This is what I have that I got working 2+ years ago... Hope this helps. ---- [Netgear-FVS318-main-mode] EXCHANGE_TYPE= ID_PROT Transforms=3DES-SHA,AES-SHA
[Netgear-FVS318-quick-mode] DOI=IPSEC EXCHANGE_TYPE=QUICK_MODE Suites=QM-ESP-3DES-SHA-PFS-SUITE,QM-ESP-AES-SHA-PFS-SUITE [AES-SHA] ENCRYPTION_ALGORITHM= AES_CBC HASH_ALGORITHM= SHA AUTHENTICATION_METHOD= PRE_SHARED GROUP_DESCRIPTION= MODP_1536 Life= LIFE_1_DAY [3DES-SHA] ENCRYPTION_ALGORITHM= 3DES_CBC HASH_ALGORITHM= SHA AUTHENTICATION_METHOD= PRE_SHARED GROUP_DESCRIPTION= MODP_1536 Life= LIFE_28800 [QM-ESP-AES-SHA-PFS-GRP5-SUITE] Protocols= QM-ESP-AES-SHA-PFS KEY_LENGTH= 256,256:256 -- David Bryan dave (at) drstrangelove dot net On Wed, August 3, 2005 8:28 am, Brandon Mercer wrote: > Hello all, > I've been setting up a hub and spoke VPN for a while now and for the > most part things are working as normal. However, I have one box a > netgear FVS318v1 that doesn't give me the flexibility in creating my VPN > policies and IKE setup that the other ones do (FVS318v3). I keep seeing > a no compatible proposal found. I've tried running the debug, but I > can't figure out which part of the proposal is incompatible. My config > has: > > [Westlake-quick-mode] > DOI= IPSEC > EXCHANGE_TYPE= QUICK_MODE > Suites= QM-ESP-3DES-SHA-PFS-SUITE > > Which conforms to Netgears instructions to configure the other > endpoint. Thanks for any help. > Brandon
