VPN problem [Archive] - SpeedGuide.net Broadband Community
PDA

View Full Version : VPN problem

networkmyth
03-16-08, 11:03 PM
HI i am using 2 routers one is Linksys AG300 which is an ADSL modem router and the other one connected to it is WRV200. WRV200 doesnt have an RJ11 port so i cant connect to the internet directly so have to use AG300 instead, But the main problem is that i need to create a VPN connection with WRV200 and i cannot do it because there are 2 NAT's being used, how can i disable one NAT (the way i know is to ask for the ISP to put our ADSL router on the bridge mode) is there any other way to put my AG300 on the bridge mode or altogether any other way to get around this problem .......its a CLIENT TO ROUTER

I am posting the WRV200 Log as well if it helps ..
added connection description "TunnelA"
001 [Sun 18:34:25] "TunnelA": cannot initiate connection without knowing peer IP address (kind=CK_TEMPLATE)
002 [Sun 18:40:33] "TunnelA"[1] 124.190.114.178 #1: responding to Main Mode from unknown peer 124.190.114.178
003 [Sun 18:40:33] "TunnelA"[1] 124.190.114.178 #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
004 [Sun 18:40:33] "TunnelA"[1] 124.190.114.178 #1: STATE_MAIN_R1: sent MR1, expecting MI2
005 [Sun 18:40:34] "TunnelA"[1] 124.190.114.178 #1: discarding packet received during asynchronous work (DNS or crypto) in STATE_MAIN_R1
006 [Sun 18:40:35] "TunnelA"[1] 124.190.114.178 #1: WARNING: calc_dh_shared(): for OAKLEY_GROUP_MODP2048 took 410000 usec
007 [Sun 18:40:35] "TunnelA"[1] 124.190.114.178 #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
008 [Sun 18:40:35] "TunnelA"[1] 124.190.114.178 #1: STATE_MAIN_R2: sent MR2, expecting MI3
009 [Sun 18:40:35] "TunnelA"[1] 124.190.114.178 #1: Main mode peer ID is ID_IPV4_ADDR: '192.168.0.5'
010 [Sun 18:40:35] "TunnelA"[2] 124.190.114.178 #1: deleting connection "TunnelA" instance with peer 124.190.114.178 {isakmp=#0/ipsec=#0}
011 [Sun 18:40:35] "TunnelA"[2] 124.190.114.178 #1: I did not send a certificate because I do not have one.
012 [Sun 18:40:35] "TunnelA"[2] 124.190.114.178 #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
013 [Sun 18:40:35] "TunnelA"[2] 124.190.114.178 #1: [WRV200 Response:] ISAKMP SA established
014 [Sun 18:40:35] "TunnelA"[2] 124.190.114.178 #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
015 [Sun 18:40:35] "TunnelA"[2] 124.190.114.178 #1: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it
016 [Sun 18:40:35] "TunnelA"[2] 124.190.114.178 #1: [WRV200 Response:] Cannot respond to IPsec SA request
017 [Sun 18:40:35] "TunnelA"[2] 124.190.114.178 #1: [WRV200 Response:] No connection is known for 122.105.90.1/32===10.1.1.6:17/1701...124.190.114.178[192.168.0.5]:17/1701===192.168.0.5/32
018 [Sun 18:40:35] "TunnelA"[2] 124.190.114.178 #1: [WRV200 Response:] Can't establish IPSec SA. This might be the asymmetric Secure Group setting.
019 [Sun 18:40:35] "TunnelA"[2] 124.190.114.178 #1: [WRV200 Response:] Please check your Local Secure Group, Remote Secure Group, and PFS setting of this tunnel
020 [Sun 18:40:35] "TunnelA"[2] 124.190.114.178 #1: sending encrypted notification INVALID_ID_INFORMATION to 124.190.114.178:500
021 [Sun 18:40:36] "TunnelA"[2] 124.190.114.178 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xf7b14a7a (perhaps this is a duplicated packet)
022 [Sun 18:40:36] "TunnelA"[2] 124.190.114.178 #1: sending encrypted notification INVALID_MESSAGE_ID to 124.190.114.178:500
023 [Sun 18:40:38] "TunnelA"[2] 124.190.114.178 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xf7b14a7a (perhaps this is a duplicated packet)
024 [Sun 18:40:38] "TunnelA"[2] 124.190.114.178 #1: sending encrypted notification INVALID_MESSAGE_ID to 124.190.114.178:500
025 [Sun 18:40:42] "TunnelA"[2] 124.190.114.178 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xf7b14a7a (perhaps this is a duplicated packet)
026 [Sun 18:40:42] "TunnelA"[2] 124.190.114.178 #1: sending encrypted notification INVALID_MESSAGE_ID to 124.190.114.178:500
027 [Sun 18:40:50] "TunnelA"[2] 124.190.114.178 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xf7b14a7a (perhaps this is a duplicated packet)
028 [Sun 18:40:50] "TunnelA"[2] 124.190.114.178 #1: sending encrypted notification INVALID_MESSAGE_ID to 124.190.114.178:500


Thanks very much in advance.
YeOldeStonecat
03-17-08, 06:16 AM
(the way i know is to ask for the ISP to put our ADSL router on the bridge mode)

Just a few minutes on the phone with their support. I always bridge the ISP supplied gateway device and use the router of my choice for my setups.