[Vpn-help] 2.1.0 alpha failed to connect to the server
Tai-hwa Liang
avatar at mmlab.cse.yzu.edu.tw
Sun Dec 2 20:23:15 CST 2007
Hi,
It turns out that after upgraing my VPN client from 2.0.2 to 2.1.0, I can
no longer connect to the VPN server(ipsec-tools-0.7):
.
.
.
client key configured
bringing up tunnel ...
network unavailable
tunnel disabled
detached from key daemon ...
Following are the related logging information.
# ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Mufasa
Primary Dns Suffix . . . . . . . : example.com
Node Type . . . . . . . . . . . . : Peer-Peer
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : example.com
Ethernet adapter VMware Network Adapter VMnet8:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for
VMnet8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.154.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Ethernet adapter VMware Network Adapter VMnet1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for
VMnet1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.47.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Ethernet adapter :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-15-F3-43-A8-51
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.153
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
# debug log
## : IKE Daemon, ver 2.1.0
## : Copyright 2007 Shrew Soft Inc.
## : This product linked OpenSSL 0.9.8e 23 Feb 2007
ii : opened 'C:\Program Files\ShrewSoft\VPN Client\debug\iked.log'
ii : rebuilding vnet device list ...
ii : device ROOT\VNET\0000 disabled
ii : network process thread begin ...
ii : pfkey process thread begin ...
ii : admin process thread begin ...
<A : peer config add message
DB : peer added
ii : local address 192.168.1.153:500 selected for peer
DB : tunnel added
<A : proposal config message
<A : proposal config message
<A : proposal config message
<A : client config message
<A : local id '' message
<A : remote id '' message
<A : remote cert 'root-tree.pem' message
ii : 'root-tree.pem' loaded
<A : local cert 'user1 at .p12' message
!! : 'user1 at .p12' load failed, requesting password
<A : file password
<A : local cert 'user1 at .p12' message
ii : 'user1 at .p12' loaded
<A : local key 'user1 at .p12' message
ii : 'user1 at .p12' loaded
<A : peer tunnel enable message
ii : obtained x509 cert subject ( 150 bytes )
DB : new phase1 ( ISAKMP initiator )
DB : exchange type is aggressive
DB : 192.168.1.153:500 <-> aa.bb.cc.dd:500
DB : 92d198f5be4bb07d:0000000000000000
DB : phase1 added
>> : security association payload
>> : - proposal #1 payload
>> : -- transform #1 payload
>> : -- transform #2 payload
>> : -- transform #3 payload
>> : -- transform #4 payload
>> : -- transform #5 payload
>> : -- transform #6 payload
>> : -- transform #7 payload
>> : -- transform #8 payload
>> : -- transform #9 payload
>> : key exchange payload
>> : nonce payload
>> : identification payload
>> : vendor id payload
ii : local supports FRAGMENTATION
>> : vendor id payload
ii : local supports DPDv1
>> : vendor id payload
ii : local is SHREW SOFT compatible
>> : vendor id payload
ii : local is CISCO UNITY compatible
>> : vendor id payload
ii : local is NETSCREEN compatible
>> : vendor id payload
ii : local is CHECKPOINT compatible
-> : send IKE packet 192.168.1.153:500 -> aa.bb.cc.dd:500 ( 890 bytes )
ii : adapter ROOT\VNET\0000 already disabled
DB : removing all tunnel refrences
DB : phase1 resend event canceled ( ref count = 1 )
DB : phase1 deleted before expire time ( phase1 count = 0 )
DB : tunnel deleted ( tunnel count = 0 )
DB : peer deleted ( peer count = 0 )
ii : admin process thread exit ...
More information about the vpn-help
mailing list