I have a 2040 pro enhanced.
When I initially setup my WAN Group VPN I had 1 ISP on the primay WAN port (X1) and every thing worked fine.
I have a new ISP on my Primary port X1 and moved my previous ISP to X2 and have the ISP's setup in a basic active/passive failover mode (if that matters).
Anyway, I have never been able to get the Global VPN client to connect via X1 on my new ISP. I can still connect via X2 which is on my old ISP.
When I try to connect to X1 the client just hangs forever trying to connect, and my firewall log shows this error for the IP I am trying to connect from:
"Alert Intrusion Prevention IP spoof dropped"
Log of denied connection attempt on X1:
06/17/2009 09:43:52.336 - Alert - Intrusion Prevention - IP spoof dropped - 205.161.24.196, 50831, X1 - 63.245.170.60, 8, X1 - MAC address: 00:13:7f:39:60:1b
06/17/2009 09:43:52.336 - Notice - Network Access - ICMP packet dropped no match - 205.161.24.196, 50831, X1 - 63.245.170.60, 8, X1 - ICMP Echo, Code: 0
06/17/2009 09:44:54.240 - Alert - Intrusion Prevention - IP spoof dropped - 205.161.24.196, 500, X1 - 63.245.170.60, 500, X1 - MAC address: 00:13:7f:39:60:1b
Successful connection attempt on X2:
06/17/2009 09:47:19.816 - Info - VPN IKE - IKE Responder: Received Aggressive Mode request (Phase 1) - 205.161.24.196, 500 - 205.161.24.197, 500 -
06/17/2009 09:47:19.848 - Info - VPN IKE - IKE Responder: Aggressive Mode complete (Phase 1) - 205.161.24.196, 50836 - 205.161.24.197, 4500 - VPN Policy: WAN GroupVPN;3DES; SHA1; DH Group 2; lifetime=28800 secs
06/17/2009 09:47:19.864 - Info - VPN IKE - Received IKE SA delete request - 205.161.24.196, 50836 - 205.161.24.197, 4500 - VPN Policy: WAN GroupVPN
When I initially setup my WAN Group VPN I had 1 ISP on the primay WAN port (X1) and every thing worked fine.
I have a new ISP on my Primary port X1 and moved my previous ISP to X2 and have the ISP's setup in a basic active/passive failover mode (if that matters).
Anyway, I have never been able to get the Global VPN client to connect via X1 on my new ISP. I can still connect via X2 which is on my old ISP.
When I try to connect to X1 the client just hangs forever trying to connect, and my firewall log shows this error for the IP I am trying to connect from:
"Alert Intrusion Prevention IP spoof dropped"
Log of denied connection attempt on X1:
06/17/2009 09:43:52.336 - Alert - Intrusion Prevention - IP spoof dropped - 205.161.24.196, 50831, X1 - 63.245.170.60, 8, X1 - MAC address: 00:13:7f:39:60:1b
06/17/2009 09:43:52.336 - Notice - Network Access - ICMP packet dropped no match - 205.161.24.196, 50831, X1 - 63.245.170.60, 8, X1 - ICMP Echo, Code: 0
06/17/2009 09:44:54.240 - Alert - Intrusion Prevention - IP spoof dropped - 205.161.24.196, 500, X1 - 63.245.170.60, 500, X1 - MAC address: 00:13:7f:39:60:1b
Successful connection attempt on X2:
06/17/2009 09:47:19.816 - Info - VPN IKE - IKE Responder: Received Aggressive Mode request (Phase 1) - 205.161.24.196, 500 - 205.161.24.197, 500 -
06/17/2009 09:47:19.848 - Info - VPN IKE - IKE Responder: Aggressive Mode complete (Phase 1) - 205.161.24.196, 50836 - 205.161.24.197, 4500 - VPN Policy: WAN GroupVPN;3DES; SHA1; DH Group 2; lifetime=28800 secs
06/17/2009 09:47:19.864 - Info - VPN IKE - Received IKE SA delete request - 205.161.24.196, 50836 - 205.161.24.197, 4500 - VPN Policy: WAN GroupVPN
