Archived from groups: comp.dcom.vpn (More info?)
I have set up a VPN using a Netgear FVM318 and the Netgear Prosafe VPN
client. When I use a dial up connection on the client I can access the
network via the VPN. In order to access anything on the network via computer
name or mapped drive I had to add an entry to the host file on the client
machine (matching an IP to a computer name). Not the ideal way to do it but
it works.
My real problem seems to be when the client is behind a NAT router. I can
establish a VPN connection; hower, I can not ping or access anything on the
network. I looked in the client logs and have this:
6-21: 07:29:59.668
6-21: 07:29:59.668 My Connections\FVS318 - Attempting to resolve Hostname
(seafarer.dnsalias.net)
6-21: 07:29:59.698 My Connections\FVS318 - Initiating IKE Phase 1
(Hostname=seafarer.dnsalias.net) (IP ADDR=68.52.170.145)
6-21: 07:30:00.720 My Connections\FVS318 - SENDING>>>> ISAKMP OAK AG (SA,
KE, NON, ID, VID 5x)
6-21: 07:30:03.724 My Connections\FVS318 - RECEIVED<<< ISAKMP OAK AG (SA,
KE, NON, ID, HASH)
6-21: 07:30:05.146 My Connections\FVS318 - SENDING>>>> ISAKMP OAK AG
*(HASH, NOTIFY:STATUS_INITIAL_CONTACT)
6-21: 07:30:05.146 My Connections\FVS318 - Established IKE SA
6-21: 07:30:05.146 MY COOKIE e8 af 92 9c 3c 18 fa d9
6-21: 07:30:05.146 HIS COOKIE 4d fa a7 5e 53 3a be 4f
6-21: 07:30:06.808 My Connections\FVS318 - Initiating IKE Phase 2 with
Client IDs (message id: 557690FC)
6-21: 07:30:06.808 Initiator = IP ADDR=192.168.1.7, prot = 0 port = 0
6-21: 07:30:06.808 Responder = IP SUBNET/MASK=192.168.0.0/255.255.255.0,
prot = 0 port = 0
6-21: 07:30:06.808 My Connections\FVS318 - SENDING>>>> ISAKMP OAK QM
*(HASH, SA, NON, KE, ID 2x)
6-21: 07:30:09.883 My Connections\FVS318 - RECEIVED<<< ISAKMP OAK QM
*(HASH, SA, NON, KE, ID 2x)
6-21: 07:30:09.883 My Connections\FVS318 - Filter entry 4: SECURE
192.168.001.007&255.255.255.255 192.168.000.000&255.255.255.000
DNS.DNS.DNS.DNS added.
6-21: 07:30:09.883 My Connections\FVS318 - SENDING>>>> ISAKMP OAK QM
*(HASH)
6-21: 07:30:10.033 My Connections\FVS318 - Loading IPSec SA (Message ID =
557690FC OUTBOUND SPI = E3248B65 INBOUND SPI = 214CFDC0)
6-21: 07:30:10.033
6-21: 07:30:44.493 Inbound packet failed validation: 192.168.0.103 ->
66.15.92.28
6-21: 07:30:51.943 Inbound packet failed validation: 192.168.0.103 ->
66.15.92.28
I am a bit confused by the last two lines regarding the 'failed validation'.
They seem to come at random, the only IP I tried to ping before that message
was 192.168.0.1 (the router). Sometimes I will get a 'failed validation'
regarding another computer on my network; but again, it seems to be at
random. The subnet that the client is on is 192.168.1.0 and the VPN is on
192.168.0.0.
Any ideas are appreciated, thanks.
Todd
I have set up a VPN using a Netgear FVM318 and the Netgear Prosafe VPN
client. When I use a dial up connection on the client I can access the
network via the VPN. In order to access anything on the network via computer
name or mapped drive I had to add an entry to the host file on the client
machine (matching an IP to a computer name). Not the ideal way to do it but
it works.
My real problem seems to be when the client is behind a NAT router. I can
establish a VPN connection; hower, I can not ping or access anything on the
network. I looked in the client logs and have this:
6-21: 07:29:59.668
6-21: 07:29:59.668 My Connections\FVS318 - Attempting to resolve Hostname
(seafarer.dnsalias.net)
6-21: 07:29:59.698 My Connections\FVS318 - Initiating IKE Phase 1
(Hostname=seafarer.dnsalias.net) (IP ADDR=68.52.170.145)
6-21: 07:30:00.720 My Connections\FVS318 - SENDING>>>> ISAKMP OAK AG (SA,
KE, NON, ID, VID 5x)
6-21: 07:30:03.724 My Connections\FVS318 - RECEIVED<<< ISAKMP OAK AG (SA,
KE, NON, ID, HASH)
6-21: 07:30:05.146 My Connections\FVS318 - SENDING>>>> ISAKMP OAK AG
*(HASH, NOTIFY:STATUS_INITIAL_CONTACT)
6-21: 07:30:05.146 My Connections\FVS318 - Established IKE SA
6-21: 07:30:05.146 MY COOKIE e8 af 92 9c 3c 18 fa d9
6-21: 07:30:05.146 HIS COOKIE 4d fa a7 5e 53 3a be 4f
6-21: 07:30:06.808 My Connections\FVS318 - Initiating IKE Phase 2 with
Client IDs (message id: 557690FC)
6-21: 07:30:06.808 Initiator = IP ADDR=192.168.1.7, prot = 0 port = 0
6-21: 07:30:06.808 Responder = IP SUBNET/MASK=192.168.0.0/255.255.255.0,
prot = 0 port = 0
6-21: 07:30:06.808 My Connections\FVS318 - SENDING>>>> ISAKMP OAK QM
*(HASH, SA, NON, KE, ID 2x)
6-21: 07:30:09.883 My Connections\FVS318 - RECEIVED<<< ISAKMP OAK QM
*(HASH, SA, NON, KE, ID 2x)
6-21: 07:30:09.883 My Connections\FVS318 - Filter entry 4: SECURE
192.168.001.007&255.255.255.255 192.168.000.000&255.255.255.000
DNS.DNS.DNS.DNS added.
6-21: 07:30:09.883 My Connections\FVS318 - SENDING>>>> ISAKMP OAK QM
*(HASH)
6-21: 07:30:10.033 My Connections\FVS318 - Loading IPSec SA (Message ID =
557690FC OUTBOUND SPI = E3248B65 INBOUND SPI = 214CFDC0)
6-21: 07:30:10.033
6-21: 07:30:44.493 Inbound packet failed validation: 192.168.0.103 ->
66.15.92.28
6-21: 07:30:51.943 Inbound packet failed validation: 192.168.0.103 ->
66.15.92.28
I am a bit confused by the last two lines regarding the 'failed validation'.
They seem to come at random, the only IP I tried to ping before that message
was 192.168.0.1 (the router). Sometimes I will get a 'failed validation'
regarding another computer on my network; but again, it seems to be at
random. The subnet that the client is on is 192.168.1.0 and the VPN is on
192.168.0.0.
Any ideas are appreciated, thanks.
Todd
Facebook
Twitter
Instagram