[vpn-help] Shrew Cleint with Netgear FVX538

Nathan Morrow nmorrow at spotswood.org
Mon Aug 2 09:21:38 CDT 2010 

Well, DMZ didn’t work (no change in results).  At home I have FIOS and see posts online where people have experienced problems with VPNs.  So I may have to hit a friend’s house and test.

Nathan Morrow
540-898-0757

From: mikelupo at aol.com [mailto:mikelupo at aol.com]
Sent: Friday, July 30, 2010 5:22 PM
To: Nathan Morrow; vpn-help at lists.shrew.net
Subject: Re: [vpn-help] Shrew Cleint with Netgear FVX538

Like you, I know litte about VPNs but I managed to get a Netgear FVS318G set up and working with Shrew.
What does your network topography look like? If there's nothing in the VPN logs, then I call to question if your packets are even getting there...
As a quick test, you can also configure your client PC into the local router's DMZ and try again. If you get further along (i.e. VPN log entries on the FVS), then that may indicate the gateway/router you're using to connecting to the internet might not be configured for VPN passthrough or port forwarding/triggering for ports 500 and 4500 might need some consideration.





-----Original Message-----
From: Nathan Morrow <nmorrow at spotswood.org>
To: vpn-help at lists.shrew.net <vpn-help at lists.shrew.net>
Sent: Fri, Jul 30, 2010 3:50 pm
Subject: [vpn-help] Shrew Cleint with Netgear FVX538
So I am pretty knowledgable when it comes to networking, dhcp, dns, etc, etc.  But not VPNs.  I followed the procedure for Netgear VPNs to the T (except for IPs and encryption algorithm) and I don’t believe I am getting anywhere fast.

The local Shrew Client tries to contact the VPN gateway, and it looks like there is on response after the initial handshakes:
10/07/30 15:31:32 >= : message 00000000
10/07/30 15:31:37 -> : resend 1 phase1 packet(s) 192.168.1.2:500 -> GATEWAYIPWUZHERE:500
10/07/30 15:31:42 -> : resend 1 phase1 packet(s) 192.168.1.2:500 -> GATEWAYIPWUZHERE:500
10/07/30 15:31:47 -> : resend 1 phase1 packet(s) 192.168.1.2:500 -> GATEWAYIPWUZHERE:500
10/07/30 15:31:52 ii : resend limit exceeded for phase1 exchange
10/07/30 15:31:52 ii : phase1 removal before expire time

On the VPN side (Netgear FVX538):
Nothing in the VPN log.  I’m lost.

A good next step to try would be appreciated.

Nathan Morrow
Director of Technical Ministries
Spotswood Baptist Church
4009 Lafayette Blvd
Fredericksburg, Va 22408
540-898-0757
F: 540-891-7549


_______________________________________________

vpn-help mailing list

vpn-help at lists.shrew.net

http://lists.shrew.net/mailman/listinfo/vpn-help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100802/4c68a3c7/attachment-0001.html>

More information about the vpn-help mailing list