[Vpn-help] Connection Running Afoul of XAUTH

Ron Westfall rwestfall at polarblue.com
Tue Nov 25 21:33:42 CST 2008 

I trying to connect the Shrew VPN client 2.1.4 to a D-Link DI-804HV.   
I get the phase 1 SA established, but I then get into trouble.

On the Shrew side, I get the following log messages (I have obfuscated  
the 804HV's public IP address to 1.2.3.4):

08/11/25 19:08:04 ii : phase1 sa established
08/11/25 19:08:04 ii : 1.2.3.4:500 <-> 192.168.2.5:500
08/11/25 19:08:04 ii : 74c69b8a3b74741:d4d7b1359e30be21
08/11/25 19:08:04 ii : sending peer INITIAL-CONTACT notification
08/11/25 19:08:04 ii : - 192.168.2.5:500 -> 1.2.3.4:500
08/11/25 19:08:04 ii : - isakmp spi = 074c69b8a3b74741:d4d7b1359e30be21
08/11/25 19:08:04 ii : - data size 0
08/11/25 19:08:04 >> : hash payload
08/11/25 19:08:04 >> : notification payload
08/11/25 19:08:04 == : new informational hash ( 20 bytes )
08/11/25 19:08:04 0x : 04d43912 8f02ef88 a660a498 8dcf0cba 8f4bd647
08/11/25 19:08:04 == : new informational iv ( 8 bytes )
08/11/25 19:08:04 0x : d6dc11f8 fcfe5dfb
08/11/25 19:08:04 >= : cookies 074c69b8a3b74741:d4d7b1359e30be21
08/11/25 19:08:04 >= : message ab892fcb
08/11/25 19:08:04 >= : encrypt iv ( 8 bytes )
08/11/25 19:08:04 0x : d6dc11f8 fcfe5dfb
08/11/25 19:08:04 == : encrypt packet ( 80 bytes )
08/11/25 19:08:04 0x : 074c69b8 a3b74741 d4d7b135 9e30be21 08100501  
ab892fcb 00000050 0b000018
08/11/25 19:08:04 0x : 04d43912 8f02ef88 a660a498 8dcf0cba 8f4bd647  
0000001c 00000001 01106002
08/11/25 19:08:04 0x : 074c69b8 a3b74741 d4d7b135 9e30be21
08/11/25 19:08:04 == : stored iv ( 8 bytes )
08/11/25 19:08:04 0x : ff55aa4c 812047b0
08/11/25 19:08:04 -> : send IKE packet 192.168.2.5:500 -> 1.2.3.4:500  
( 112 bytes )
08/11/25 19:08:04 0x : 45000070 52130000 4011215b c0a80205 ce7475ed  
01f401f4 005cd3b0 074c69b8
08/11/25 19:08:04 0x : a3b74741 d4d7b135 9e30be21 08100501 ab892fcb  
00000054 f54dd188 0c1a7b02
08/11/25 19:08:04 0x : 90c113fd 45baa608 e7e29fbe c55fffee e2191eb5  
9076e305 b97adab3 cb32ae19
08/11/25 19:08:04 0x : b293c4ab 36212c77 ff55aa4c 812047b0
08/11/25 19:08:04 DB : tunnel ref increment ( ref count = 4, obj count  
= 1 )
08/11/25 19:08:04 DB : config ref increment ( ref count = 1, obj count  
= 0 )
08/11/25 19:08:04 DB : config added ( obj count = 1 )
08/11/25 19:08:04 ii : building config attribute list
08/11/25 19:08:04 ii : - IP4 Subnet
08/11/25 19:08:04 == : new config iv ( 8 bytes )
08/11/25 19:08:04 0x : 46831c91 c41ba9ac
08/11/25 19:08:04 ii : sending config pull request
08/11/25 19:08:04 >> : hash payload
08/11/25 19:08:04 >> : attribute payload
08/11/25 19:08:04 == : new configure hash ( 20 bytes )
08/11/25 19:08:04 0x : 1e699e6a c9a3dd89 e8131161 72d288b4 1575b8a9
08/11/25 19:08:04 >= : cookies 074c69b8a3b74741:d4d7b1359e30be21
08/11/25 19:08:04 >= : message c4a7fa40
08/11/25 19:08:04 >= : encrypt iv ( 8 bytes )
08/11/25 19:08:04 0x : 46831c91 c41ba9ac
08/11/25 19:08:04 == : encrypt packet ( 64 bytes )
08/11/25 19:08:04 0x : 074c69b8 a3b74741 d4d7b135 9e30be21 08100601  
c4a7fa40 00000040 0e000018
08/11/25 19:08:04 0x : 1e699e6a c9a3dd89 e8131161 72d288b4 1575b8a9  
0000000c 01000000 000d0000
08/11/25 19:08:04 == : stored iv ( 8 bytes )
08/11/25 19:08:04 0x : c62e62ac 6eb88db8
08/11/25 19:08:04 -> : send IKE packet 192.168.2.5:500 -> 1.2.3.4:500  
( 96 bytes )
08/11/25 19:08:04 0x : 45000060 54130000 40111f6b c0a80205 ce7475ed  
01f401f4 004c23d3 074c69b8
08/11/25 19:08:04 0x : a3b74741 d4d7b135 9e30be21 08100601 c4a7fa40  
00000044 7e316f7f ffd3e450
08/11/25 19:08:04 0x : fafd867c 286f9645 baaf5f98 0fe81d81 cbf9e4f8  
5b1e39dd c62e62ac 6eb88db8
08/11/25 19:08:04 DB : config resend event scheduled ( ref count = 2 )
08/11/25 19:08:04 DB : config ref decrement ( ref count = 1, obj count  
= 1 )
08/11/25 19:08:04 DB : phase1 ref increment ( ref count = 2, obj count  
= 1 )
08/11/25 19:08:04 DB : phase1 ref increment ( ref count = 3, obj count  
= 1 )
08/11/25 19:08:04 DB : phase1 ref increment ( ref count = 4, obj count  
= 1 )
08/11/25 19:08:04 DB : phase2 not found
08/11/25 19:08:04 DB : phase1 ref decrement ( ref count = 3, obj count  
= 1 )
08/11/25 19:08:09 -> : resend 1 config packet(s) 192.168.2.5:500 ->  
1.2.3.4:500
08/11/25 19:08:14 -> : resend 1 config packet(s) 192.168.2.5:500 ->  
1.2.3.4:500
08/11/25 19:08:19 -> : resend 1 config packet(s) 192.168.2.5:500 ->  
1.2.3.4:500
08/11/25 19:08:24 ii : resend limit exceeded for config exchange
08/11/25 19:08:24 DB : config deleted ( obj count = 0 )
08/11/25 19:08:24 DB : tunnel ref decrement ( ref count = 3, obj count  
= 1 )

On the DI-804HV, everything looks good until I get the following log  
message:

Receive XAUTH (REQUEST): 5.6.7.8 -> 1.2.3.4, but router is not in  
client mode

Does this suggest anything?

Thanks in advance for any help,
Ron

More information about the vpn-help mailing list