[Vpn-help] Phase 1 ok; Phase 2 ok; but tunnel not ok

Hugues CHARBONNIER hcharbonnier at dotriver.eu
Tue Aug 12 07:36:46 CDT 2008 

Hi, i'am tryng to use Shrew soft vpn client v 2.0.3 to establish a vpn 
link with a Fortigate 1000.
Phase 1 et 2 seem to be ok, but the client is blocked at the step 
"Bringing up tunnel".

In the log file i have in loop:

DB : phase1 found
== : new phase2 iv ( 8 bytes )
=< : decrypt iv ( 8 bytes )
<= : decrypt packet ( 84 bytes )
== : stored iv ( 8 bytes )
<< : hash payload
<< : notification payload
== : informational hash_i ( computed ) ( 20 bytes )
== : informational hash_c ( received ) ( 20 bytes )
ii : informational hash verified
ii : received peer DPDV1-R-U-THERE-ACK notification
ii : - xx.xx.xx.xx:500 -> xx.xx.xx.xx:500
ii : - isakmp spi = 6e235cd7f56acf54:58b0c6e793740ce7
ii : - data size 4
ii : DPD ARE-YOU-THERE-ACK sequence edf25b5f accepted
ii : exchange packet resend limit exceeded
DB : config deleted ( config count 0 )
ii : sending peer DPDV1-R-U-THERE notification
ii : - xx.xx.xx.xx:500 -> xx.xx.xx.xx:500
ii : - isakmp spi = 6e235cd7f56acf54:58b0c6e793740ce7
ii : - data size 4
 >> : hash payload
 >> : notification payload
== : new informational hash ( 20 bytes )
== : new phase2 iv ( 8 bytes )
 >= : encrypt iv ( 8 bytes )
=> : encrypt packet ( 84 bytes )
== : stored iv ( 8 bytes )
-> : send IKE packet xx.xx.xx.xx:500 -> xx.xx.xx.xx:500 ( 112 bytes )
ii : DPD ARE-YOU-THERE sequence edf25b60 requested
<- : recv IKE packet xx.xx.xx.xx:500 -> xx.xx.xx.xx:500 ( 84 bytes )
DB : phase1 found
== : new phase2 iv ( 8 bytes )
=< : decrypt iv ( 8 bytes )
<= : decrypt packet ( 84 bytes )
== : stored iv ( 8 bytes )
<< : hash payload
<< : notification payload
== : informational hash_i ( computed ) ( 20 bytes )
== : informational hash_c ( received ) ( 20 bytes )
ii : informational hash verified
ii : received peer DPDV1-R-U-THERE-ACK notification
ii : - xx.xx.xx.xx:500 -> xx.xx.xx.xx:500
ii : - isakmp spi = 6e235cd7f56acf54:58b0c6e793740ce7
ii : - data size 4
ii : DPD ARE-YOU-THERE-ACK sequence edf25b60 accepted

-------------- next part --------------
A non-text attachment was scrubbed...
Name: hcharbonnier.vcf
Type: text/x-vcard
Size: 211 bytes
Desc: not available
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20080812/9cd135bd/attachment-0001.vcf>

More information about the vpn-help mailing list