|
|
|
|
| Author |
|
|
Back in the saddle again
Join Date: Oct 2001
Location: Central TX west of Houston
Posts: 57,130
|
Yeah, I've never seen a setup without xauth configured.
__________________
Steve '08 Boxster RS60 Spyder #0099/1960 - never named a car before, but this is Charlotte. '88 targa  SOLD 2004 - gone but not forgotten
|
||
06-25-2013, 08:43 PM
|
|
|
It'll be legen-waitforit
Join Date: Jan 2002
Location: Calgary, Canada
Posts: 7,060
|
You could but use the mode config on your Netgear and name each device with their ID
__________________
Bob James 06 Cayman S - Money Penny 18 Macan GTS Gone: 79 911SC, 83 944, 05 Cayenne Turbo, 10 Panamera Turbo |
||
|
06-25-2013, 08:45 PM
|
|
|
canna change law physics
|
Added XAUTH on both sides with username and password. On gateway, I selected the "IPsec Host" under XAUTH configuration.
No error on the Client. Disconnected after a couple of minutes. Gateway log Config Removed
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 Last edited by red-beard; 06-27-2013 at 01:25 PM.. |
||
|
06-25-2013, 08:47 PM
|
|
|
canna change law physics
|
Client side log
Config Removed
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 Last edited by red-beard; 06-27-2013 at 01:25 PM.. |
||
|
06-25-2013, 08:53 PM
|
|
|
It'll be legen-waitforit
Join Date: Jan 2002
Location: Calgary, Canada
Posts: 7,060
|
There should be phase 2 (IPSEC) messages after phase 1 comes up, can you disable xauth and use mode?
__________________
Bob James 06 Cayman S - Money Penny 18 Macan GTS Gone: 79 911SC, 83 944, 05 Cayenne Turbo, 10 Panamera Turbo |
||
|
06-25-2013, 08:54 PM
|
|
|
Back in the saddle again
Join Date: Oct 2001
Location: Central TX west of Houston
Posts: 57,130
|
Correct, looks like you are good on phase 1, but then phase 2 never sets up.
__________________
Steve '08 Boxster RS60 Spyder #0099/1960 - never named a car before, but this is Charlotte. '88 targa SOLD 2004 - gone but not forgotten
|
||
|
06-25-2013, 08:58 PM
|
|
|
|
canna change law physics
|
OK, here is how things are setup now on each device
Gateway Config Removed
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 Last edited by red-beard; 06-27-2013 at 01:26 PM.. |
||
|
06-25-2013, 09:23 PM
|
|
|
canna change law physics
|
Setup a mode config record. now I'm getting this on the Gateway side
Config Removed
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 Last edited by red-beard; 06-27-2013 at 01:26 PM.. |
||
|
06-25-2013, 09:35 PM
|
|
|
canna change law physics
|
Client side
Config Removed
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 Last edited by red-beard; 06-27-2013 at 01:26 PM.. |
||
|
06-25-2013, 09:36 PM
|
|
|
canna change law physics
|
Turning in for the night
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 |
||
|
06-25-2013, 09:40 PM
|
|
|
It'll be legen-waitforit
Join Date: Jan 2002
Location: Calgary, Canada
Posts: 7,060
|
Turnoff XAuth on the client and try again.
__________________
Bob James 06 Cayman S - Money Penny 18 Macan GTS Gone: 79 911SC, 83 944, 05 Cayenne Turbo, 10 Panamera Turbo |
||
|
06-25-2013, 09:41 PM
|
|
|
canna change law physics
|
Switched Xauth off on both sides.
Now getting IKE error (Phase 2) Lost Contact to peer. I'll put up the logs in the morning
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 |
||
|
06-25-2013, 09:54 PM
|
|
|
|
canna change law physics
|
What the heck. Here is the Gateway side
Config Removed
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 Last edited by red-beard; 06-27-2013 at 01:26 PM.. |
||
|
06-25-2013, 09:55 PM
|
|
|
canna change law physics
|
Client Side
Config Removed
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 Last edited by red-beard; 06-27-2013 at 01:26 PM.. |
||
|
06-25-2013, 09:56 PM
|
|
|
canna change law physics
|
Tried again and the error message on the client is
VPN Error IKE (Phase 2) Waiting for Msg 2
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 |
||
|
06-25-2013, 10:00 PM
|
|
|
canna change law physics
|
Gateway side
Config Removed
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 Last edited by red-beard; 06-27-2013 at 01:27 PM.. |
||
|
06-25-2013, 10:01 PM
|
|
|
canna change law physics
|
Client Side
Config Removed
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 Last edited by red-beard; 06-27-2013 at 01:27 PM.. |
||
|
06-25-2013, 10:03 PM
|
|
|
canna change law physics
|
We're getting closer. On the gateway VPN status page, I now see the client showing up in the table!
Still getting this error on the client VPN Error IKE (Phase 2) Waiting for Msg 2 Here is the mode config: Config Removed
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 Last edited by red-beard; 06-27-2013 at 01:27 PM.. |
||
|
06-25-2013, 10:15 PM
|
|
|
canna change law physics
|
I see from the client I am not getting "gateway" filled in. This seems like it should be the local gateway,
__________________
James The pessimist complains about the wind; the optimist expects it to change; the engineer adjusts the sails.- William Arthur Ward (1921-1994) Red-beard for President, 2020 Last edited by red-beard; 06-27-2013 at 01:27 PM.. |
||
|
06-25-2013, 10:16 PM
|
|
|
Back in the saddle again
Join Date: Oct 2001
Location: Central TX west of Houston
Posts: 57,130
|
James, from the PDF for your firewall, "The IP Pool should not be within your local network IP addresses. Use a different range of private IP addresses such as 172.20.xx.xx."
http://www.downloads.netgear.com/files/FVS336Gv2_RM_14_April10v.pdf It could be that is part of the problem if you still haven't worked it out yet.
__________________
Steve '08 Boxster RS60 Spyder #0099/1960 - never named a car before, but this is Charlotte. '88 targa SOLD 2004 - gone but not forgotten
|
||
|
06-26-2013, 09:11 PM
|
|
1970/1982 Porsche 914-6/911SC 2.7 RS
