VPN Client OK with Nat but not Dialup

[NickWells]

I'm fighting to get a VPN connection to a DG834 or FVS338.

Current settings created using new auto policy
Router Side Config: DG834G firmware:v3.01.31

RemoteVPN Endpoint: Dynamic IP Address

Local Lan IP : Subnet 192.168.0.0 (Router local IP 189.168.0.100)

Remote Lan IP: Single Address 10.0.0.1

IKE: Main Mode
Local ID Type: WAN Address
Remote ID Type: FQDN 'remote.com'

Encryption: 3DES psk set.


VPN Client Side Config: v10.7.2
Remote Party ID & Addressing:
IDType: IP Subnet-Subnet:192.168.0.0 Mask:255.255.255.0
Use: Secure gateway Tunnel
IDType: IP Address-IP:set to public IP of DG843G router

My Identity
Certificate: None, PSK set to match router
ID Type: Domain Name:'remote.com'

Secure if Config
Virtual Adapter: Required
Internal Network IP: 10.0.0.1 (matching router setting)

Internet Interface: Any

Security Policy
Phase 1 Neg Mode : Main Mode
PFS enabled
ERD enabled
other settings default to match router.

This connection works fine when client connects over a NAT router.
but when i try a dialup account on the client side the connection fails and i see 'Error Validating Proxy IDs' in the log.
I have tried several different ISPs for dialup including an O2 3g connection which failed to send any data to the remote router.

My end goal is multiple VPN Client access to a FVS338 router
and a router to router connection.

Error log.....
8-14: 14:52:06.424
8-14: 14:52:06.424 My Connections\New Connection - Initiating IKE Phase 1 (IP ADDR=xx.xx.xx.xx)
8-14: 14:52:06.424 My Connections\New Connection - SENDING>>>> ISAKMP OAK MM (SA, VID 2x)
8-14: 14:52:06.705 My Connections\New Connection - RECEIVED<<< ISAKMP OAK MM (SA, VID)
8-14: 14:52:06.830 My Connections\New Connection - Peer supports Dead Peer Detection Version 1.0
8-14: 14:52:06.830 My Connections\New Connection - Dead Peer Detection enabled
8-14: 14:52:06.893 My Connections\New Connection - SENDING>>>> ISAKMP OAK MM (KE, NON, VID 4x)
8-14: 14:52:07.518 My Connections\New Connection - RECEIVED<<< ISAKMP OAK MM (KE, NON)
8-14: 14:52:07.643 My Connections\New Connection - SENDING>>>> ISAKMP OAK MM *(ID, HASH, NOTIFY:STATUS_REPLAY_STATUS, NOTIFY:STATUS_INITIAL_CONTACT)
8-14: 14:52:07.909 My Connections\New Connection - RECEIVED<<< ISAKMP OAK MM *(ID, HASH)
8-14: 14:52:07.909 My Connections\New Connection - Established IKE SA
8-14: 14:52:07.909 My Connections\New Connection - MY COOKIE 1b 84 8b 6 2b f d4 79
8-14: 14:52:07.909 My Connections\New Connection - HIS COOKIE c7 7e 85 69 b7 31 9f 28
8-14: 14:52:08.690 Virtual Interface constructed for local interface 10.0.0.1
8-14: 14:52:08.768 Virtual Interface added: 10.0.0.1/255.255.255.255 on ISDN "SafeNet VA miniport".
8-14: 14:52:09.002 My Connections\New Connection - Initiating IKE Phase 2 with Client IDs (message id: A21281A6)
8-14: 14:52:09.002 My Connections\New Connection - Initiator = IP ADDR=10.0.0.1, prot = 0 port = 0
8-14: 14:52:09.002 My Connections\New Connection - Responder = IP SUBNET/MASK=192.168.0.0/255.255.255.0, prot = 0 port = 0
8-14: 14:52:09.002 My Connections\New Connection - SENDING>>>> ISAKMP OAK QM *(HASH, SA, NON, KE, ID 2x)
8-14: 14:52:09.690 My Connections\New Connection - RECEIVED<<< ISAKMP OAK QM *(HASH, SA, NON, KE, ID 2x)
8-14: 14:52:09.690 My Connections\New Connection - Error validating Proxy IDs. 8-14: 14:52:10.612 My Connections\New Connection - Deleting IKE SA (IP ADDR=xx.xx.xx.xx)
8-14: 14:52:10.612 My Connections\New Connection - MY COOKIE 1b 84 8b 6 2b f d4 79
8-14: 14:52:10.612 My Connections\New Connection - HIS COOKIE c7 7e 85 69 b7 31 9f 28
8-14: 14:52:10.612 My Connections\New Connection - SENDING>>>> ISAKMP OAK INFO *(HASH, DEL)
8-14: 14:52:11.049 Interface lost: 10.0.0.1

Any suggestions?

Nick

[jmizoguchi]

just get some case study from site for compare