21 09:53:13 2016 (GMT +0100): [FVS336Gv2] [IKE] INFO:  Initiating new phase 2 negotiation: {LOCAL_WAN_IP}[500]<=>{REMOTE_IP}[0]
Mon Nov 21 09:53:13 2016 (GMT +0100): [FVS336Gv2] [IKE] INFO:  Configuration found for {REMOTE_IP}.
Mon Nov 21 09:53:13 2016 (GMT +0100): [FVS336Gv2] [IKE] INFO:  Configuration found for {REMOTE_IP}.
Mon Nov 21 09:53:13 2016 (GMT +0100): [FVS336Gv2] [IKE] INFO:  FOUND
Mon Nov 21 09:53:13 2016 (GMT +0100): [FVS336Gv2] [IKE] INFO:  accept a request to establish IKE-SA: {REMOTE_IP}

I can manage the configuration on the FVS336GV2 but not on the openswan.

The configuration for FVS336Gv2 :

Thank you for your help

DaneA · ‎2016-11-21

Hi assistance,

Welcome to the community! 🙂

I am not familiar with Openswan. However, let me share the links below that I found online:

http://xmodulo.com/create-site-to-site-ipsec-vpn-tunnel-openswan-linux.html

https://wiki.openwrt.org/doc/howto/vpn.ipsec.site2site.openswan

http://mdsh.com/wiki/jsp/Wiki?topic=vpn%3Aipsec%3Aopenswan+to+netgear+dg834&action=action_printable

If ever you have already came across with the links above, hope that others here within the community will share their knowledge about your concern.

Regards,

DaneA

NETGEAR Community Team

DaneA · ‎2016-11-24

Hi assistance,

I just want to follow-up. Did the links I found online helped you? If not, I suggest you to post your concern on the Linux/Openswan forum sites and if ever a solution has been posted there, kindly share the link here so that other community members would benefit.

Regards,

DaneA

NETGEAR Community Team

FVS336GV2 - IPSec VPN issues - Openswan / Orange

FVS336GV2 - IPSec VPN issues - Openswan / Orange

Re: FVS336GV2 - IPSec VPN issues - Openswan / Orange

Re: FVS336GV2 - IPSec VPN issues - Openswan / Orange