I am having problems connecting to the NetGear FSV318v3.
NetGear FSV318v3 firmware 0_28 (latest) Shrew client versions 2.1.7 and 2.2.0 beta 1 Client OS Windows 7 Home Premium 64 bit (I've also tried Ubuntu and Mac clients, same issue) NetGear LAN 192.168.8.0/24NetGear WAN connected directly to internet at xxx.xxx.xxx.xxx (obscured for now)
Windows client LAN 192.168.3.0/24 client has a DCHP address of 192.168.3.139The Shrew FAQ's deal with the 338 not the 318 which has a different interface for users. I am not using the XAuth feature at this time, just Mutual PSK.
In Policy tab, Policy Generation Level is auto, 192.168.8.0 / 255.255.255.0 has been added to topology. Maintain Persistent Security Associations is check (but also tried unchecked).
When connecting, the tunnel is enabled but security associations fail 10-20 seconds later.
iked.log contains the following lines when it fails. ii : fragmented packet to 1514 bytes ( MTU 1500 bytes ) ii : fragmented packet to 70 bytes ( MTU 1500 bytes )-> : resend 1 phase2 packet(s) [2/2] 192.168.3.139:500 -> xxx.xxx.xxx.xxx:500
ii : resend limit exceeded for phase2 exchangeDifferent Phase 1 settings will cause it to fail sooner so I think these and Authentication settings are OK. Phase 2 settings seem to have no effect (but I think they are configured properly) and it appears that the 318 is not responding to phase2 requests (or they are being blocked somewhere).
Is is a packet fragmentation issue? Firewall issue?I saw on some blog that the 338 may need WAN ping enabled, this is currently off.
Any suggestions? Thanks in advance.
<<attachment: rfling.vcf>>
_______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
