Another Netgear FVS318 <-> Prosafe issue

[bigbandjohn]

Greetings!

I'm new to the forum. Lots of helpful tips here, but I didn't see one specific scenario I have run into.

I have a Netgear 318 at home. I use Dynamic DNS due to the dynamic IP I get from my provider. On the other side, I have a Windows XP box at the office. We use DHCP on a private lan. No IP conflicts. (10.x.x.x at the office, 192.168.x.x at home).

Here's the problem. We have a firewall at the office. I can get PPTP to work with my old D-link, but there's no security. What do I need to do to get this to work in this scenario. Connecting to the office works from behind my firewall at home, so I know VPN's can work through firewalls.

Thanks.

 

[techmike15]

Hey,
if you have a dynamic ip on the 318 then you should go to dyndns.org and setup a free domain there. (dynamic DNS).

How are you connecting from the office? (VPN ROUTER, vpn software,etc).

And what are the configurations/setup?

 

[bigbandjohn]

More details... From the client log file....
7-29: 16:06:39.476
7-29: 16:06:39.476 My Connections\BigBandTun - Attempting to resolve Hostname (XXX.dyndns.org)
7-29: 16:06:39.486 My Connections\BigBandTun - Initiating IKE Phase 1 (Hostname=XXX.dyndns.org) (IP ADDR=68.221.66.XXX)
7-29: 16:06:39.486 My Connections\BigBandTun - SENDING>>>> ISAKMP OAK MM (SA, VID 2x)
7-29: 16:06:54.558 My Connections\BigBandTun - message not received! Retransmitting!
7-29: 16:06:54.558 My Connections\BigBandTun - SENDING>>>> ISAKMP OAK MM (Retransmission)
7-29: 16:07:09.579 My Connections\BigBandTun - message not received! Retransmitting!
7-29: 16:07:09.579 My Connections\BigBandTun - SENDING>>>> ISAKMP OAK MM (Retransmission)
7-29: 16:07:24.601 My Connections\BigBandTun - message not received! Retransmitting!
7-29: 16:07:24.601 My Connections\BigBandTun - SENDING>>>> ISAKMP OAK MM (Retransmission)
7-29: 16:07:39.623 My Connections\BigBandTun - Exceeded 3 IKE SA negotiation attempts

From the server logfile:

Thur, 07/29/2004 12:06:39 - BBRouter IPsec:Receive Packet address:0x13967d0 from 24.172.56.XXX
Thur, 07/29/2004 12:06:39 - BBRouter IPsec:main_inI1_outR1()
Thur, 07/29/2004 12:06:39 - BBRouter IKEeer Initialized IKE Main Mode
Thur, 07/29/2004 12:06:39 - BBRouter IKE:main_inI1_outR1() connection not found 68.221.66.XXX[500]-24.172.56.XXX[500]
Thur, 07/29/2004 12:06:39 - BBRouter IKE:Trying Dynamic IP Searching
Thur, 07/29/2004 12:06:39 - BBRouter IPsec:instantiated "BigBandTun_tmp2" for 24.172.56.XXX
Thur, 07/29/2004 12:06:39 - BBRouter IKE:[BigBandTun_tmp2] RX << MM_I1 : 24.172.56.XXX
Thur, 07/29/2004 12:06:39 - BBRouter IPsec:New State index:0, sno:9
Thur, 07/29/2004 12:06:39 - BBRouter IPsec:Oakley Transform 1 accepted
Thur, 07/29/2004 12:06:39 - BBRouter IKE:OAKLEY_PRESHARED_KEY/OAKLEY_3DES_CBC/MODP1024
Thur, 07/29/2004 12:06:39 - BBRouter IKE:[BigBandTun_tmp2] TX >> MM_R1 : 24.172.56.XXX
Thur, 07/29/2004 12:06:39 - BBRouter IPsec:inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #9
Thur, 07/29/2004 12:06:47 - BBRouter IPsec:handling event EVENT_RETRANSMIT for 18ac38aa "BigBandTun_tmp2" #9
Thur, 07/29/2004 12:06:47 - BBRouter IPsec:inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #9
Thur, 07/29/2004 12:06:55 - BBRouter IPsec:Receive Packet address:0x13967d0 from 24.172.56.XXX
Thur, 07/29/2004 12:06:55 - BBRouter IPsec:main_inI1_outR1()
Thur, 07/29/2004 12:06:55 - BBRouter IKEeer Initialized IKE Main Mode
Thur, 07/29/2004 12:06:55 - BBRouter IKE:[BigBandTun_tmp2] RX << MM_I1 : 24.172.56.XXX
Thur, 07/29/2004 12:06:55 - BBRouter IPsec:New State index:1, sno:10

[It repeated this pattern a couple times, and then finally ended as below]

Thur, 07/29/2004 12:08:17 - BBRouter IPsec:max number of retransmissions (2) reached STATE_MAIN_R1
Thur, 07/29/2004 12:08:33 - BBRouter IPsec:handling event EVENT_RETRANSMIT for 18ac38aa "BigBandTun_tmp2" #12
Thur, 07/29/2004 12:08:33 - BBRouter IPsec:max number of retransmissions (2) reached STATE_MAIN_R1
Thur, 07/29/2004 12:08:33 - BBRouter IPsec:[BigBandTun_tmp2] is removed from the head of conn_list
Thur, 07/29/2004 12:08:33 - BBRouter IPsec:Connection [BigBandTun_tmp2] is deleted from connection table

 

[bigbandjohn]

I'll clean up the actual settings information later today and post them tonight.

I am already registered at dyndns.org. Prosafe is my VPN client. Netgear 318 is at home.

 

[jw1911]

I have been having the same problem.

I find that using remote access to reboot the FVS318 restores the VPN connectivity.

Since my dynamic IP doesn't change that often I am going to try the IP address rather than my dyndns domain.

James

 

[IPDetective]

Hi there, I am new to this site and I was reading your postings. I had a similar problem trying to get into our clients site with PC anywhere. The IP address was always changing. You might want to try out IPDetective.ca , it automatically updates the IP address for you. You also don;t have to pay a fee every month. I hope it helps.