Need help seting up FVM318 VPN.

[crabjoe]

Got the router yesturday and I can't get this working. The problem is that the manual is not the same was what comes up on the GUI interface. Can anyone help me? Below is what I have setup for the VPN setting for a client to FVM318 connection. Let me know what I need to change and why please.

Netgear FVM318
==========================================
Connection Name TEST CONNECTION

Local IPSec Identifier HOME

Remote IPSec Identifier 0.0.0.0

Remote LAN IP Address 0.0.0.0

Remote LAN Subnet Mask 255.255.255.0

Remote WAN IP Address 0.0.0.0

==========================================
Secure Association Main Mode

Perfect Forward Secrecy Enabled

Encryption Protocol 3DES
PreShared Key testhome
Key Life Seconds 3600 sec
IKE Life Time Seconds 28800 sec
NETBIOS Enable

 

[crabjoe]

Can anyone confirm if my setup is right or wrong? Do I need to change anything if my WAN static ip is 166.22.24.15?

TIA!

 

[crabjoe]

I've changed some of the setting and it I look to be getting closer. Below are the changes to the Netgear and afterwards is the SafeNet Log. Can anyone tell me what I need to change and why? Thanks!!

Netgear FVM318
==========================================
Connection Name TEST CONNECTION

Local IPSec Identifier 166.22.24.15

Remote IPSec Identifier 0.0.0.0

Remote LAN IP Address 192.168.1.250

Remote LAN Subnet Mask 255.255.255.0

Remote WAN IP Address 0.0.0.0

==========================================
Secure Association Main Mode

Perfect Forward Secrecy Enabled

Encryption Protocol 3DES
PreShared Key testhome
Key Life Seconds 3600 sec
IKE Life Time Seconds 28800 sec
NETBIOS Enable

+++++++++++++++++++++++++++++++++++++++++++++++++++++++

Safenet Log:

12-17: 21:19:25.802
12-17: 21:19:25.862 My Connections\TEST - Initiating IKE Phase 1 (IP ADDR=166.22.24.15)
12-17: 21:19:25.862 My Connections\TEST - SENDING>>>> ISAKMP OAK MM (SA, VID 2x)
12-17: 21:19:25.872 My Connections\TEST - RECEIVED<<< ISAKMP OAK MM (SA)
12-17: 21:19:25.902 My Connections\TEST - SENDING>>>> ISAKMP OAK MM (KE, NON, VID 3x)
12-17: 21:19:28.856 My Connections\TEST - RECEIVED<<< ISAKMP OAK MM (KE, NON)
12-17: 21:19:28.876 My Connections\TEST - SENDING>>>> ISAKMP OAK MM *(ID, HASH, NOTIFY:STATUS_INITIAL_CONTACT)
12-17: 21:19:28.886 My Connections\TEST - RECEIVED<<< ISAKMP OAK MM *(ID, HASH)
12-17: 21:19:28.886 My Connections\TEST - Established IKE SA
12-17: 21:19:28.886 MY COOKIE bd 34 cb ed c8 1c 85 99
12-17: 21:19:28.886 HIS COOKIE e7 68 e8 b6 64 a4 40 7c
12-17: 21:19:28.926 My Connections\TEST - Initiating IKE Phase 2 with Client IDs (message id: 5178CE1E)
12-17: 21:19:28.926 Initiator = IP ADDR=166.93.54.24, prot = 0 port = 0
12-17: 21:19:28.926 Responder = IP SUBNET/MASK=192.168.1.250/255.255.255.0, prot = 0 port = 0
12-17: 21:19:28.926 My Connections\TEST - SENDING>>>> ISAKMP OAK QM *(HASH, SA, NON, KE, ID 2x)
12-17: 21:19:59.406 My Connections\Other Connections - message not received! Retransmitting!
12-17: 21:19:59.406 My Connections\Other Connections - SENDING>>>> ISAKMP OAK MM (Retransmission)
12-17: 21:20:14.426 My Connections\TEST - QM re-keying timed out (message id: 5178CE1E). Retry count: 1
12-17: 21:20:14.426 My Connections\TEST - SENDING>>>> ISAKMP OAK QM *(Retransmission)
12-17: 21:20:44.466 My Connections\Other Connections - message not received! Retransmitting!
12-17: 21:20:44.466 My Connections\Other Connections - SENDING>>>> ISAKMP OAK MM (Retransmission)
12-17: 21:20:59.486 My Connections\TEST - QM re-keying timed out (message id: 5178CE1E). Retry count: 2
12-17: 21:20:59.486 My Connections\TEST - SENDING>>>> ISAKMP OAK QM *(Retransmission)
12-17: 21:21:29.526 My Connections\Other Connections - message not received! Retransmitting!
12-17: 21:21:29.526 My Connections\Other Connections - SENDING>>>> ISAKMP OAK MM (Retransmission)
12-17: 21:21:44.546 My Connections\TEST - QM re-keying timed out (message id: 5178CE1E). Retry count: 3
12-17: 21:21:44.546 My Connections\TEST - SENDING>>>> ISAKMP OAK QM *(Retransmission)
12-17: 21:22:02.460

 

[crabjoe]

I was able to make a successfule connection.

 

[ryanczyz]

Hey CJ,

I have the FVM318 and I am trying to get it to work. I can get through phase 1, but when I get to phase two I can't get connected. Would it be possible for me to take a look at your config to see what I am missing on my router or safenet config? I upgraded to the beta firmware on the router to give me some more control over the connection, but that didn't help.

Thanks in advance for any help you might be able to lend

 

[crabjoe]

Post your email and I'd be happy to send you my config. BTW, I'm using Firmware P1.2 which is beta.

 

[ryanczyz]

Bah...forgot that didn't I!?!?

goatee@twcny.rr.com

Thanks CJ!

 

[horizon2000]

Guys help me out I have the same problem using Neatgear Prosafe FVS318 and Netgear client.
The log on my client looks the same as posted above.
It goes through phase 1 with no problem, on phase the client sends and does not get the response and then dumps the connection after 3 tries.

horizon2000@hotmail.com

 

[crabjoe]

Horizon2000,

1st, which version of the FVS318 firmware are you running? WHat I've found is that version 1.4 seems to be the most stable and I got it to work! So if your using a different version, either up or downgrade to firmware 1.4.