Windows 2000 IPSEC to Netgear box: IKE security association negotiation failed.

  • Thread starter Thread starter Barry
  • Start date Start date
B

Barry

I'm trying to setup a Windows 2000 RRAS server to talk with a Netgear
Prosafe VPN firewall over IPSEC. I have them at least talking, but
they can't seem to establish a connection. Here is what the Win2K
event logs say:

IKE security association negotiation failed.
Mode:
Data Protection Mode (Quick Mode)

Filter:
Source IP Address 192.168.0.33
Source IP Address Mask 0.0.0.0
Destination IP Address 0.0.0.0
Destination IP Address Mask 255.255.255.255
Protocol 0
Source Port 0
Destination Port 0
IKE Local Addr 192.168.0.33
IKE Peer Addr 10.69.69.12
IKE Source Port 500
IKE Destination Port 500
Peer Private Addr

Peer Identity:
Preshared key ID.
Peer IP Address: 10.69.69.12

Failure Point:
Me

Failure Reason:
Unsupported ID

Extra Status:
Processed third (ID) payload
Responder. Delta Time 0
0x0 0x0


Can anyone please explain what is going on? cc to me by Email is much
appreciated.

Thank you
 
Hi Barry,

What are you using for authentication? Share secret, certificate, ... ?

What about other parameters? Are they same on both ends?

Mike
 
There was documentation on the Netgear website at one time, but I can not find it
right now. I did have a FVS318 working to a W2K rras server at one time. The link
below is from Linksys but the policies are about the same if I can remember. Make
sure you are using ipsec "tunnel" mode with preshared key on each end. --- Steve

http://www.linksys.com/support/support.asp?spid=86
 
My problem is that I was configuring the IPSEC filter for a subnet,
but setting up the netgear as a range of IP's, even though they
measured the same. I guess it's THAT picky.

Thank you everyone who responded.

Barry
 
Back
Top