Chrisanzalone007
Vendor
Hello,
This has been a bit challenging,
I've been asked to setup a VPN for the Avaya VOIP/VPN Phone (received documentation for a 9620L)
I'm a bit lost as to why it does not work.
I've setup the mobile vpn in our watchguard xtm26 with IPsec, setup a group, and psk. Added the user to the group, and I tested using an IPsec client on the iPhone (much less configuration!)
Where the phone system lives we have a 10.0.2.0/24 subnet (at the main office)
The VPN pool is 10.0.3.1 through 10.0.3.10
The VPN works from other devices, so I suspect I'm not filling out the form I've been given correctly (Which was taken/modified from a sonicwall user who successfully set it up)
Here is what I provided (Phase1/Phase2 are matching the Watchguard)
VPN Phone Settings
VPN- Enable
VPN Vendor- Juniper
Gateway - (EDITED)
External Phone address- 0.0.0.0
External Router- 0.0.0.0
External Subnet- 0.0.0.0
External DNS- 0.0.0.0
Encapsulation- 4500-4500
Copy tos- no
Auth Type- PSK w/ xauth
User Cred
User Type 1 user
Vpn user avaya1
Password Type Save in Flash
User Password (EDITED / Password assigned in WSM to avaya1)
IKE ID - avayavpn (Group name created in WSM, where users reside)
PSK - (PSK Password assigned to mobile IPsec vpn)
IKE Phase 1
IKE ID Type - IKE_ID
DH Group - 2
Encryption ALG - 3DES
Authentication ALG – SHA1
IKE Xchange Mode - Aggressive
IKE Config Mode - Disable
IKE Phase 2
Encryption ALG - 3DES
Authentication ALG – SHA1
DH Group - No PFS
Protected Nets 10.0.2.0/24
IKE over TCP- Auto
I receive invalid id payload / no matching tunnel route for peer proposed local: 10.0.2.0/24 remote: 10.37.1.50/32
10.0.2.0/24 is in the "allowed resources" window on the vpn policy.
Any help would be appreciated,
Thanks
This has been a bit challenging,
I've been asked to setup a VPN for the Avaya VOIP/VPN Phone (received documentation for a 9620L)
I'm a bit lost as to why it does not work.
I've setup the mobile vpn in our watchguard xtm26 with IPsec, setup a group, and psk. Added the user to the group, and I tested using an IPsec client on the iPhone (much less configuration!)
Where the phone system lives we have a 10.0.2.0/24 subnet (at the main office)
The VPN pool is 10.0.3.1 through 10.0.3.10
The VPN works from other devices, so I suspect I'm not filling out the form I've been given correctly (Which was taken/modified from a sonicwall user who successfully set it up)
Here is what I provided (Phase1/Phase2 are matching the Watchguard)
VPN Phone Settings
VPN- Enable
VPN Vendor- Juniper
Gateway - (EDITED)
External Phone address- 0.0.0.0
External Router- 0.0.0.0
External Subnet- 0.0.0.0
External DNS- 0.0.0.0
Encapsulation- 4500-4500
Copy tos- no
Auth Type- PSK w/ xauth
User Cred
User Type 1 user
Vpn user avaya1
Password Type Save in Flash
User Password (EDITED / Password assigned in WSM to avaya1)
IKE ID - avayavpn (Group name created in WSM, where users reside)
PSK - (PSK Password assigned to mobile IPsec vpn)
IKE Phase 1
IKE ID Type - IKE_ID
DH Group - 2
Encryption ALG - 3DES
Authentication ALG – SHA1
IKE Xchange Mode - Aggressive
IKE Config Mode - Disable
IKE Phase 2
Encryption ALG - 3DES
Authentication ALG – SHA1
DH Group - No PFS
Protected Nets 10.0.2.0/24
IKE over TCP- Auto
I receive invalid id payload / no matching tunnel route for peer proposed local: 10.0.2.0/24 remote: 10.37.1.50/32
10.0.2.0/24 is in the "allowed resources" window on the vpn policy.
Any help would be appreciated,
Thanks
