Netgear FVS318 v1 Firmware 2.4 VPN to Cisco ASA

Out of curiousity, how did you deal with the srcid and dstid?

Last I worked on a Netgear FVS318 it wanted to use name based IDs for the VPN, and I have never been able to get named based vpns to work on a cisco router.

Would you mind posting up both sides of this config if you have found a way to do this?

As far as your question:

Is one end on a dynamic IP?

Are you using a range or a network on the FVS side when you define interesting traffic?

Is PFS turned on, on either side? I remember the FVS turning it on by default and the cisco turning it off by default.

Ove Fagerheim

Helgelandskraft AS

-----Opprinnelig melding-----
Fra: firewall-wizards-bounces@... [mailto:firewall-wizards-bounces@...] På vegne av Jeremy Sutton
Sendt: 4. mai 2009 17:39
Til: firewall-wizards@...
Emne: [fw-wiz] Netgear FVS318 v1 Firmware 2.4 VPN to Cisco ASA

I have a client using a FVS318 v1 firmware 2.4 router trying to connect to a Cisco ASA.  I am the administrator of the Netgear but the administrator of the Cisco ASA can't get his end configured to communicate with the Netgear.  P1 establishes but P2 does not.  Anyone have any suggestions I can pass along to him.  The FVS318 connects fine to another FVS318 but not to his Cisco.  Any help will be greatly appreciated.  Thank you!

Jeremy Sutton
President
Tech Gooroos Technology Consulting, Inc.
p: 919-373-4414
c: 919-413-2463
f: 919-510-6254

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.287 / Virus Database: 270.12.18/2096 - Release Date: 05/04/09 17:51:00

Thank you for your response!  The ASA is configured by a 3^rd party and they finally got in contact with Cisco and they fixed the ASA for them.  I will look and see if they happened to turn on PFS.  Thank you again!

Jeremy,

If the ASA side is using the ASDM it likes to turn on PFS (Perfect Forward Secrecy), which is almost always overlooked, and will cause a P2 failure.

Hotmail® has a new way to see what's up with your friends. Check it out.