[Vpn-help] Linksys BEFVP41

mgrooms mgrooms at shrew.net
Sun Jan 6 13:47:50 CST 2008


John,

This should be simple enough to solve. With the 2.0.3 version of the
client, it will initiate a modecfg exchange to obtain client configuration
information from the gateway unless all "auto" options are disabled. It
would appear that you have the "obtain automatically" setting enabled for
the DNS configuration. When the client initiates the configuration
exchange, the gateway is sending an error because it doesn't understand
what the client is trying to do ...

> ii : building config attribute list
> ii : excluding unity attribute set
> ii : - IP4 DNS Server
> ii : sending config pull request
> == : new phase2 iv ( 8 bytes )
>>> : hash payload
>>> : attribute payload
> == : new configure hash ( 20 bytes )
>>= : encrypt iv ( 8 bytes )
> => : encrypt packet ( 64 bytes )
> == : stored iv ( 8 bytes )
> -> : send IKE packet 192.168.1.108:500 -> 70.176.132.235:500 ( 96 bytes )
> DB : phase2 not found
> <- : recv IKE packet 70.176.132.235:500 -> 192.168.1.108:500 ( 57 bytes )
> DB : phase1 found
> == : new phase2 iv ( 8 bytes )
> << : notification payload
> ii : received peer INVALID-EXCHANGE-TYPE notification
> ii : - 70.176.132.235:500 -> 192.168.1.108:500
> ii : - isakmp spi = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> ii : - data size 1
> ii : resending 1 exchange packet(s)

... To avoid this situation, please disable this check box in the Site
Configuration so the automatic configuration phase will be skipped. If you
have an internal DNS server, please specify it manually. If you have any
other problems, please let me know.

Hope this helps,

-Matthew




More information about the vpn-help mailing list