| VPN Connection using Linksys RV042 and NetGear FVS318 Good afternoon all, I am attempting to set up a VPN between our Main offic and a remote office in hopes of shareing documents between the 2. I am currently using Small Business Server 2003
remote connection to initate the connection but would like to make the connection bor perminate using hardware. I am using dyndns at both locations to locate and track the IP changes, I have a linksys RV042 (Firmware Version: 1.2.3) that I want at the main office and NetGear FVS318 V1, both are set for remote configuration and can be accessed remotly by either IP address or by FQDN.
Below are the configuration screens:
NetGear:
Connection Name Main Offfice
Local IPSec Identifier 0
Remote IPSec Identifier 0
Tunnel can be accessed from any local addressa subnet of local addressa range of local addressa single local address
Local LAN start IP Address ... 192.168.0.1
Local LAN finish IP Address ... greyed out
Local LAN IP Subnetmask ... greyed out
Tunnel can access a subnet of remote addressa range of remote addressa single remote addressthe remote WAN IP or FQDNall external addresses
Remote LAN start IP Address ... 192.168.10.0
Remote LAN finish IP Address ... Greyed out
Remote LAN IP Subnetmask ... 255.255.255.0
Remote WAN IP or FQDN Either or (Neither work)
Secure Association Main Mode Manual Keys Aggressive Mode
Perfect Forward Secrecy Enabled Disabled (used both ways )
Encryption Protocol DES3DESAES - 128AES - 192AES - 256
Key Group Diffie-Hellman Group1Diffie-Hellman Group2
PreShared Key (Key is same on both)
Key Life Seconds 28800
IKE Life Time Seconds 86400
NETBIOS Enable
Below is the Linksys:
Tunnel No. 1
Tunnel Name remote office
Interface WAN1 WAN2 (using WAN1)
Enable
--------------------------------------------------------------------------------
Local Group Setup Local Security Gateway Type IP Only IP + Domain Name(FQDN) Authentication IP + E-mail Addr.(USER FQDN) Authentication Dynamic IP + Domain Name(FQDN) Authentication Dynamic IP + E-mail Addr.(USER FQDN) Authentication (Tried FQDN and IP address)
IP address . . . xx.xx.xx.175
Local Security Group Type IP Subnet IP Range
IP address . . . 192.168.10.0
Subnet Mask . . . 255.255.000.000
--------------------------------------------------------------------------------
Remote Group Setup Remote Security Gateway Type IP Only IP + Domain Name(FQDN) Authentication IP + E-mail Addr.(USER FQDN) Authentication Dynamic IP + Domain Name(FQDN) Authentication Dynamic IP + E-mail Addr.(USER FQDN) Authentication
IP address . . . XXX.XXX.XXX.190
Remote Security Group Type IP Subnet IP Range
IP address . . . 192.168.0.0
Subnet Mask . . . 255.255.255.0
--------------------------------------------------------------------------------
IPSec Setup Keying Mode Manual IKE with Preshared key
Phase1 DH Group Group1 Group2 Group5
Phase1 Encryption DES 3DES
Phase1 Authentication MD5 SHA1
Phase1 SA Life Time seconds
Perfect Forward Secrecy
Phase2 DH Group Group1 Group2 Group5
Phase2 Encryption NULL DES 3DES
Phase2 Authentication NULL MD5 SHA1
Phase2 SA Life Time seconds
Preshared Key (same as other machine)
I have had no luck and am not sure if I have a hardware issue or a settings issue.
Thank you for reading and any responce you might make. |
|
jimbopalmerTsar of all the Rushers
join:2008-06-02
Greenwood, MS
kudos:2 Reviews:
 ·Windjammer Cable
| »www.cisco.com/cisco/software/rel···e=latest
is the latest Cisco firmware for your RV042, I am not familiar with Netgear firmware.
You have left in multiple choice options you did not choose, so reading your configs is challenging.
I think you have different subnet masks for 192.168.10.x at each end.
--
I tried to remain child-like, all I achieved was childish. |
|
|
|
| The cisco has Firmware 1.2.3 installed. Upgraded to 1.3.13.02
There are additional firmware updates but it appears they have to have V3 Hard ware.
Lynksys multiply choice settings
Keying Mode Manual IKE with Preshared key
Phase1 DH Group Group1
Phase1 Encryption 3DES
Phase1 Authentication MD5
Phase1 SA Life Time seconds 28800
Perfect Forward Secrecy Yes
Phase2 DH Group Group1
Phase2 Encryption 3DES
Phase2 Authentication MD5
Phase2 SA Life Time seconds - 3600
Preshared Key
NetGear Multiple Choice Settings
Secure Association Main Mode
Perfect Forward Secrecy Enabled
Encryption Protocol DES3
PreShared Key YES
Key Life Seconds 28800
IKE Life Time Seconds 86400
NETBIOS Enable
Thank you for the responce |
|
jimbopalmerTsar of all the Rushers
join:2008-06-02
Greenwood, MS
kudos:2 Reviews:
·Windjammer Cable
| said by dsweet3331:There are additional firmware updates but it appears they have to have V3 Hard ware.
Lynksys multiply choice settings
Your Linksys settings sure look good, I confess I have not used a Netgear to do a VPN, only Linksys and Netopia.
The version 3 hardware is quite different, so we can expect a slow death of new updates for our older RV0** gear. If IPv6 ever becomes common I suspect we will have to replace them.
--
I tried to remain child-like, all I achieved was childish. |
|
jimbopalmerTsar of all the Rushers
join:2008-06-02
Greenwood, MS
kudos:2 Reviews:
·Windjammer Cable
| One example of my setup, the router I am attached to does not allow Group 1 so it is slightly beefed up. |
|
| reply to jimbopalmer
 Thank you for your quick response, It appears after the Linksys was updated the NetGear Logs show it is connecting to the Linksys, however the linksys still shows "waiting for connection" since this is the first hardware VPN I have done I am not sure what to expect. Will keep plugging along and see what I fined. I will post if anything different shows up. Again thank you. |
|
