I'm having a tough time with this configuration. Netgear is no help as they have yet to respond to my E-Mails I've sent last week. Cisco is trying, but they don't know the NetGear device.
My configuration is this:
Remote Site: FVS318
IPSec Local: <local>
IPSec Remote: <remote>
Lan IP and Subnet information for office site
Forward Secrecy = enabled
Encryption = 3DES
Preshared Key
Office Site:
VPN 3005
IKE proposal:
Preshared Keys
SHA/HMAC-160
Encryption = 3DES
Diffe-Helman = Group 3 1536
Time Lifetime = 28800
IPSEC:
same as above
Definitions for local and remote networks defined
with wildcard subnet masks (opposite format)
SA:
IPSEC:
L2L: remote
From: Rule
ESP/SHA/HMAC-160
Encryption = 3DES
Encapsulation = Tunnel
Perfect forward secrecy = 1024 group 2
IKE:
Negotiatoin Mode: MAIN
Digital Certificate: none - using preshared key
IKE Proposal: NETGEARtoCISCO (just a name of the IKE
proposal up top).
I'm stuck and it fails during Phase I negotiations.
Now...I do have a PIX515 between the Netgear Router and my VPN. I have provided conduits open for ESP and AH from any. My normal Cisco VPN clients (on Windows 2000 laptops) connect up correctly, but my tunnel fails miserably.
Any help would be appreciated...also I'm taking a stab at the IKE Negotiations and setup between FVS318 and 3005. The FVS318 documentation just tells you what to set things at and some of the items aren't even listed - such as Forward Secrecy - is either on or off, but it should actually correspond to one of the GROUPS (1,2,5,7)???
Any help would be greatly appreciated - I can give more info if needed. I've become adept through playing around with the Cisco VPN at changing and reconfiguring very quickly on the 3005 and Netgear Side. But alas, Ive tried so many combinations and configurations that I'm running out of ideas?
My configuration is this:
Remote Site: FVS318
IPSec Local: <local>
IPSec Remote: <remote>
Lan IP and Subnet information for office site
Forward Secrecy = enabled
Encryption = 3DES
Preshared Key
Office Site:
VPN 3005
IKE proposal:
Preshared Keys
SHA/HMAC-160
Encryption = 3DES
Diffe-Helman = Group 3 1536
Time Lifetime = 28800
IPSEC:
same as above
Definitions for local and remote networks defined
with wildcard subnet masks (opposite format)
SA:
IPSEC:
L2L: remote
From: Rule
ESP/SHA/HMAC-160
Encryption = 3DES
Encapsulation = Tunnel
Perfect forward secrecy = 1024 group 2
IKE:
Negotiatoin Mode: MAIN
Digital Certificate: none - using preshared key
IKE Proposal: NETGEARtoCISCO (just a name of the IKE
proposal up top).
I'm stuck and it fails during Phase I negotiations.
Now...I do have a PIX515 between the Netgear Router and my VPN. I have provided conduits open for ESP and AH from any. My normal Cisco VPN clients (on Windows 2000 laptops) connect up correctly, but my tunnel fails miserably.
Any help would be appreciated...also I'm taking a stab at the IKE Negotiations and setup between FVS318 and 3005. The FVS318 documentation just tells you what to set things at and some of the items aren't even listed - such as Forward Secrecy - is either on or off, but it should actually correspond to one of the GROUPS (1,2,5,7)???
Any help would be greatly appreciated - I can give more info if needed. I've become adept through playing around with the Cisco VPN at changing and reconfiguring very quickly on the 3005 and Netgear Side. But alas, Ive tried so many combinations and configurations that I'm running out of ideas?