- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: IP-Sec VPN not working anymore after firmware upgrade
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I've been using this router for several weeks having configured several IP-Sec VPNs and they were all running well. Several VPNs were done with other Netgear Routers and also Sophos UTM.
After upgrading the router to the latest firmware version 4.3.4.-2 no VPN is working anymore.
Even a firmware downgrade did not resolve the problem.
I changed almost all possible parameters but i cannot make it work anymore.
Here a sample of the error log:
ue Jan 03 14:43:17 2017 (GMT +0100): [FVS336GV3] [IKE] INFO: Using IPsec SA configuration: 192.168.11.0/24<->192.168.8.6-192.168.8.7
Tue Jan 03 14:43:17 2017 (GMT +0100): [FVS336GV3] [IKE] INFO: FOUND
Tue Jan 03 14:43:01 2017 (GMT +0100): [FVS336GV3] [IKE] ERROR: Phase 1 negotiation failed due to time up for 85.93.207.129[4500]. 24a832a5878da190:b03d8a59ac711ff9
Tue Jan 03 14:42:59 2017 (GMT +0100): [FVS336GV3] [IKE] ERROR: Phase 2 negotiation failed due to time up waiting for phase1. ESP 85.93.207.129->192.168.178.2
Tue Jan 03 14:42:53 2017 (GMT +0100): [FVS336GV3] [IKE] ERROR: Could not find configuration for 88.207.169.115[4500]
Tue Jan 03 14:42:51 2017 (GMT +0100): [FVS336GV3] [IKE] INFO: Received Malformed packet of payload length 39027 and total length 40.
Tue Jan 03 14:42:40 2017 (GMT +0100): [FVS336GV3] [IKE] ERROR: Could not find configuration for 83.99.95.63[500]
Tue Jan 03 14:42:31 2017 (GMT +0100): [FVS336GV3] [IKE] INFO: Received Malformed packet of payload length 39027 and total length 40.
Tue Jan 03 14:42:30 2017 (GMT +0100): [FVS336GV3] [IKE] ERROR: Could not find configuration for 83.99.95.63[500]
Is there anybody that can help ?
Thanks a lot
Serge
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi DaneA
Sorry for my late reply as i have been sick lately.
Well Netgear sent me a new device. I installed all stored VPN settings and they are working fine. Then i did the firmware upgrade as well and the VPNs are still working.
So i think there must have been a hardware problem. I sent the other device back and probably Netgear will investigate the problem.
So they made me really happy as a customer and for sure i will remain a customer.
Thanks again to all you you involved to resolve may problems
Regards,
Serge
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: IP-Sec VPN not working anymore after firmware upgrade
Hi Sergek,
Welcome to the community! 🙂
Kindly answer the questions below:
a. Have you tried to delete the IKE and VPN policies then re-create it via the VPN Wizard after upgrading the firmware?
b. Did you factory reset the FVS336Gv3 after doing a firmware upgrade?
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: IP-Sec VPN not working anymore after firmware upgrade
Hi DaneA
Yes i did delete all Policies and reconfigured them completely new. I did not use the wizzard to configure the VPNs but did all manually.
I also did the factory reset and put my saved configs o the router, this did not work either.
Now i am able to reconnect a VPN with aonther Netgear device such as the FVS336GV2 but it still does not work with my Sophos UTM9
Thanks for your help
Regards,
Serge
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: IP-Sec VPN not working anymore after firmware upgrade
It seems you have isolated the problem. Since you got the VPN tunnel established between the FVS336Gv2 and FVS336Gv3 then it means that got the configuration right on both VPN firewall routers. You might need to check the VPN configuration on the Sophos UTM.
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: IP-Sec VPN not working anymore after firmware upgrade
So you suggest me to check all my other devices like the Sophos firewall, the Linksys routers, the Fritzboxes and all other connected devices ? How can it be that i had a system running for weeks and after a firmware upgrade nothing is working anymore .
Although i did not change any configuration on any of those other devices, no one except the Netgear to Netgear VPN is working anymore ? And even this VPN is not stable and i have to restart it daily.
If i change the V3 router with a V2 router using the same parameters, all works fine.
It seems to me that there is an issue with the new firmware since all other devices on my network are still fine, even the FVS336GV1 an 2 versions.
I had a similar issue two years ago when i made a firmware upgrade on my FVS336gv2. At least a firmware downgrade resolved the problem. But on my FVS336GV3 neither a Firmware downgrade nor anything else has resolved the problem so far.
Regards
Serge
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: IP-Sec VPN not working anymore after firmware upgrade
I understand that its kinda odd that the VPN would suddenly not work after doing a firmware upgrade on the FVS336Gv3. I believe it would help if you could also check the device on the other end of the VPN setup which I believe is the Sophos firewall. Kindly check if the SA Lifetime matches as well as the IKE/VPN policies as well.
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: IP-Sec VPN not working anymore after firmware upgrade
Hi DaneA
I checked the Sophos , the Linksys and all other endpoints and all parameters match. The weird thing is that now i have installed an FVS336GV2 with exact the same parameters and now all VPNs are working fine. If i use the FVS336GV3 i cannot make any VPN work other than to another Netgear device.
I do not know what else to do. Is there any possibility to downgrade the Router from the actual version 4.3.4-2 to its initial firmware 4.3.1-13 as there the router was workking fine?
I tried it but the downgrade is only possible to the 4.3.4.1 version.Below this i get an error message that the firmware is not correct.
Regards,
Serge
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: IP-Sec VPN not working anymore after firmware upgrade
From the release notes of both firmware v4.3.4.1 and v4.3.4-2, it doesn't say that you cannot downgrade to an earlier firmware version. You may check the release notes of v4.3.4.1 here and release notes of v4.3.4-2 here.
Based from your experience with the FVS336Gv3, I encourage you to open an online case with NETGEAR Support at anytime. Kindly state your concern and the troubleshooting steps we did to isolate the problem for further assistance since the VPN works fine using the FVS336Gv2.
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: IP-Sec VPN not working anymore after firmware upgrade
Hi Dane
The description might not say it but the experience does. I've tried the downgrade several times and each time the router tells me there is an issue with the uploaded firmware so i guess below a certain version the system won't accept a downgrade anymore.
I think i will follow your suggestion and open an oline case. I thought that Netgear would also follow this commuinty talks and maybe give some reactions about.
Le'ts see what they tell me to try further.
Thanks anyway for all the time you spent on trying to help me.
Regards,
Serge
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: IP-Sec VPN not working anymore after firmware upgrade
Hi DaneA
Yes i did open a case at Netgear and i had a talk to a really nice person on the phone. I gave them a remote router login so they could check the configuration i did. Apparently all was correct and no issue was visible. Finally they opended an RMA for the device to be exchanged. I got sent a new device to be installed. As i am not home now i cannot test it right now but I will do the replacement on the week end and see if it is a hardware problem or a firmware bug.
More information will follow
Regards,
Serge
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi DaneA
Sorry for my late reply as i have been sick lately.
Well Netgear sent me a new device. I installed all stored VPN settings and they are working fine. Then i did the firmware upgrade as well and the VPNs are still working.
So i think there must have been a hardware problem. I sent the other device back and probably Netgear will investigate the problem.
So they made me really happy as a customer and for sure i will remain a customer.
Thanks again to all you you involved to resolve may problems
Regards,
Serge
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: IP-Sec VPN not working anymore after firmware upgrade
Thanks for the update.:) I am glad to know that the replacement device sent to you by NETGEAR is working fine. 😄
Feel free to post your future concerns here in the community.
Cheers,
DaneA
NETGEAR Community Team