Hi All,
For a number of years one of our clients has had a site-to-site VPN connection in place. The configuration was as follows:
Site A
Netgear FVS318 Firewall
Siemens 5830 Business ADSL router
Site B
Netgear DG834 Router
The two Netgear devices act as the point-to-point connection. The incompatible Siemens ADSL router has been replaced with a new BT infinity business hub following the installation of fiber broadband, and we have received a new static IP address. Both ends of the VPN tunnel have been updated with the new IP addresses and all ports have been forwarded to the firewall from the BT router. We now get the following errors:
Site A Logs
Wed, 07/10/2013 02:39:00 - FVS318 IPsec:event after this is EVENT_RETRANSMIT in 2 seconds
Wed, 07/10/2013 02:39:00 - FVS318 IPsec:handling event EVENT_RETRANSMIT for d9292b4f "OH-Thet" #60
Wed, 07/10/2013 02:39:00 - FVS318 IPsec:max number of retransmissions (2) reached STATE_QUICK_I1
Wed, 07/10/2013 02:39:02 - FVS318 IPsec:event after this is EVENT_RETRANSMIT in 28 seconds
Wed, 07/10/2013 02:39:02 - FVS318 IPsec:handling event EVENT_RETRANSMIT for d9292b4f "OH-Thet" #63
Wed, 07/10/2013 02:39:02 - FVS318 IPsec:inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #63
Wed, 07/10/2013 02:39:04 - FVS318 IPsec:Receive Packet address:0x1397554 from
Wed, 07/10/2013 02:39:04 - FVS318 IKE:[OH-Thet] RX << XCHG_INFO :
Wed, 07/10/2013 02:39:04 - FVS318 IPsec:loglog[3] Informational Exchange message for an established ISAKMP SA must be encrypted
Site B Logs:
Wed, 2013-07-10 11:41:13 - [Thet-OH] STATE_MAIN_I3: retransmission; will wait 20s for response
Wed, 2013-07-10 11:41:13 - [Thet-OH] sending encrypted notification INVALID_ID_INFORMATION to
Wed, 2013-07-10 11:41:29 - [Thet-OH] sending notification PAYLOAD_MALFORMED to
Wed, 2013-07-10 11:41:37 - [Thet-OH] sending notification PAYLOAD_MALFORMED to
I have double checked the PSK key at both ends.
Attached to this post is the configuration from both sites. Any help would be greatly appreciated.
Chris