Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cannot get VPN workign with Netgear FVS318 VPN router

Status
Not open for further replies.
cgreene2

cgreene2

MIS
Jan 11, 2003
2
US
Hello. I hope that someone can help me out.I'm trying to setup a VPN connection on a dynamic IP scheme to a static IP scheme with a Netgear FVS318 router at the site i'm trying to connect to. I downloaded and followed the instructions from netgears site:

This has not worked. I actually got a little farther than i did with Linksys documenation on setting up a VPN with one of their routers. The problem is that i'm trying to use IPSEC with 3des authentication. I setup the security policy on my XP machine so that it will allow tunneling to and from both sides for communication. But i keep getting a malformed packet error. I am at my wits end with this thing and dont have a clue of what to do next. Can someone help me out. Also here is what is in the routers VPN log.

Sat, 01/11/2003 21:37:42 - FVS318 IPsec:[test] is add into conn_list
Sat, 01/11/2003 21:37:42 - FVS318 IPsec:[test1] is add into conn_list
Sat, 01/11/2003 21:37:42 - FVS318 IPsec:[FVS318] is add into conn_list
Sat, 01/11/2003 21:41:57 - FVS318 IPsec:drop connection: FVS318
Sat, 01/11/2003 21:42:05 - FVS318 IPsec:drop connection: FVS318
Sat, 01/11/2003 21:42:35 - FVS318 IPsec:[test] is add into conn_list
Sat, 01/11/2003 21:42:35 - FVS318 IPsec:[test1] is add into conn_list
Sat, 01/11/2003 21:42:35 - FVS318 IPsec:[FVS318] is add into conn_list
Sat, 01/11/2003 21:44:40 - FVS318 IPsec:Receive Packet address:0x1806ac4 from 24.73.4.21
Sat, 01/11/2003 21:44:40 - FVS318 IPsec:try to find 420eb364-18490415, ->(420eb364, 18490415)
Sat, 01/11/2003 21:44:40 - FVS318 IPsec:main_inI1_outR1()
Sat, 01/11/2003 21:44:40 - FVS318 IKE:peer Initialized IKE Main Mode
Sat, 01/11/2003 21:44:40 - FVS318 IKE:[FVS318] RX << MM_I1 : 24.73.4.21
Sat, 01/11/2003 21:44:40 - FVS318 IPsec:New State index:0, sno:1
Sat, 01/11/2003 21:44:40 - FVS318 IPsec:responding to Main Mode
Sat, 01/11/2003 21:44:40 - FVS318 IKE:OAKLEY_PRESHARED_KEY/OAKLEY_3DES_CBC/MODP1024
Sat, 01/11/2003 21:44:40 - FVS318 IKE:[FVS318] TX >> MM_R1 : 24.73.4.21
Sat, 01/11/2003 21:44:40 - FVS318 IPsec:Call SendUDP: len=84
Sat, 01/11/2003 21:44:40 - FVS318 IPsec:inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
Sat, 01/11/2003 21:44:40 - FVS318 IPsec:Receive Packet address:0x1806ac4 from 24.73.4.21
Sat, 01/11/2003 21:44:40 - FVS318 IPsec:main_inI2_outR2()
Sat, 01/11/2003 21:44:40 - FVS318 IKE:[FVS318] RX << MM_I2 : 24.73.4.21
Sat, 01/11/2003 21:44:40 - FVS318 IKE:[FVS318] TX >> MM_R2 : 24.73.4.21
Sat, 01/11/2003 21:44:40 - FVS318 IPsec:Call SendUDP: len=180
Sat, 01/11/2003 21:44:40 - FVS318 IPsec:inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:Receive Packet address:0x1806ac4 from 24.73.4.21
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:loglog[3] discarding duplicate packet; already STATE_MAIN_R2
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:Receive Packet address:0x1806ac4 from 24.73.4.21
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:loglog[3] discarding duplicate packet; already STATE_MAIN_R2
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:Receive Packet address:0x1806ac4 from 24.73.4.21
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:main_inI3_outR3()
Sat, 01/11/2003 21:44:42 - FVS318 IKE:[FVS318] RX << MM_I3 : 24.73.4.21
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:Decoded Peer's ID is ID_IPV4_ADDR:192.168.30.5 and 0.0.0.0 in st
Sat, 01/11/2003 21:44:42 - FVS318 IKE:[FVS318] TX >> MM_R3 : 24.73.4.21
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:Call SendUDP: len=68
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:inserting event EVENT_SA_EXPIRE, timeout in 28980 seconds for #1
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:STATE_MAIN_R3: sent MR3, ISAKMP SA established
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:Receive Packet address:0x1806ac4 from 24.73.4.21
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:New State index:1, sno:2
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:quick_inI1_outR1()
Sat, 01/11/2003 21:44:42 - FVS318 IKE:[FVS318] RX << QM_I1 : 24.73.4.21
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:peer client ID payload ID_IPV4_ADDR specifies protocol 17; we only support 0
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:Receive Packet address:0x1806ac4 from 24.73.4.21
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:loglog[3] *#hahaha.... next payload type of ISAKMP Hash Payload has an unknown value: 51
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:malformed payload in packet
Sat, 01/11/2003 21:44:44 - FVS318 IPsec:Receive Packet address:0x1806ac4 from 24.73.4.21
Sat, 01/11/2003 21:44:44 - FVS318 IPsec:loglog[3] *#hahaha.... next payload type of ISAKMP Hash Payload has an unknown value: 51
Sat, 01/11/2003 21:44:44 - FVS318 IPsec:malformed payload in packet
Sat, 01/11/2003 21:44:48 - FVS318 IPsec:Receive Packet address:0x1806ac4 from 24.73.4.21
Sat, 01/11/2003 21:44:48 - FVS318 IPsec:loglog[3] *#hahaha.... next payload type of ISAKMP Hash Payload has an unknown value: 51
Sat, 01/11/2003 21:44:48 - FVS318 IPsec:malformed payload in packet
Sat, 01/11/2003 21:44:58 - FVS318 IPsec:Receive Packet address:0x1806ac4 from 24.73.4.21
Sat, 01/11/2003 21:44:58 - FVS318 IPsec:loglog[3] *#hahaha.... next payload type of ISAKMP Hash Payload has an unknown value: 51
Sat, 01/11/2003 21:44:58 - FVS318 IPsec:malformed payload in packet
Sat, 01/11/2003 21:45:14 - FVS318 IPsec:Receive Packet address:0x1806ac4 from 24.73.4.21
Sat, 01/11/2003 21:45:14 - FVS318 IPsec:loglog[3] *#hahaha.... next payload type of ISAKMP Hash Payload has an unknown value: 51
Sat, 01/11/2003 21:45:14 - FVS318 IPsec:malformed payload in packet
 
Sort by date Sort by votes
Not familiar with the specific equipment, but . . .
The important part is in the line that says:
Sat, 01/11/2003 21:44:42 - FVS318 IPsec:peer client ID payload ID_IPV4_ADDR specifies protocol 17; we only support 0

Protocol 17 is UDP, protocol 0 is for ipv6 only, so I would interpret this to mean that you need UDP open on a port, but there are no protocols open on that port. I would check to make sure that UDP can get through on ports 500 and 1701.
 
Upvote 0 Downvote
I'm actually getting closer. I was able to at least get the negotiating ip when trying to ping the remote lan address. gotta keep plugging away.....
 
Upvote 0 Downvote
I just got my fvs318 working, I am using a W2K server and passing through the router, but the thing holding me up was opening udp on port 500 for ipsec. go to add services, set up a service that uses udp on port 500, and then go to ports and add that service as always allowed, and be sure it is enabled. that should allow ipsec to function.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Locked
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
676
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Locked
  • Question
Best vpn safe and fast
Replies
4
Views
507
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
463
sircles
sircles
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
416
Joon Smith
Joon Smith
LearningNetworking
  • Locked
  • Question
Linking Hosts on the same subnet via VPN
Replies
0
Views
468
LearningNetworking
LearningNetworking

Part and Inventory Search

Sponsor

Back
Top