I am ready to pull my hair out on this one.
Monowall lastest release Netgear FVS318 vpn router's
I have a monowall running at the main location. It has a static ip address
I have Netgear fvs318's at the remote locations. They also have static ip addresses.
Configuration as follows
- ipsec tunnel - NM=main - ea- 3des - ha - sha1 - identifier - ip address - dh key - 2 - pre-shared key
phase 2 prot- esp ea-3des ha-sha1 pfs-2
It passes phase 1 then fails phase 2 with the following error on the monowall.
Jan 7 01:27:12 racoon: ERROR: failed to get sainfo. Jan 7 01:27:12 racoon: ERROR: failed to get sainfo. Jan 7 01:27:12 racoon: ERROR: failed to pre-process packet. Jan 7 01:27:28 racoon: INFO: respond new phase 2 negotiation: xx.xxx.xxx.194[500]<=>xx.xx.xx.84[500]
I have tried AH vs ESP .... No luck
I have verified subnets . etc even allowed fragmented ipsec packets with no luck
Any suggestions?
|