Question : Problem: Got VPN to connect but can't ping  PCs or map drives

Here is my log on client:

10-04: 15:56:12.248 My Connections\New Connection - Initiating IKE Phase 1 (IP ADDR=XX.XX.178.153)
10-04: 15:56:12.689 My Connections\New Connection - SENDING>>>> ISAKMP OAK AG (SA, KE, NON, ID, VID 5x)
10-04: 15:56:15.753 My Connections\New Connection - RECEIVED<<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID, NAT-D 3x)
10-04: 15:56:15.753 My Connections\New Connection - Peer is NAT-T draft-01 capable
10-04: 15:56:15.753 My Connections\New Connection - NAT is detected for Client
10-04: 15:56:17.245 My Connections\New Connection - SENDING>>>> ISAKMP OAK AG *(HASH, NAT-D 2x, NOTIFY:STATUS_INITIAL_CONTACT)
10-04: 15:56:17.245 My Connections\New Connection - Established IKE SA
10-04: 15:56:17.245    MY COOKIE d8 30 b8 43 1c c1 64 e
10-04: 15:56:17.245    HIS COOKIE ad 2 4f 84 9b 5f 9 9e
10-04: 15:56:18.867 My Connections\New Connection - Initiating IKE Phase 2 with Client IDs (message id: 321933D9)
10-04: 15:56:18.867   Initiator = IP ADDR=192.168.2.1, prot = 0 port = 0
10-04: 15:56:18.867   Responder = IP SUBNET/MASK=192.168.3.45/255.255.255.0, prot = 0 port = 0
10-04: 15:56:18.867 My Connections\New Connection - SENDING>>>> ISAKMP OAK QM *(HASH, SA, NON, KE, ID 2x)
10-04: 15:56:20.410 My Connections\New Connection - RECEIVED<<< ISAKMP OAK QM *(HASH, SA, NON, KE, ID 2x)
10-04: 15:56:20.420 My Connections\New Connection - Filter entry 3: SECURE  192.168.001.122&255.255.255.255  192.168.003.045&255.255.255.000  XX.XX.178.153 added.
10-04: 15:56:20.420 My Connections\New Connection - SENDING>>>> ISAKMP OAK QM *(HASH)
10-04: 15:56:20.510 My Connections\New Connection - Loading IPSec SA (Message ID = 321933D9 OUTBOUND SPI = E45CAC57 INBOUND SPI = 866EBC47)
10-04: 15:56:20.510
10-04: 15:56:22.933 My Connections\New Connection - RECEIVED<<< ISAKMP OAK INFO *(HASH, DEL)
10-04: 15:56:22.933 My Connections\New Connection - Deleting IKE SA (IP ADDR=XX.XX.178.153)
10-04: 15:56:22.933    MY COOKIE d8 30 b8 43 1c c1 64 e
10-04: 15:56:22.933    HIS COOKIE ad 2 4f 84 9b 5f 9 9e


My set up is as follows.

Winxp < Netgear pro safe VPN client < linksys befsr41 < Cable = internet = DSL > Netgear FVS318 v3 > server

Home local ip 192.168.1.122   ISP is dynamic I'm using a domain name VPNclient
The internal network ip is 192.168.2.1
Office local ip is 192.168.3.1 (router) 192.168.3.5 (server) with a static ISP IP.

I can't find a firewall on either pc. I've opened ports 50, 51 and 500 on the linksys. Not sure if I need to on the netgear. (I'd like to point out that Linksys offers free techsupport for VPN where NETGEAR does NOT so DON'T BUY NETGEAR!!!)

I check the router VPN status and it does not show the VPN connection, it does show the log in on the status of the router( login of the internal IP). The client indicates there is a connection by showing the KEY on the icon. I can't ping from the client or router to any computers. I can't map drives either.

The connection monitor shows the connection but shows it expiring 5 min. after connection.

I know it got to be something simple. Please help. I've been working on this for a month.

Thanks
Ray

Answer : Problem: Got VPN to connect but can't ping  PCs or map drives

I had a look and few things to confirm:

On the router you chose remote VPN client not gateway
Double checked shared Key
Choose defaults, dynamic client, 3DES & SHA1 encryption
-------------------------------------------------------------------------
When installing the client software :
  You choose install IPSec rather than Virtual adapter
  Check your computer to see if the IPSec service is running in the management console

On the first 'page' of the client configuration page should have
   Policy identity 192.168.3.0, 255.255.255.0 (I noticed the example says 192.168.3.1 no!)
   connect using secure gateway tunnel
    ID type IP address and the WAN IP of the office location. (Can you confirm this IP is correct)

My Identity page
    Id Type -IP address, leave address blank
    Virtual adapter disabled
     Internal Interface any
     Make sure you enter the pre shared key

Security page
   They suggest Main Mode but I would shoose Agressive. Go with their suggestion but if no luck try switching  

Proposal pages defaults making sure encryption matches router 3DES and SHA-1
----------------------------------------------------------------------
   
See if there are any discrepancies above. Then try and connect. Right clicking on the connection icon on the desktop will allow you to open the connection monitor and log file. The log file will tell all if you can read it. a large part of it still doesn't mean much to me.

I noticed another discussion on this site regarding this client you might want to look at for similar problems.
http://www.experts-exchange.com/Networking/Broadband/VPN/Q_21056801.html
Random Solutions  
 
programming4us programming4us