Microsoft
Software
Hardware
Network
Question : Site to Site VPN Using D-Link DI-804HV and Netgear Prosafe DGFV338 ADSL Routers
We have taken on a new customer who has 4 remote sites which are connected via VPN router to router.
1 site has stopped working. When looking at the VPN logs I get the following messages...
2010 Aug 17 15:21:26 [MC.LUTON-DGFV338] [VPNKA] Peer 10.1.1.254 failed 534 of 3 times_
2010 Aug 17 15:21:26 [MC.LUTON-DGFV338] [VPNKA] Failed to send Keep-Alive Request to _
2010 Aug 17 15:21:33 [MC.LUTON-DGFV338] [IKE] accept a request to establish IKE-SA: 213.123.227.14_
2010 Aug 17 15:21:34 [MC.LUTON-DGFV338] [IKE] Configuration found for 213.123.227.14._
2010 Aug 17 15:21:36 [MC.LUTON-DGFV338] [VPNKA] Peer 10.1.1.254 failed 535 of 3 times_
2010 Aug 17 15:21:36 [MC.LUTON-DGFV338] [VPNKA] Failed to send Keep-Alive Request to _
2010 Aug 17 15:21:40 [MC.LUTON-DGFV338] [IKE] The packet is retransmitted by 222.222.222.22[500]._
2010 Aug 17 15:21:41 [MC.LUTON-DGFV338] [IKE] Ignore information because ISAKMP-SA has not been established yet._
2010 Aug 17 15:21:46 [MC.LUTON-DGFV338] [VPNKA] Peer 10.1.1.254 failed 536 of 3 times_
2010 Aug 17 15:21:46 [MC.LUTON-DGFV338] [VPNKA] Failed to send Keep-Alive Request to _
2010 Aug 17 15:21:50 [MC.LUTON-DGFV338] [IKE] Phase 1 negotiation failed due to time up for 222.222.222.22[500]. 64858552ec1cc8d0:27462c5f9
167dded_
2010 Aug 17 15:21:56 [MC.LUTON-DGFV338] [VPNKA] Peer 10.1.1.254 failed 537 of 3 times_
2010 Aug 17 15:21:56 [MC.LUTON-DGFV338] [VPNKA] Failed to send Keep-Alive Request to _
2010 Aug 17 15:22:05 [MC.LUTON-DGFV338] [IKE] Invalid SA protocol type: 0_
2010 Aug 17 15:22:05 [MC.LUTON-DGFV338] [IKE] Phase 2 negotiation failed due to time up waiting for phase1. _
2010 Aug 17 15:22:06 [MC.LUTON-DGFV338] [VPNKA] Peer 10.1.1.254 failed 538 of 3 times_
2010 Aug 17 15:22:06 [MC.LUTON-DGFV338] [VPNKA] Failed to send Keep-Alive Request to _
2010 Aug 17 15:22:06 [MC.LUTON-DGFV338] [IKE] Using IPsec SA configuration: 10.3.1.0/24<->10.1.1.0/24_
2010 Aug 17 15:22:06 [MC.LUTON-DGFV338] [IKE] Configuration found for 222.222.222.22._
2010 Aug 17 15:22:06 [MC.LUTON-DGFV338] [IKE] Initiating new phase 1 negotiation: 222.222.222.22[500]<=>222.
222.222.21
[500]_
2010 Aug 17 15:22:06 [MC.LUTON-DGFV338] [IKE] Beginning Identity Protection mode._
2010 Aug 17 15:22:12 [MC.LUTON-DGFV338] [IKE] The packet is retransmitted by 222.222.222.22[500]._
2010 Aug 17 15:22:16 [MC.LUTON-DGFV338] [VPNKA] Peer 10.1.1.254 failed 539 of 3 times_
2010 Aug 17 15:22:16 [MC.LUTON-DGFV338] [VPNKA] Failed to send Keep-Alive Request to _
2010 Aug 17 15:22:17 [MC.LUTON-DGFV338] [IKE] The packet is retransmitted by 222.222.222.22[500]._
I have tried to create another VPN using the same settings but still get the same error message. As far as we can tell nothing has changed as the other 3 sites are working fine.
I have update the ADSL and Router firmware on the Netgear Prosafe.
Can anyone help me try and find out whats going on?
Answer : Site to Site VPN Using D-Link DI-804HV and Netgear Prosafe DGFV338 ADSL Routers
After some hours of going over the settings again and again I found the PassPhrase to be incorrect on the D-Link Router.
Recreated the rule again and now connects OK.
Random Solutions
Changing the name ofWindows Version during startup
SBS 2003 Premium. Windows 7 client and Microsoft Shared Fax - Do they work together?
Windows 2003 to 2008R2 cluster migration and enforced quota
ASP.NET How to get picture images to display...in a LISTVIEW?
How can I get CFileDialog to not change the initial directory?
Windows XP OEM in a virtual machine
tables with FK relationships at all
To to retrieve Conference call recordings
Unix filler
Calendar Control in Excel 2003 VBA
