Windows 2000 IPSEC to Netgear box: IKE security associatio..

Archived from groups: microsoft.public.win2000.security (More info?)

I'm trying to setup a Windows 2000 RRAS server to talk with a Netgear
Prosafe VPN firewall over IPSEC. I have them at least talking, but
they can't seem to establish a connection. Here is what the Win2K
event logs say:

IKE security association negotiation failed.
Mode:
Data Protection Mode (Quick Mode)

Filter:
Source IP Address 192.168.0.33
Source IP Address Mask 0.0.0.0
Destination IP Address 0.0.0.0
Destination IP Address Mask 255.255.255.255
Protocol 0
Source Port 0
Destination Port 0
IKE Local Addr 192.168.0.33
IKE Peer Addr 10.69.69.12
IKE Source Port 500
IKE Destination Port 500
Peer Private Addr

Peer Identity:
Preshared key ID.
Peer IP Address: 10.69.69.12

Failure Point:
Me

Failure Reason:
Unsupported ID

Extra Status:
Processed third (ID) payload
Responder. Delta Time 0
0x0 0x0


Can anyone please explain what is going on? cc to me by Email is much
appreciated.

Thank you
3 answers Last reply
More about windows 2000 ipsec netgear security associatio
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    Hi Barry,

    What are you using for authentication? Share secret, certificate, ... ?

    What about other parameters? Are they same on both ends?

    Mike

    "Barry" <barry@webmailcenter.com> wrote in message
    news:27f6e08d.0408162121.2b42f556@posting.google.com...
    > I'm trying to setup a Windows 2000 RRAS server to talk with a Netgear
    > Prosafe VPN firewall over IPSEC. I have them at least talking, but
    > they can't seem to establish a connection. Here is what the Win2K
    > event logs say:
    >
    > IKE security association negotiation failed.
    > Mode:
    > Data Protection Mode (Quick Mode)
    >
    > Filter:
    > Source IP Address 192.168.0.33
    > Source IP Address Mask 0.0.0.0
    > Destination IP Address 0.0.0.0
    > Destination IP Address Mask 255.255.255.255
    > Protocol 0
    > Source Port 0
    > Destination Port 0
    > IKE Local Addr 192.168.0.33
    > IKE Peer Addr 10.69.69.12
    > IKE Source Port 500
    > IKE Destination Port 500
    > Peer Private Addr
    >
    > Peer Identity:
    > Preshared key ID.
    > Peer IP Address: 10.69.69.12
    >
    > Failure Point:
    > Me
    >
    > Failure Reason:
    > Unsupported ID
    >
    > Extra Status:
    > Processed third (ID) payload
    > Responder. Delta Time 0
    > 0x0 0x0
    >
    >
    > Can anyone please explain what is going on? cc to me by Email is much
    > appreciated.
    >
    > Thank you
  2. Archived from groups: microsoft.public.win2000.security (More info?)

    There was documentation on the Netgear website at one time, but I can not find it
    right now. I did have a FVS318 working to a W2K rras server at one time. The link
    below is from Linksys but the policies are about the same if I can remember. Make
    sure you are using ipsec "tunnel" mode with preshared key on each end. --- Steve

    http://www.linksys.com/support/support.asp?spid=86


    "Barry" <barry@webmailcenter.com> wrote in message
    news:27f6e08d.0408162121.2b42f556@posting.google.com...
    > I'm trying to setup a Windows 2000 RRAS server to talk with a Netgear
    > Prosafe VPN firewall over IPSEC. I have them at least talking, but
    > they can't seem to establish a connection. Here is what the Win2K
    > event logs say:
    >
    > IKE security association negotiation failed.
    > Mode:
    > Data Protection Mode (Quick Mode)
    >
    > Filter:
    > Source IP Address 192.168.0.33
    > Source IP Address Mask 0.0.0.0
    > Destination IP Address 0.0.0.0
    > Destination IP Address Mask 255.255.255.255
    > Protocol 0
    > Source Port 0
    > Destination Port 0
    > IKE Local Addr 192.168.0.33
    > IKE Peer Addr 10.69.69.12
    > IKE Source Port 500
    > IKE Destination Port 500
    > Peer Private Addr
    >
    > Peer Identity:
    > Preshared key ID.
    > Peer IP Address: 10.69.69.12
    >
    > Failure Point:
    > Me
    >
    > Failure Reason:
    > Unsupported ID
    >
    > Extra Status:
    > Processed third (ID) payload
    > Responder. Delta Time 0
    > 0x0 0x0
    >
    >
    > Can anyone please explain what is going on? cc to me by Email is much
    > appreciated.
    >
    > Thank you
  3. Archived from groups: microsoft.public.win2000.security (More info?)

    My problem is that I was configuring the IPSEC filter for a subnet,
    but setting up the netgear as a range of IP's, even though they
    measured the same. I guess it's THAT picky.

    Thank you everyone who responded.

    Barry

    barry@webmailcenter.com (Barry) wrote in message news:<27f6e08d.0408162121.2b42f556@posting.google.com>...
    > I'm trying to setup a Windows 2000 RRAS server to talk with a Netgear
    > Prosafe VPN firewall over IPSEC. I have them at least talking, but
    > they can't seem to establish a connection. Here is what the Win2K
    > event logs say:
    >
    > IKE security association negotiation failed.
    > Mode:
    > Data Protection Mode (Quick Mode)
    >
    > Filter:
    > Source IP Address 192.168.0.33
    > Source IP Address Mask 0.0.0.0
    > Destination IP Address 0.0.0.0
    > Destination IP Address Mask 255.255.255.255
    > Protocol 0
    > Source Port 0
    > Destination Port 0
    > IKE Local Addr 192.168.0.33
    > IKE Peer Addr 10.69.69.12
    > IKE Source Port 500
    > IKE Destination Port 500
    > Peer Private Addr
    >
    > Peer Identity:
    > Preshared key ID.
    > Peer IP Address: 10.69.69.12
    >
    > Failure Point:
    > Me
    >
    > Failure Reason:
    > Unsupported ID
    >
    > Extra Status:
    > Processed third (ID) payload
    > Responder. Delta Time 0
    > 0x0 0x0
    >
    >
    > Can anyone please explain what is going on? cc to me by Email is much
    > appreciated.
    >
    > Thank you
Ask a new question

Read More

IP Address Security Windows 2000 Windows