[Vpn-help] Help configuring Netgear FVX538 router
Mike Crowe
drmikecrowe at gmail.com
Wed Dec 9 15:33:44 CST 2009
Hi folks,
I'm following the instructions at
http://www.shrew.net/support/wiki/HowtoNetgear, and I can't seem to get the
shrew client to connect. When I try an initiate a connection, I repeatedly
see:
09/12/09 16:14:45 -> : send IKE packet 192.168.1.15:500 ->
XX.XXX.XXX.198:500 ( 1177 bytes )
09/12/09 16:14:45 DB : phase1 resend event scheduled ( ref count = 2 )
09/12/09 16:14:50 -> : resend 1 phase1 packet(s) 192.168.1.15:500 ->
XX.XXX.XXX.198:500
(full log below). If I look at this, it almost appears that the Netgear
isn't listening on port 500. Could that be possible?
Based on this setup, two questions:
1) I don't have to set up a VPN policy, right?
2) I don't have to adjust any port forwarding or other rules, right? I
don't have any port 500 rules in place now.
09/12/09 16:10:31 ## : IKE Daemon, ver 2.1.5
09/12/09 16:10:31 ## : Copyright 2009 Shrew Soft Inc.
09/12/09 16:10:31 ## : This product linked OpenSSL 0.9.8h 28 May 2008
09/12/09 16:10:31 ii : opened 'C:\Program Files\ShrewSoft\VPN
Client\debug\iked.log'
09/12/09 16:10:31 ii : rebuilding vnet device list ...
09/12/09 16:10:31 ii : device ROOT\VNET\0000 disabled
09/12/09 16:10:31 ii : network process thread begin ...
09/12/09 16:10:31 ii : ipc server process thread begin ...
09/12/09 16:10:31 ii : pfkey process thread begin ...
09/12/09 16:10:33 ii : ipc client process thread begin ...
09/12/09 16:10:33 <A : peer config add message
09/12/09 16:10:33 DB : peer added ( obj count = 1 )
09/12/09 16:10:33 ii : local address 192.168.1.15 selected for peer
09/12/09 16:10:33 DB : tunnel added ( obj count = 1 )
09/12/09 16:10:33 <A : proposal config message
09/12/09 16:10:33 <A : proposal config message
09/12/09 16:10:33 <A : client config message
09/12/09 16:10:33 <A : xauth username message
09/12/09 16:10:33 <A : xauth password message
09/12/09 16:10:33 <A : local id 'vpn.zipitwireless.com' message
09/12/09 16:10:33 <A : preshared key message
09/12/09 16:10:33 <A : remote resource message
09/12/09 16:10:33 <A : peer tunnel enable message
09/12/09 16:10:33 DB : new phase1 ( ISAKMP initiator )
09/12/09 16:10:33 DB : exchange type is aggressive
09/12/09 16:10:33 DB : 192.168.1.15:500 <-> 74.223.161.198:500
09/12/09 16:10:33 DB : 779787518ff0cc3a:0000000000000000
09/12/09 16:10:33 DB : phase1 added ( obj count = 1 )
09/12/09 16:10:33 >> : security association payload
09/12/09 16:10:33 >> : - proposal #1 payload
09/12/09 16:10:33 >> : -- transform #1 payload
09/12/09 16:10:33 >> : -- transform #2 payload
09/12/09 16:10:33 >> : -- transform #3 payload
09/12/09 16:10:33 >> : -- transform #4 payload
09/12/09 16:10:33 >> : -- transform #5 payload
09/12/09 16:10:33 >> : -- transform #6 payload
09/12/09 16:10:33 >> : -- transform #7 payload
09/12/09 16:10:33 >> : -- transform #8 payload
09/12/09 16:10:33 >> : -- transform #9 payload
09/12/09 16:10:33 >> : -- transform #10 payload
09/12/09 16:10:33 >> : -- transform #11 payload
09/12/09 16:10:33 >> : -- transform #12 payload
09/12/09 16:10:33 >> : -- transform #13 payload
09/12/09 16:10:33 >> : -- transform #14 payload
09/12/09 16:10:33 >> : -- transform #15 payload
09/12/09 16:10:33 >> : -- transform #16 payload
09/12/09 16:10:33 >> : -- transform #17 payload
09/12/09 16:10:33 >> : -- transform #18 payload
09/12/09 16:10:33 >> : key exchange payload
09/12/09 16:10:33 >> : nonce payload
09/12/09 16:10:33 >> : identification payload
09/12/09 16:10:33 >> : vendor id payload
09/12/09 16:10:33 ii : local supports XAUTH
09/12/09 16:10:33 >> : vendor id payload
09/12/09 16:10:33 ii : local supports nat-t ( draft v00 )
09/12/09 16:10:33 >> : vendor id payload
09/12/09 16:10:33 ii : local supports nat-t ( draft v01 )
09/12/09 16:10:33 >> : vendor id payload
09/12/09 16:10:33 ii : local supports nat-t ( draft v02 )
09/12/09 16:10:33 >> : vendor id payload
09/12/09 16:10:33 ii : local supports nat-t ( draft v03 )
09/12/09 16:10:33 >> : vendor id payload
09/12/09 16:10:33 ii : local supports nat-t ( rfc )
09/12/09 16:10:33 >> : vendor id payload
09/12/09 16:10:33 ii : local supports FRAGMENTATION
09/12/09 16:10:33 >> : vendor id payload
09/12/09 16:10:33 ii : local is SHREW SOFT compatible
09/12/09 16:10:33 >> : vendor id payload
09/12/09 16:10:33 ii : local is NETSCREEN compatible
09/12/09 16:10:33 >> : vendor id payload
09/12/09 16:10:33 ii : local is SIDEWINDER compatible
09/12/09 16:10:33 >> : vendor id payload
09/12/09 16:10:33 ii : local is CISCO UNITY compatible
09/12/09 16:10:33 >= : cookies 779787518ff0cc3a:0000000000000000
09/12/09 16:10:33 >= : message 00000000
09/12/09 16:10:33 -> : send IKE packet 192.168.1.15:500 ->
74.223.161.198:500 ( 1177 bytes )
09/12/09 16:10:33 DB : phase1 resend event scheduled ( ref count = 2 )
09/12/09 16:10:38 -> : resend 1 phase1 packet(s) 192.168.1.15:500 ->
74.223.161.198:500
09/12/09 16:10:43 -> : resend 1 phase1 packet(s) 192.168.1.15:500 ->
74.223.161.198:500
09/12/09 16:10:48 -> : resend 1 phase1 packet(s) 192.168.1.15:500 ->
74.223.161.198:500
09/12/09 16:10:53 ii : resend limit exceeded for phase1 exchange
09/12/09 16:10:53 ii : phase1 removal before expire time
09/12/09 16:10:53 DB : phase1 deleted ( obj count = 0 )
09/12/09 16:10:53 DB : policy not found
09/12/09 16:10:53 DB : policy not found
09/12/09 16:10:53 DB : tunnel stats event canceled ( ref count = 1 )
09/12/09 16:10:53 DB : removing tunnel config references
09/12/09 16:10:53 DB : removing tunnel phase2 references
09/12/09 16:10:53 DB : removing tunnel phase1 references
09/12/09 16:10:53 DB : tunnel deleted ( obj count = 0 )
09/12/09 16:10:53 DB : removing all peer tunnel refrences
09/12/09 16:10:53 DB : peer deleted ( obj count = 0 )
09/12/09 16:10:53 ii : ipc client process thread exit ...
09/12/09 16:13:03 ii : ipc client process thread begin ...
09/12/09 16:13:03 <A : peer config add message
09/12/09 16:13:03 DB : peer added ( obj count = 1 )
09/12/09 16:13:03 ii : local address 192.168.1.15 selected for peer
09/12/09 16:13:03 DB : tunnel added ( obj count = 1 )
09/12/09 16:13:03 <A : proposal config message
09/12/09 16:13:03 <A : proposal config message
09/12/09 16:13:03 <A : client config message
09/12/09 16:13:03 <A : xauth username message
09/12/09 16:13:03 <A : xauth password message
09/12/09 16:13:03 <A : local id 'vpn.zipitwireless.com' message
09/12/09 16:13:03 <A : preshared key message
09/12/09 16:13:03 <A : remote resource message
09/12/09 16:13:03 <A : peer tunnel enable message
09/12/09 16:13:03 DB : new phase1 ( ISAKMP initiator )
09/12/09 16:13:03 DB : exchange type is aggressive
09/12/09 16:13:03 DB : 192.168.1.15:500 <-> 74.223.161.198:500
09/12/09 16:13:03 DB : d83d366fe6644d88:0000000000000000
09/12/09 16:13:03 DB : phase1 added ( obj count = 1 )
09/12/09 16:13:03 >> : security association payload
09/12/09 16:13:03 >> : - proposal #1 payload
09/12/09 16:13:03 >> : -- transform #1 payload
09/12/09 16:13:03 >> : -- transform #2 payload
09/12/09 16:13:03 >> : -- transform #3 payload
09/12/09 16:13:03 >> : -- transform #4 payload
09/12/09 16:13:03 >> : -- transform #5 payload
09/12/09 16:13:03 >> : -- transform #6 payload
09/12/09 16:13:03 >> : -- transform #7 payload
09/12/09 16:13:03 >> : -- transform #8 payload
09/12/09 16:13:03 >> : -- transform #9 payload
09/12/09 16:13:03 >> : -- transform #10 payload
09/12/09 16:13:03 >> : -- transform #11 payload
09/12/09 16:13:03 >> : -- transform #12 payload
09/12/09 16:13:03 >> : -- transform #13 payload
09/12/09 16:13:03 >> : -- transform #14 payload
09/12/09 16:13:03 >> : -- transform #15 payload
09/12/09 16:13:03 >> : -- transform #16 payload
09/12/09 16:13:03 >> : -- transform #17 payload
09/12/09 16:13:03 >> : -- transform #18 payload
09/12/09 16:13:03 >> : key exchange payload
09/12/09 16:13:03 >> : nonce payload
09/12/09 16:13:03 >> : identification payload
09/12/09 16:13:03 >> : vendor id payload
09/12/09 16:13:03 ii : local supports XAUTH
09/12/09 16:13:03 >> : vendor id payload
09/12/09 16:13:03 ii : local supports nat-t ( draft v00 )
09/12/09 16:13:03 >> : vendor id payload
09/12/09 16:13:03 ii : local supports nat-t ( draft v01 )
09/12/09 16:13:03 >> : vendor id payload
09/12/09 16:13:03 ii : local supports nat-t ( draft v02 )
09/12/09 16:13:03 >> : vendor id payload
09/12/09 16:13:03 ii : local supports nat-t ( draft v03 )
09/12/09 16:13:03 >> : vendor id payload
09/12/09 16:13:03 ii : local supports nat-t ( rfc )
09/12/09 16:13:03 >> : vendor id payload
09/12/09 16:13:03 ii : local supports FRAGMENTATION
09/12/09 16:13:03 >> : vendor id payload
09/12/09 16:13:03 ii : local is SHREW SOFT compatible
09/12/09 16:13:03 >> : vendor id payload
09/12/09 16:13:03 ii : local is NETSCREEN compatible
09/12/09 16:13:03 >> : vendor id payload
09/12/09 16:13:03 ii : local is SIDEWINDER compatible
09/12/09 16:13:03 >> : vendor id payload
09/12/09 16:13:03 ii : local is CISCO UNITY compatible
09/12/09 16:13:03 >= : cookies d83d366fe6644d88:0000000000000000
09/12/09 16:13:03 >= : message 00000000
09/12/09 16:13:03 -> : send IKE packet 192.168.1.15:500 ->
74.223.161.198:500 ( 1177 bytes )
09/12/09 16:13:03 DB : phase1 resend event scheduled ( ref count = 2 )
09/12/09 16:13:08 -> : resend 1 phase1 packet(s) 192.168.1.15:500 ->
74.223.161.198:500
09/12/09 16:13:13 -> : resend 1 phase1 packet(s) 192.168.1.15:500 ->
74.223.161.198:500
09/12/09 16:13:18 -> : resend 1 phase1 packet(s) 192.168.1.15:500 ->
74.223.161.198:500
09/12/09 16:13:23 ii : resend limit exceeded for phase1 exchange
09/12/09 16:13:23 ii : phase1 removal before expire time
09/12/09 16:13:23 DB : phase1 deleted ( obj count = 0 )
09/12/09 16:13:23 DB : policy not found
09/12/09 16:13:23 DB : policy not found
09/12/09 16:13:23 DB : tunnel stats event canceled ( ref count = 1 )
09/12/09 16:13:23 DB : removing tunnel config references
09/12/09 16:13:23 DB : removing tunnel phase2 references
09/12/09 16:13:23 DB : removing tunnel phase1 references
09/12/09 16:13:23 DB : tunnel deleted ( obj count = 0 )
09/12/09 16:13:23 DB : removing all peer tunnel refrences
09/12/09 16:13:23 DB : peer deleted ( obj count = 0 )
09/12/09 16:13:23 ii : ipc client process thread exit ...
09/12/09 16:14:45 ii : ipc client process thread begin ...
09/12/09 16:14:45 <A : peer config add message
09/12/09 16:14:45 DB : peer added ( obj count = 1 )
09/12/09 16:14:45 ii : local address 192.168.1.15 selected for peer
09/12/09 16:14:45 DB : tunnel added ( obj count = 1 )
09/12/09 16:14:45 <A : proposal config message
09/12/09 16:14:45 <A : proposal config message
09/12/09 16:14:45 <A : client config message
09/12/09 16:14:45 <A : xauth username message
09/12/09 16:14:45 <A : xauth password message
09/12/09 16:14:45 <A : local id 'vpn.zipitwireless.com' message
09/12/09 16:14:45 <A : preshared key message
09/12/09 16:14:45 <A : remote resource message
09/12/09 16:14:45 <A : peer tunnel enable message
09/12/09 16:14:45 DB : new phase1 ( ISAKMP initiator )
09/12/09 16:14:45 DB : exchange type is aggressive
09/12/09 16:14:45 DB : 192.168.1.15:500 <-> 74.223.161.198:500
09/12/09 16:14:45 DB : 76b900f17cca669d:0000000000000000
09/12/09 16:14:45 DB : phase1 added ( obj count = 1 )
09/12/09 16:14:45 >> : security association payload
09/12/09 16:14:45 >> : - proposal #1 payload
09/12/09 16:14:45 >> : -- transform #1 payload
09/12/09 16:14:45 >> : -- transform #2 payload
09/12/09 16:14:45 >> : -- transform #3 payload
09/12/09 16:14:45 >> : -- transform #4 payload
09/12/09 16:14:45 >> : -- transform #5 payload
09/12/09 16:14:45 >> : -- transform #6 payload
09/12/09 16:14:45 >> : -- transform #7 payload
09/12/09 16:14:45 >> : -- transform #8 payload
09/12/09 16:14:45 >> : -- transform #9 payload
09/12/09 16:14:45 >> : -- transform #10 payload
09/12/09 16:14:45 >> : -- transform #11 payload
09/12/09 16:14:45 >> : -- transform #12 payload
09/12/09 16:14:45 >> : -- transform #13 payload
09/12/09 16:14:45 >> : -- transform #14 payload
09/12/09 16:14:45 >> : -- transform #15 payload
09/12/09 16:14:45 >> : -- transform #16 payload
09/12/09 16:14:45 >> : -- transform #17 payload
09/12/09 16:14:45 >> : -- transform #18 payload
09/12/09 16:14:45 >> : key exchange payload
09/12/09 16:14:45 >> : nonce payload
09/12/09 16:14:45 >> : identification payload
09/12/09 16:14:45 >> : vendor id payload
09/12/09 16:14:45 ii : local supports XAUTH
09/12/09 16:14:45 >> : vendor id payload
09/12/09 16:14:45 ii : local supports nat-t ( draft v00 )
09/12/09 16:14:45 >> : vendor id payload
09/12/09 16:14:45 ii : local supports nat-t ( draft v01 )
09/12/09 16:14:45 >> : vendor id payload
09/12/09 16:14:45 ii : local supports nat-t ( draft v02 )
09/12/09 16:14:45 >> : vendor id payload
09/12/09 16:14:45 ii : local supports nat-t ( draft v03 )
09/12/09 16:14:45 >> : vendor id payload
09/12/09 16:14:45 ii : local supports nat-t ( rfc )
09/12/09 16:14:45 >> : vendor id payload
09/12/09 16:14:45 ii : local supports FRAGMENTATION
09/12/09 16:14:45 >> : vendor id payload
09/12/09 16:14:45 ii : local is SHREW SOFT compatible
09/12/09 16:14:45 >> : vendor id payload
09/12/09 16:14:45 ii : local is NETSCREEN compatible
09/12/09 16:14:45 >> : vendor id payload
09/12/09 16:14:45 ii : local is SIDEWINDER compatible
09/12/09 16:14:45 >> : vendor id payload
09/12/09 16:14:45 ii : local is CISCO UNITY compatible
09/12/09 16:14:45 >= : cookies 76b900f17cca669d:0000000000000000
09/12/09 16:14:45 >= : message 00000000
09/12/09 16:14:45 -> : send IKE packet 192.168.1.15:500 ->
74.223.161.198:500 ( 1177 bytes )
09/12/09 16:14:45 DB : phase1 resend event scheduled ( ref count = 2 )
09/12/09 16:14:50 -> : resend 1 phase1 packet(s) 192.168.1.15:500 ->
74.223.161.198:500
09/12/09 16:14:55 -> : resend 1 phase1 packet(s) 192.168.1.15:500 ->
74.223.161.198:500
09/12/09 16:15:00 -> : resend 1 phase1 packet(s) 192.168.1.15:500 ->
74.223.161.198:500
09/12/09 16:15:05 ii : resend limit exceeded for phase1 exchange
09/12/09 16:15:05 ii : phase1 removal before expire time
09/12/09 16:15:05 DB : phase1 deleted ( obj count = 0 )
09/12/09 16:15:05 DB : policy not found
09/12/09 16:15:05 DB : policy not found
09/12/09 16:15:05 DB : tunnel stats event canceled ( ref count = 1 )
09/12/09 16:15:05 DB : removing tunnel config references
09/12/09 16:15:05 DB : removing tunnel phase2 references
09/12/09 16:15:05 DB : removing tunnel phase1 references
09/12/09 16:15:05 DB : tunnel deleted ( obj count = 0 )
09/12/09 16:15:06 DB : removing all peer tunnel refrences
09/12/09 16:15:06 DB : peer deleted ( obj count = 0 )
09/12/09 16:15:06 ii : ipc client process thread exit ...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20091209/2e9c5805/attachment-0001.html>
More information about the vpn-help
mailing list