Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Remote IP VPN Phone set up on Netgear FVG318 FVG338 2

Status
Not open for further replies.
IPOfficeIreland

IPOfficeIreland

Technical User
Oct 30, 2007
2,332
IE
Hi All

Setting up a Netgear FVG318 or FRV338 for Remote IP VPN Phone
should work with most Netgear routers as the GUI is the same

Assumed Points:
VoIP Extension created with VPN phone allowed
VPN PHone Valid License
Group number set to 876 (VPN) on the ip phone
VPN Firmware loaded onto IP Phone


Netgear Steps:

My Netgear External IP is 81.81.81.81, Internal Subnet is 192.168.1.0
Remote External IP Address and Internal Address does not come into effect
I use DES and MD5 as Encrytion Methods (You can use your preffered as long as you match)
My FQDN is iphone.com
My Pre-Shared Key is presharedkey

****Update to the latest Netgear firmware - won't work otherwise***
****Program Policies Manually - do not use Wizard*****
_________________________________________________________________________

Step 1A...Create an IKE Policy Under VPN Tab

General___
Policy Name: IPPhone
Direction: Responder
Exchange Mode: Aggressive

Local___
Identifier: Local WAN IP
Remote: USER-FQDN
IDENTIFIER: ipphone.com

IKE-SA Param___
Encryption Algo: DES
Authentication Algo: MD5
Authentication Method: Pre-Shared Key
Pre-shared Key: presharedkey (min 8 characters)
Diffie-Hellman: Group2
SA-LifeTime: 28800







Step 1B... Create a New VPN Policy (this is the policy which the IKE user applies to)

General___
Policy Details:
Policy Name: IPPhone
Policy Type: Auto
Remote Endpoint: FQDN ipphone.com
Enable Netbios: Not Ticked

Traffic___ (Program this part to suit your network)
Local IP: Subnet
Start IP: My local LAN 192.168.1.0
Subnet Mask: 255.255.255.0
Remote IP: Any (this means that the phone can be plugged into any connection and set up VPN)

Manual Policy Param____NOT USED

Auto Policy Param___
SA Lifetime: 3600 seconds
Enryption Algo: DES
Integrigty Algo: MD5
PFS Key Group: DH2

Assign the Above Policy to IKE Policy created in STEP1A Above


___________________________________________________________________________________________________________

IP Phone Settings:

Generic PSK Profile Selected
Server: 81.81.81.81
IKE ID: ipphone.com
PSK: presharedkey

IKE Parmamaters___
IKE ID Type: User-Fqdn
Diff-Hellman: 2
Encryption alg: DES
Authentic Alg: MD5
IKE Xchg Mode: Aggressive
IKE Config Mode: Disable
XAuth: Enable
CertExpiryCheck: Enable
CerDNCheck: Enable

IPSec Parameters___
Encryption Alg: DES
Authentication Alg: MD5
Diffie-Hellman: 2

VPN Start Mode: Boot
Password Type: N/A
Encapsulation: Disable
Syslog Server: Not Using

Protected Nets___
Virtual IP: 0.0.0.0 (Any)
Remote Net#1: 192.168.1.0/24
Remote Net#2...5: Not Used

Copy TOS: No
File Server: TFTP Server Address if using on remote network (I am using Boot mode VPN so sets up VPN first then looks for TFTP)
QTest: Disable
Conenctivity Check: Never

_

You should be able to now see that the VPN has been established in the Netgear Monitor

Good Luck!!
 
I'm trying to set this up on an FVs318v3 and everytime I finish with the VPN Policy, I lose internet access on our local network. Anyone know what I would be doing wrong?

On the FQDN being ipphone.com, can you put anthing you want in for the FQDN or does it have to actually be a real FQDN, such as as blah.dyndns.org?
 
anything you want, keep it simple, company.com, doesnt hhave to be a real address either.

re loosing internet. does this happen after you create a policy and reconnect? are you using latest firmware. this is a must. is router doing anything else which interferes?
 
It happens after I apply the VPN policy. After I hit apply, the internet is instantly down until I delete the VPN policy. I can have the IKE policy and still have everything work fine, as long as there is no VPN policy.

Here is a screenshot of my setup:

The only thing you can't see is the NetBios box, which is not checked.
 
The newest is 3.0_26, which is what I am running. Maybe the 318s didn't get the latest, only the 338s?
 
sorry the new firmware has a new gui but only on certain models.

im afraid i cant help you here, it looks like a firmware error. try the previous version.

also, is your subnet 192.168.1.0?
 
thatv looks fine. i use an fvg318 so no need to change model. try a factory reset or firmware dwngrde and reprogram.

good luck!
 
I am also having the problem of the internet dropping as soon I apply the vpn policy.

FVS318v3_26

Seems to be related to local IP - subnet. If I change that setting to range, internet stays up.
 
Just to narrow it down further, it's not a subnet issue, it drops when the Identifier from IKE policy, and Remote Endpoint from the VPN Policy are the same.
 
Is this the same as a FVS318v3?
 
Check the netgear faq regarding internet dropping
 
Status
Not open for further replies.

Similar threads

K
  • Locked
  • Question
96xx IP Phone not update.
Replies
7
Views
500
derfloh
derfloh
BerettaGuy
  • Locked
  • Question
IP phone on VPN one way audio 2
Replies
2
Views
209
Westi
Westi
William C290
  • Locked
  • Solved
J100 Phones on Remote Location
Replies
5
Views
481
William C290
William C290
vtt2019
  • Locked
  • Question
SBC - remote J100 phone getting SIP 481 Call/ Transaction Does Not Exist 1
Replies
3
Views
446
derfloh
derfloh
LidLock Technologies
  • Question
IP Office Server Edition R12 Unable to connect to remote WebLM Server
Replies
2
Views
159
LidLock Technologies
LidLock Technologies

Part and Inventory Search

Sponsor

Back
Top