Archived from groups: comp.dcom.vpn (More info?)
I have set up a VPN using a Netgear FVM318 and the Netgear Prosafe VPN
client. When I use a dial up connection on the client I can access the
network via the VPN. In order to access anything on the network via computer
name or mapped drive I had to add an entry to the host file on the client
machine (matching an IP to a computer name). Not the ideal way to do it but
it works.
My real problem seems to be when the client is behind a NAT router. I can
establish a VPN connection; hower, I can not ping or access anything on the
network. I looked in the client logs and have this:
6-21: 07:29:59.668
6-21: 07:29:59.668 My Connections\FVS318 - Attempting to resolve Hostname
(seafarer.dnsalias.net)
6-21: 07:29:59.698 My Connections\FVS318 - Initiating IKE Phase 1
(Hostname=seafarer.dnsalias.net) (IP ADDR=68.52.170.145)
6-21: 07:30:00.720 My Connections\FVS318 - SENDING>>>> ISAKMP OAK AG (SA,
KE, NON, ID, VID 5x)
6-21: 07:30:03.724 My Connections\FVS318 - RECEIVED<<< ISAKMP OAK AG (SA,
KE, NON, ID, HASH)
6-21: 07:30:05.146 My Connections\FVS318 - SENDING>>>> ISAKMP OAK AG
*(HASH, NOTIFY:STATUS_INITIAL_CONTACT)
6-21: 07:30:05.146 My Connections\FVS318 - Established IKE SA
6-21: 07:30:05.146 MY COOKIE e8 af 92 9c 3c 18 fa d9
6-21: 07:30:05.146 HIS COOKIE 4d fa a7 5e 53 3a be 4f
6-21: 07:30:06.808 My Connections\FVS318 - Initiating IKE Phase 2 with
Client IDs (message id: 557690FC)
6-21: 07:30:06.808 Initiator = IP ADDR=192.168.1.7, prot = 0 port = 0
6-21: 07:30:06.808 Responder = IP SUBNET/MASK=192.168.0.0/255.255.255.0,
prot = 0 port = 0
6-21: 07:30:06.808 My Connections\FVS318 - SENDING>>>> ISAKMP OAK QM
*(HASH, SA, NON, KE, ID 2x)
6-21: 07:30:09.883 My Connections\FVS318 - RECEIVED<<< ISAKMP OAK QM
*(HASH, SA, NON, KE, ID 2x)
6-21: 07:30:09.883 My Connections\FVS318 - Filter entry 4: SECURE
192.168.001.007&255.255.255.255 192.168.000.000&255.255.255.000
DNS.DNS.DNS.DNS added.
6-21: 07:30:09.883 My Connections\FVS318 - SENDING>>>> ISAKMP OAK QM
*(HASH)
6-21: 07:30:10.033 My Connections\FVS318 - Loading IPSec SA (Message ID =
557690FC OUTBOUND SPI = E3248B65 INBOUND SPI = 214CFDC0)
6-21: 07:30:10.033
6-21: 07:30:44.493 Inbound packet failed validation: 192.168.0.103 ->
66.15.92.28
6-21: 07:30:51.943 Inbound packet failed validation: 192.168.0.103 ->
66.15.92.28
I am a bit confused by the last two lines regarding the 'failed validation'.
They seem to come at random, the only IP I tried to ping before that message
was 192.168.0.1 (the router). Sometimes I will get a 'failed validation'
regarding another computer on my network; but again, it seems to be at
random. The subnet that the client is on is 192.168.1.0 and the VPN is on
192.168.0.0.
Any ideas are appreciated, thanks.
Todd
I have set up a VPN using a Netgear FVM318 and the Netgear Prosafe VPN
client. When I use a dial up connection on the client I can access the
network via the VPN. In order to access anything on the network via computer
name or mapped drive I had to add an entry to the host file on the client
machine (matching an IP to a computer name). Not the ideal way to do it but
it works.
My real problem seems to be when the client is behind a NAT router. I can
establish a VPN connection; hower, I can not ping or access anything on the
network. I looked in the client logs and have this:
6-21: 07:29:59.668
6-21: 07:29:59.668 My Connections\FVS318 - Attempting to resolve Hostname
(seafarer.dnsalias.net)
6-21: 07:29:59.698 My Connections\FVS318 - Initiating IKE Phase 1
(Hostname=seafarer.dnsalias.net) (IP ADDR=68.52.170.145)
6-21: 07:30:00.720 My Connections\FVS318 - SENDING>>>> ISAKMP OAK AG (SA,
KE, NON, ID, VID 5x)
6-21: 07:30:03.724 My Connections\FVS318 - RECEIVED<<< ISAKMP OAK AG (SA,
KE, NON, ID, HASH)
6-21: 07:30:05.146 My Connections\FVS318 - SENDING>>>> ISAKMP OAK AG
*(HASH, NOTIFY:STATUS_INITIAL_CONTACT)
6-21: 07:30:05.146 My Connections\FVS318 - Established IKE SA
6-21: 07:30:05.146 MY COOKIE e8 af 92 9c 3c 18 fa d9
6-21: 07:30:05.146 HIS COOKIE 4d fa a7 5e 53 3a be 4f
6-21: 07:30:06.808 My Connections\FVS318 - Initiating IKE Phase 2 with
Client IDs (message id: 557690FC)
6-21: 07:30:06.808 Initiator = IP ADDR=192.168.1.7, prot = 0 port = 0
6-21: 07:30:06.808 Responder = IP SUBNET/MASK=192.168.0.0/255.255.255.0,
prot = 0 port = 0
6-21: 07:30:06.808 My Connections\FVS318 - SENDING>>>> ISAKMP OAK QM
*(HASH, SA, NON, KE, ID 2x)
6-21: 07:30:09.883 My Connections\FVS318 - RECEIVED<<< ISAKMP OAK QM
*(HASH, SA, NON, KE, ID 2x)
6-21: 07:30:09.883 My Connections\FVS318 - Filter entry 4: SECURE
192.168.001.007&255.255.255.255 192.168.000.000&255.255.255.000
DNS.DNS.DNS.DNS added.
6-21: 07:30:09.883 My Connections\FVS318 - SENDING>>>> ISAKMP OAK QM
*(HASH)
6-21: 07:30:10.033 My Connections\FVS318 - Loading IPSec SA (Message ID =
557690FC OUTBOUND SPI = E3248B65 INBOUND SPI = 214CFDC0)
6-21: 07:30:10.033
6-21: 07:30:44.493 Inbound packet failed validation: 192.168.0.103 ->
66.15.92.28
6-21: 07:30:51.943 Inbound packet failed validation: 192.168.0.103 ->
66.15.92.28
I am a bit confused by the last two lines regarding the 'failed validation'.
They seem to come at random, the only IP I tried to ping before that message
was 192.168.0.1 (the router). Sometimes I will get a 'failed validation'
regarding another computer on my network; but again, it seems to be at
random. The subnet that the client is on is 192.168.1.0 and the VPN is on
192.168.0.0.
Any ideas are appreciated, thanks.
Todd