Home | Troubleshooting |  Quick Setup  |  Cisco How to  |  Wireless  |  Forums   | Site Map | Services  | About Us | Chicagotech MVP  | Search  | Contact Us  |              

 

 

Case Study - Setup a VPN between Netgear FVS318 and Windows 2000

Situation: when testing and trying to setup a VPN between Netgear FVS318 and Windows 2000 using Microsoft IPSec, we can establish the connection (Figure ), but the ping remote IP receive “Negotiating IP security” and ipsecmon displays “sent” only and no “Received” (Figure). The below are the VPN log.

Tues, 06/28/2005 16:42:17 - FVS318 IKE:[BobOffice_tmp36] RX << QM_I2 : 64.xxx.xxx.xxx
Tues, 06/28/2005 16:42:17 - FVS318 IPsec: ESP(DES-CBC MD5)
Tues, 06/28/2005 16:42:17 - FVS318 IKE:[BobOffice_tmp36] established with 64.xxx.xxx.xxx successfully
Tues, 06/28/2005 16:42:17 - FVS318 IPsec:inserting event EVENT_SA_EXPIRE, timeout in 3780 seconds for #3
Tues, 06/28/2005 16:42:17 - FVS318 IPsec:STATE_QUICK_R2: IPsec SA established

Troubleshooting: 1. Make sure the UDP port 500 is open.

2. Phase 1 and 2 are established.

3. The PreShared Keys match each other.

4. The VPN client can reach the VPN server but not return back.

Resolution: Based on the following pages, we open IP Protocol 50 and 51 on the Firewall. It works.

IPCec
The ports need to open for IPSec Time out when using ping command Troubleshooting
IPSec. IPSec for Windows. Internet Protocol Security (IPSec) is supported ...
www.chicagotech.net/ipsec.htm

Ports
Resolution: Run netstat -a command that will shows all active ports. ... VPN:
uses TCP Port 1723, IP Protocol 47 (GRE); L2TP: UDP Port 1701; IPSec: UDP 500, ...
www.chicagotech.net/ports.htm

Post your questions, comments, feedbacks and suggestions

Contact a consultant

Related Topics

How to setup Netgear Router/Firewall VPN


 

 


 

 

Hit Counter   This web is provided "AS IS" with no warranties.
Copyright © 2002-2015 ChicagoTech.net, All rights reserved. Unauthorized reproduction forbidden.