Trouble with local id / remote id configuration of VPN
Posted
by
Lynn Owens
on Server Fault
See other posts from Server Fault
or by Lynn Owens
Published on 2013-06-28T03:56:11Z
Indexed on
2013/06/28
4:22 UTC
Read the original article
Hit count: 534
I have a NetGear UTM firewall and a Windows machine running NetGear's VPN client.
The Windows machine I can put on the UTM network and take off of it.
When I am cabled into the local (internal) the following configuration works:
UTM:
Local Id: Local Wan IP: (The UTM's WAN IP address)
Remote Id: User FQDN: utm_remote1.com
Client:
Local Id: DNS: utm_remote1.com
Remote Id: (The UTM's WAN IP address)
Gateway authentication: preshared key
Policy remote endpoint: FQDN: utm_remote1.com
But when I'm off the UTM's internal local network and simply coming in from the internet, this does not work. It simply repeats SEND phase 1 before giving up.
Since I know that the UTM WAN IP is accessible from both inside and outside the network, I figured the problem was with the Client local id. So, I tried the following:
UTM:
Local Id: Local Wan IP: (The UTM's WAN IP address)
Remote Id: (A DN of a self-signed certificate I created for the client and uploaded into the UTM certificates)
Client:
Local Id: (The DN of the aforementioned self signed cert)
Remote Id: (The UTM's WAN IP address)
Gateway authentication: (the aforementioned self signed cert)
Policy remote end point: ... er, ... my choices are IP and FQDN.... Not sure what to put here
No matter what I've tried, it just keeps repeating the SEND phase 1.
Any ideas?
© Server Fault or respective owner