Searched through, and I haven't found this issue exactly mentioned in any threads. If it's already been addressed, feel free to point me at the link.
==================
I'm an IT rep for a consulting agency. One of my clients is an MRI doctor who requires a VPN tunnel to view his digital MRI images from home. At his house, I've installed a Netgear (you guessed it) FVS318. At the other end, I have a SonicWALL TZ 170 (SonicOS Standard 2.2). I've configured the tunnel to use a Preshared Key (lifetime of 3600/28800), with ESP(DES-CBC SHA-1). The tunnel, if both devices are up and running, connects in less than 15 seconds.
Once the preshared key times out, the problem starts. I cannot get the dang Netgear to respond. When pinging from behind the Sonicwall, this is what I get:
Tues, 12/07/2004 17:18:54 - FVS318 IPsec:Receive Packet address:0x1397478 from 66.139.207.156
Tues, 12/07/2004 17:18:54 - FVS318 IKE:[ToSonicWall] RX << XCHG_INFO : 66.139.207.156
Tues, 12/07/2004 17:18:54 - FVS318 IPsec:find_insa() not found
Tues, 12/07/2004 17:18:54 - FVS318 IPsec:NO inbound SA found for ESP
Tues, 12/07/2004 17:18:58 - FVS318 IPsec:find_insa() not found
Tues, 12/07/2004 17:18:58 - FVS318 IPsec:NO inbound SA found for ESP
Tues, 12/07/2004 17:19:00 - FVS318 IPsec:find_insa() not found
Tues, 12/07/2004 17:19:00 - FVS318 IPsec:NO inbound SA found for ESP
Tues, 12/07/2004 17:19:04 - FVS318 IPsec:find_insa() not found
Tues, 12/07/2004 17:19:04 - FVS318 IPsec:NO inbound SA found for ESP
Tues, 12/07/2004 17:19:10 - FVS318 IPsec:find_insa() not found
Tues, 12/07/2004 17:19:10 - FVS318 IPsec:NO inbound SA found for ESP
Tues, 12/07/2004 17:19:12 - FVS318 IPsec:event after this is EVENT_SA_EXPIRE in 2984 seconds
Tues, 12/07/2004 17:19:12 - FVS318 IPsec:handling event EVENT_RETRANSMIT for 428bcf9c "ToSonicWall" #38
Tues, 12/07/2004 17:19:12 - FVS318 IPsec:inserting event EVENT_RETRANSMIT, timeout in 40 seconds for #38
Then the thing just plain hangs. The only way I can get them to reconnect is to drop the connection on BOTH ends and start from scratch. As 3600 secs is a lifetime of only an hour, I'm having to do this every time the doc uses his VPN.
I can answer any details ya like about the config, just curious to see if anyone knows why the connection would just refuse to reconnect. I have the keepalive enabled, although the same issue occurred with the keepalive disabled, as well as the heartbeat. What am I missing?
==================
I'm an IT rep for a consulting agency. One of my clients is an MRI doctor who requires a VPN tunnel to view his digital MRI images from home. At his house, I've installed a Netgear (you guessed it) FVS318. At the other end, I have a SonicWALL TZ 170 (SonicOS Standard 2.2). I've configured the tunnel to use a Preshared Key (lifetime of 3600/28800), with ESP(DES-CBC SHA-1). The tunnel, if both devices are up and running, connects in less than 15 seconds.
Once the preshared key times out, the problem starts. I cannot get the dang Netgear to respond. When pinging from behind the Sonicwall, this is what I get:
Tues, 12/07/2004 17:18:54 - FVS318 IPsec:Receive Packet address:0x1397478 from 66.139.207.156
Tues, 12/07/2004 17:18:54 - FVS318 IKE:[ToSonicWall] RX << XCHG_INFO : 66.139.207.156
Tues, 12/07/2004 17:18:54 - FVS318 IPsec:find_insa() not found
Tues, 12/07/2004 17:18:54 - FVS318 IPsec:NO inbound SA found for ESP
Tues, 12/07/2004 17:18:58 - FVS318 IPsec:find_insa() not found
Tues, 12/07/2004 17:18:58 - FVS318 IPsec:NO inbound SA found for ESP
Tues, 12/07/2004 17:19:00 - FVS318 IPsec:find_insa() not found
Tues, 12/07/2004 17:19:00 - FVS318 IPsec:NO inbound SA found for ESP
Tues, 12/07/2004 17:19:04 - FVS318 IPsec:find_insa() not found
Tues, 12/07/2004 17:19:04 - FVS318 IPsec:NO inbound SA found for ESP
Tues, 12/07/2004 17:19:10 - FVS318 IPsec:find_insa() not found
Tues, 12/07/2004 17:19:10 - FVS318 IPsec:NO inbound SA found for ESP
Tues, 12/07/2004 17:19:12 - FVS318 IPsec:event after this is EVENT_SA_EXPIRE in 2984 seconds
Tues, 12/07/2004 17:19:12 - FVS318 IPsec:handling event EVENT_RETRANSMIT for 428bcf9c "ToSonicWall" #38
Tues, 12/07/2004 17:19:12 - FVS318 IPsec:inserting event EVENT_RETRANSMIT, timeout in 40 seconds for #38
Then the thing just plain hangs. The only way I can get them to reconnect is to drop the connection on BOTH ends and start from scratch. As 3600 secs is a lifetime of only an hour, I'm having to do this every time the doc uses his VPN.
I can answer any details ya like about the config, just curious to see if anyone knows why the connection would just refuse to reconnect. I have the keepalive enabled, although the same issue occurred with the keepalive disabled, as well as the heartbeat. What am I missing?