D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: ionflex on July 21, 2009, 05:47:01 AM

Title: DFL-210 IPSEC VPN problem
Post by: ionflex on July 21, 2009, 05:47:01 AM

I'm having problems with an ipsec lan to lan connection. When initiating the connection from the other end it works, but when initiating the connection from the dlink side the negotiation fails.

Log entry when connecting from other end (works):
(http://www.fifle.net/dlink/OtherInitiate.jpg)

Log entry when connecting from dlink end (fails):
(http://www.fifle.net/dlink/DlinkInitiate.jpg)

What puzzles me is the local_peer=127.0.0.1 when connecting from the dlink side.
Firmware version is 2.20.03.08-8260 Sep 26 2008.

Any suggestions?

Title: Re: DFL-210 IPSEC VPN problem
Post by: Fatman on July 22, 2009, 10:33:25 AM

If you manually specify the IPsec ID does it work then?

Title: Re: DFL-210 IPSEC VPN problem
Post by: ionflex on July 23, 2009, 07:55:40 AM

How do I manualle specify the IPsec ID?

I have tried setting Loacal ID Type: IP and Local ID Value: 213.xxx.xxx.205 in the Authentication-tab
Still no luck.

Title: Re: DFL-210 IPSEC VPN problem
Post by: Fatman on July 23, 2009, 10:32:08 AM

Do you still get log entries like what you sent me with that local ID set?

Title: Re: DFL-210 IPSEC VPN problem
Post by: ionflex on July 24, 2009, 05:45:15 AM

Yes, exactly the same.

Title: Re: DFL-210 IPSEC VPN problem
Post by: Fatman on July 24, 2009, 08:47:09 AM

The IPsec ID you chose shouldn't be a big issue in the first place, perhaps setting a DNS or e-mail ID might provide some relief.

Failing that I am going to ask that you call TS as you don't have an easy answer and there is going to be a level of troubleshooting involved.

Title: Re: DFL-210 IPSEC VPN problem
Post by: ionflex on August 17, 2009, 06:02:29 AM

I have experimented a little with the router lately. I reset the device to factory settings and set up a vpn link as per chapter 9.2.1. IPsec LAN to LAN with Pre-shared Keys (manual version 1.07). It seems no matter what I do, I get local_peer=127.0.0.1 when initiating the connection from the dlink side.

Am I missing something? Is there a simple step by step guide to set up a vpn link that should produce a correct handshake?

Title: Re: DFL-210 IPSEC VPN problem
Post by: scrubsguy on July 21, 2011, 10:30:53 PM

is this device also configured as your Router? when i setup my vpn account on this device i found it gave me hassles with open vpn, and then the moment i setup a separate router and connected it to my wan port on the dfl-210 it worked immediately.

Title: Re: DFL-210 IPSEC VPN problem
Post by: danilovav on July 22, 2011, 07:58:07 PM

What F/W versions on devices?
(some regional versions have limited encryption)
Check, you have no other dynamic IPsec, PSK are the same, security profiles are equal