News: This forum is now permanently frozen.
Pages: [1]
Topic: Help with Ipsec vpn tunnel  (Read 2106 times)
« on: January 07, 2009, 02:32:18 »
Magician_above *
Posts: 3

I am ready to pull my hair out on this one.

Monowall lastest release
Netgear FVS318 vpn router's

I have a monowall running at the main location. It has a static ip address

I have Netgear fvs318's at the remote locations. They also have static ip addresses.

Configuration as follows

- ipsec tunnel
- NM=main
- ea- 3des
- ha - sha1
- identifier - ip address
- dh key - 2
- pre-shared key

phase 2
prot- esp
ea-3des
ha-sha1
pfs-2

It passes phase 1 then fails phase 2 with the following error on the monowall.

Jan 7 01:27:12 racoon: ERROR: failed to get sainfo.
Jan 7 01:27:12 racoon: ERROR: failed to get sainfo.
Jan 7 01:27:12 racoon: ERROR: failed to pre-process packet.
Jan 7 01:27:28 racoon: INFO: respond new phase 2 negotiation: xx.xxx.xxx.194[500]<=>xx.xx.xx.84[500]


I have tried AH vs ESP .... No luck

I have verified subnets . etc even allowed fragmented ipsec packets with no luck

Any suggestions?
« Reply #1 on: January 07, 2009, 09:10:35 »
ChainSaw
Guest

I have a working IPSEC tunnel setup from a m0n0wall 1.3b15 to a FVL328 and the m0n0 config looks like this:

WAN
60
LAN subnet
192.168.77.0 /24
69.69.69.69
aggressive
My IP address
3DES
SHA1
2
172800
Pre-shared key
bla-bla-bla-key-bla-bla-bla
ESP
3DES
SHA1
2
86400

Hope that helps.

CS...
« Reply #2 on: March 24, 2009, 10:37:05 »
ToxicCrack *
Posts: 1

I have exactly the same problem with monowall 1.3b15..
I googled a LOT to solve the problem, but nothing worked..
did you found a solution?
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines