[Vpn-help] Shrew's VPN Client and Linksys RV042 - pls help
Matthew Grooms
mgrooms at shrew.net
Fri Oct 24 10:25:04 CDT 2008
Jose Romeu Robazzi wrote:
> Hello all,
Hi Jose,
> I am trying to connect to a RV042 router in a VPN Group, but the
> connection does not seem to work.
>
> I am using Shrew Soft VPN Access Manager v. 2.1.2. <http://2.1.2.>
> Configuration is as follows:
> Auto Configuration: "disable"
> Local Host Address Method is: "Use an existing adapter..."
> NAT Traversal: "disable"
> IKE Fragmentation: "disable"
> Enable Dead Peer Detection: checked
> Name resolution: everything unchecked
> Authentication Method: "Mutual PSK"
> Local Identity: "User FQDN"
> Phase 1: "aggressive, group2, aes,256, md5, 28800, 0"
> Phase 2: "esp-aes,256, md5, group2, disabled, 3600, 0"
> Included lan behind the router paramenter in the "Remote Network
> Resource" list in the policy tab.
>
> In the router I have:
> Local Group Setup matching lan behind the router parameters
> Remote Client Setup matching User FQDN
> IPSec setup matching Phase 1 and Phase 2 parameters above, with Perfect
> Forward Secrecy checked
>
The router says it thinks the exchange should be configured "Aggressive
mode peer ID is ID_USER_FQDN: 'name at name.com.br'". The client says that
there was a "!! : phase1 id type mismatch ( received ipv4-host but
expected fqdn )".
In other words, you need to modify the client to be configured as so ...
Site Configuration
\Authentication Tab
\Local Identity
\Identification Type = 'User Fully Qualified Domain Name'
UFQDN String = 'name at name.com.br'
\Remote Identity
\Identification Type = 'IP Address'
Address String = Checked - Use discovered remote host address
... then it should work properly.
>
> Please help, I must be forgetting something silly for this to work.
>
> Thank you very much and regards,
>
Good luck,
-Matthew
More information about the vpn-help
mailing list