Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IPO 6.0 - 5620 VPN Phone with Netgear FVS318v3

Status
Not open for further replies.
vtphilk

vtphilk

Technical User
Sep 13, 2006
80
US
So I'm trying to get a couple 5620's hooked up to a 318v3 netgear. I have tried to follow some of the users that have done it on this forum but not having luck.

From what I can tell the fvs318v3 does not support 'users' so you can only use the PSK methods which is fine for me.

But, I have my 5620 upgraded to the VPN firmware and using the "Generic PSK" profile. Everytime I try and connect it is complaining about the "ID" being incorrect:

Log from FVS318:

[2010-12-01 23:59:07][==== IKE PHASE 1(from 69.11.11.11) START (responder) ====]
[2010-12-01 23:59:07]**** RECEIVED FIRST MESSAGE OF AGGR MODE ****
[2010-12-01 23:59:07]<POLICY: > PAYLOADS: SA,PROP,TRANS,KE,NONCE,ID,VID,VID,VID,VID,VID,VID
[2010-12-01 23:59:07]SENDING NOTIFY MSG:
[2010-12-01 23:59:07]INVALID_ID_INFORMATION
[2010-12-01 23:59:07]**** SENT OUT INFORMATIONAL EXCHANGE MESSAGE ****
[2010-12-01 23:59:07]<POLICY: > PAYLOADS: NOTIFY
[2010-12-01 23:59:09][==== IKE PHASE 1(from 69.11.11.11) START (responder) ====]
[2010-12-01 23:59:09]**** RECEIVED FIRST MESSAGE OF AGGR MODE ****
[2010-12-01 23:59:09]<POLICY: > PAYLOADS: SA,PROP,TRANS,KE,NONCE,ID,VID,VID,VID,VID,VID,VID
[2010-12-01 23:59:09]SENDING NOTIFY MSG:
[2010-12-01 23:59:09]INVALID_ID_INFORMATION
[2010-12-01 23:59:09]**** SENT OUT INFORMATIONAL EXCHANGE MESSAGE ****
[2010-12-01 23:59:09]<POLICY: > PAYLOADS: NOTIFY




The phone is saying the same thing. I setup the syslog server on the phone and I see this coming from the phone:


<175>192.168.0.55 isakmp_start_session-374: Loading oakley prefrences 192.168.0.55 03/12 10:05:27.974
<175>192.168.0.55 construct_isakmp_sa-246: Building phase 1 SA payload for 72.11.11.11 192.168.0.55 03/12 10:05:27.976
<175>192.168.0.55 construct_ke-191: Constructing key exchange payload for 72.11.11.11 192.168.0.55 03/12 10:05:28.949
<175>192.168.0.55 construct_id-251: Constructing id payload 192.168.0.55 03/12 10:05:28.973
<175>192.168.0.55 got_info_xchg-137: rcv'd phase 1 notify, Invalid id info 192.168.0.55 03/12 10:05:29.065
<175>192.168.0.55 timed_out-138: Retransmission timeout, count = 0 192.168.0.55 03/12 10:05:31.083
<175>192.168.0.55 got_info_xchg-137: rcv'd phase 1 notify, Invalid id info 192.168.0.55 03/12 10:05:31.212
<175>192.168.0.55 timed_out-138: Retransmission timeout, count = 1 192.168.0.55 03/12 10:05:33.211
<175>192.168.0.55 got_info_xchg-137: rcv'd phase 1 notify, Invalid id info 192.168.0.55 03/12 10:05:33.335
<175>192.168.0.55 timed_out-138: Retransmission timeout, count = 2 192.168.0.55 03/12 10:05:34.331
<175>192.168.0.55 got_info_xchg-137: rcv'd phase 1 notify, Invalid id info 192.168.0.55 03/12 10:05:34.441
<175>192.168.0.55 timed_out-138: Retransmission timeout, count = 3 192.168.0.55 03/12 10:05:36.441
<175>192.168.0.55 got_info_xchg-137: rcv'd phase 1 notify, Invalid id info 192.168.0.55 03/12 10:05:36.552
<175>192.168.0.55 timed_out-138: Retransmission timeout, count = 4 192.168.0.55 03/12 10:05:38.551
<171>192.168.0.55 vpnSetLastError-587: Error Encountered at 142 in IKMPD 192.168.0.55 03/12 10:05:38.553
<171>192.168.0.55 timed_out-143: IKE Phase1 no response 4 192.168.0.55 03/12 10:05:38.555
<171>192.168.0.55 vpnSetLastError-587: Error Encountered at 459 in IKECFG 192.168.0.55 03/12 10:05:38.557
<175>192.168.0.55 RestoreRealIP-98: DeInit of Virtual if not required 192.168.0.55 03/12 10:05:40.552
<174>192.168.0.55 SetupVPNTunnel-983: SetupIKEAndIPsecSAs Returned -2 192.168.0.55 03/12 10:05:40.581
<174>192.168.0.55 ike_msg_task-909: Exiting from ike_msg_task 192.168.0.55 03/12 10:05:40.627
<175>192.168.0.55 UpdateIkeConfig-1706: Adding member tunnel ID type 0x3 mem ID type 0x4 192.168.0.55 03/12 10:07:40.879
<175>192.168.0.55 UpdateIkeConfig-1706: Adding member tunnel ID type 0x1 mem ID type 0x4 192.168.0.55 03/12 10:07:40.881
<175>192.168.0.55 ResetSpiIgnoreList-267: Reset the spi recent list 192.168.0.55 03/12 10:07:40.904
<175>192.168.0.55 start_ike_msg_task-927: IKE MSG Queue Created 192.168.0.55 03/12 10:07:40.905
<175>192.168.0.55 vpn_fill_conn_info-527: Remote mem mask = 0xffffff00 bits = 24 192.168.0.55 03/12 10:07:40.937
<175>192.168.0.55 vpn_fill_conn_info-537: Initializing with default tunnel for phase1 192.168.0.55:32 ===> 192.168.19.0:24 192.168.0.55 03/12 10:07:40.939
<175>192.168.0.55 get_default_remote_port-269: Default remote ike port is 500 192.168.0.55 03/12 10:07:40.942
<174>192.168.0.55 isakmp_start_xauth-636: Phase1 negotiation started with 72.11.11.11 192.168.0.55 03/12 10:07:40.944
<175>192.168.0.55 isakmp_start_session-374: Loading oakley prefrences 192.168.0.55 03/12 10:07:40.946
<175>192.168.0.55 construct_isakmp_sa-246: Building phase 1 SA payload for 72.11.11.11 192.168.0.55 03/12 10:07:40.946
<175>192.168.0.55 construct_ke-191: Constructing key exchange payload for 72.11.11.11 192.168.0.55 03/12 10:07:41.935
<175>192.168.0.55 construct_id-251: Constructing id payload 192.168.0.55 03/12 10:07:41.937
<175>192.168.0.55 got_info_xchg-137: rcv'd phase 1 notify, Invalid id info 192.168.0.55 03/12 10:07:42.042
<175>192.168.0.55 timed_out-138: Retransmission timeout, count = 0 192.168.0.55 03/12 10:07:44.062
<175>192.168.0.55 got_info_xchg-137: rcv'd phase 1 notify, Invalid id info 192.168.0.55 03/12 10:07:44.165
<175>192.168.0.55 timed_out-138: Retransmission timeout, count = 1 192.168.0.55 03/12 10:07:46.161
<175>192.168.0.55 got_info_xchg-137: rcv'd phase 1 notify, Invalid id info 192.168.0.55 03/12 10:07:46.272
<175>192.168.0.55 timed_out-138: Retransmission timeout, count = 2 192.168.0.55 03/12 10:07:48.271
<175>192.168.0.55 got_info_xchg-137: rcv'd phase 1 notify, Invalid id info 192.168.0.55 03/12 10:07:48.374
<175>192.168.0.55 timed_out-138: Retransmission timeout, count = 3 192.168.0.55 03/12 10:07:49.371
<175>192.168.0.55 got_info_xchg-137: rcv'd phase 1 notify, Invalid id info 192.168.0.55 03/12 10:07:49.474
<175>192.168.0.55 timed_out-138: Retransmission timeout, count = 4 192.168.0.55 03/12 10:07:51.470
<171>192.168.0.55 vpnSetLastError-587: Error Encountered at 142 in IKMPD 192.168.0.55 03/12 10:07:51.472
<171>192.168.0.55 timed_out-143: IKE Phase1 no response 4 192.168.0.55 03/12 10:07:51.513
<171>192.168.0.55 vpnSetLastError-587: Error Encountered at 459 in IKECFG 192.168.0.55 03/12 10:07:51.514
<175>192.168.0.55 RestoreRealIP-98: DeInit of Virtual if not required 192.168.0.55 03/12 10:07:53.470
<174>192.168.0.55 SetupVPNTunnel-983: SetupIKEAndIPsecSAs Returned -2 192.168.0.55 03/12 10:07:53.474
<174>192.168.0.55 ike_msg_task-909: Exiting from ike_msg_task 192.168.0.55 03/12 10:07:53.546





Anyone have any ideas... On phone the phone and router I have the IKE ID set to "remote" and "USER-Fqdn" however it is not working. I know the FVS318 is not a 'supported' router but many people seem to have gotten it working. I'm trying to do this install on the cheap for these guys..

thanks
 
Sort by date Sort by votes
If you want it cheap then stop and buy a 336v2
then use the 338 doc.
Then aften ten minutes you have a phone working.
I have spend 3 days on a 318 and hsm helped me too.
Then only 1 phone will work and not multiple.

Homo sapiens non urinat in ventum

honey, i fried the IP Office !!!

Sarcasm, it's only one of the services I offer.
 
Upvote 0 Downvote
Problem was..the 318 was available local in a store...so I picked it up on the quick. I guess I can return it but I don't even see a 336v2 ?
 
Upvote 0 Downvote
Nevermind..I see the 336G which is gigabit ...but its more than the 338 so I guess I would just get a 338.
 
Upvote 0 Downvote
The 338 is not available anymore but if you find one then you can use it.
I have set up two 336Gv2 and twice it worked immediately.


Homo sapiens non urinat in ventum

honey, i fried the IP Office !!!

Sarcasm, it's only one of the services I offer.
 
Upvote 0 Downvote
Weird thou...there was a post that i printed out on this forum which caused me to get the 318v3. The guy said it worked as long as you upgraded firmware and followed steps. Can't find it now....

So is the 338 or 336G the way to go..i don't see a 336 without gigabit and the 336G is about $100 more
 
Upvote 0 Downvote
That $100 is saved very quickly.
Please believe me, i feel ashamed that i have tried the 318.
It took days which cost many more then that $100


Homo sapiens non urinat in ventum

honey, i fried the IP Office !!!

Sarcasm, it's only one of the services I offer.
 
Upvote 0 Downvote
I know that topic and there are more.
You will get max 1 phone working and i even do not know if it will work well all the time.



Homo sapiens non urinat in ventum

honey, i fried the IP Office !!!

Sarcasm, it's only one of the services I offer.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MoJHK
  • Locked
  • Question
IPO 500 K-175 vantage phone call pick up button
Replies
4
Views
289
MoJHK
MoJHK
DTGMI
  • Question
IPO VMPRO R4.2 SW
Replies
4
Views
253
DTGMI
DTGMI
telfire
  • Locked
  • Question
IPO R11.1.3 with Flowroute SIP Trunk - multiple registrations 1
Replies
10
Views
622
derfloh
derfloh
atcphone
  • Locked
  • Helpful tip
Avaya IPO Virtualization
Replies
1
Views
452
derfloh
derfloh
William C290
  • Locked
  • Solved
ACCS & IPO 1
Replies
4
Views
737
William C290
William C290

Part and Inventory Search

Sponsor

Back
Top