[Vpn-help] VPN connection problem to Zywall 5 UTM

For@ll forall at stalowka.info
Tue Feb 3 12:49:17 CST 2009 

Matthew Grooms pisze:
> Albert Czarnecki wrote:
>   
>> Hi,
>>
>>     
>
> Hi Albert,
>
>   
>> Now I configured shrew vpn client and tunnel not connected, I have error:
>>
>> configuring client settings ...
>> attached to key daemon ...
>> peer configured
>> iskamp proposal configured
>> esp proposal configured
>> client configured
>> local id configured
>> remote id configured
>> pre-shared key configured
>> bringing up tunnel ...
>> negotiation timout occurred
>> tunnel disabled
>> detached from key daemon ...
>>
>> Ok, I'm configured the same options in zywall vpn client and evrything 
>> is working. Where is a problem?
>>
>>     
>
> What does the Zywall say in its log file when the client attempts to 
> connect? There is also a log output that can be gathered from the client 
> software that may contain some clues ...
>
> http://www.shrew.net/support/wiki/BugReportVpnWindows
>
>   
Hi,

I'm configured vpn connection on my zywall 5 utm firmware version 
4.04(XD.2) and not working, below I past a debug log from shrew vpn client
I'm have Windows XP Professional sp3 and shrew vpn client 2.1.4

09/02/03 19:39:13 -> : send IKE packet 192.168.2.85:500 -> 
91.xxx.xxx.20:500 ( 224 bytes )
09/02/03 19:39:13 DB : phase1 resend event scheduled ( ref count = 2 )
09/02/03 19:39:13 <- : recv IKE packet 91.xxx.xxx.20:500 -> 
192.168.2.85:500 ( 132 bytes )
09/02/03 19:39:13 DB : phase1 found
09/02/03 19:39:13 ii : processing phase1 packet ( 132 bytes )
09/02/03 19:39:13 =< : cookies a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:13 =< : message 00000000
09/02/03 19:39:13 << : security association payload
09/02/03 19:39:13 << : - propsal #1 payload
09/02/03 19:39:13 << : -- transform #1 payload
09/02/03 19:39:13 ii : matched isakmp proposal #1 transform #1
09/02/03 19:39:13 ii : - transform    = ike
09/02/03 19:39:13 ii : - cipher type  = aes
09/02/03 19:39:13 ii : - key length   = 128 bits
09/02/03 19:39:13 ii : - hash type    = sha1
09/02/03 19:39:13 ii : - dh group     = modp-1024
09/02/03 19:39:13 ii : - auth type    = psk
09/02/03 19:39:13 ii : - life seconds = 3600
09/02/03 19:39:13 ii : - life kbytes  = 0
09/02/03 19:39:13 << : vendor id payload
09/02/03 19:39:13 ii : peer supports DPDv1
09/02/03 19:39:13 << : vendor id payload
09/02/03 19:39:13 ii : peer is ZYWALL compatible
09/02/03 19:39:13 >> : key exchange payload
09/02/03 19:39:13 >> : nonce payload
09/02/03 19:39:13 >= : cookies a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:13 >= : message 00000000
09/02/03 19:39:13 DB : phase1 resend event canceled ( ref count = 1 )
09/02/03 19:39:13 -> : send IKE packet 192.168.2.85:500 -> 
91.xxx.xxx.20:500 ( 212 bytes )
09/02/03 19:39:13 DB : phase1 resend event scheduled ( ref count = 2 )
09/02/03 19:39:14 <- : recv IKE packet 91.xxx.xxx.20:500 -> 
192.168.2.85:500 ( 184 bytes )
09/02/03 19:39:14 DB : phase1 found
09/02/03 19:39:14 ii : processing phase1 packet ( 184 bytes )
09/02/03 19:39:14 =< : cookies a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:14 =< : message 00000000
09/02/03 19:39:14 << : key exchange payload
09/02/03 19:39:14 << : nonce payload
09/02/03 19:39:14 ii : nat-t is disabled locally
09/02/03 19:39:14 == : DH shared secret ( 128 bytes )
09/02/03 19:39:14 == : SETKEYID ( 20 bytes )
09/02/03 19:39:14 == : SETKEYID_d ( 20 bytes )
09/02/03 19:39:14 == : SETKEYID_a ( 20 bytes )
09/02/03 19:39:14 == : SETKEYID_e ( 20 bytes )
09/02/03 19:39:14 == : cipher key ( 16 bytes )
09/02/03 19:39:14 == : cipher iv ( 16 bytes )
09/02/03 19:39:14 >> : identification payload
09/02/03 19:39:14 == : phase1 hash_i ( computed ) ( 20 bytes )
09/02/03 19:39:14 >> : hash payload
09/02/03 19:39:14 >= : cookies a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:14 >= : message 00000000
09/02/03 19:39:14 >= : encrypt iv ( 16 bytes )
09/02/03 19:39:14 == : encrypt packet ( 64 bytes )
09/02/03 19:39:14 == : stored iv ( 16 bytes )
09/02/03 19:39:14 DB : phase1 resend event canceled ( ref count = 1 )
09/02/03 19:39:14 -> : send IKE packet 192.168.2.85:500 -> 
91.xxx.xxx.20:500 ( 104 bytes )
09/02/03 19:39:14 <- : recv IKE packet 91.xxx.xxx.20:500 -> 
192.168.2.85:500 ( 92 bytes )
09/02/03 19:39:14 DB : phase1 found
09/02/03 19:39:14 ii : processing phase1 packet ( 92 bytes )
09/02/03 19:39:14 =< : cookies a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:14 =< : message 00000000
09/02/03 19:39:14 =< : decrypt iv ( 16 bytes )
09/02/03 19:39:14 == : decrypt packet ( 92 bytes )
09/02/03 19:39:14 <= : stored iv ( 16 bytes )
09/02/03 19:39:14 << : identification payload
09/02/03 19:39:14 ii : phase1 id match
09/02/03 19:39:14 ii : received = ipv4-host 1.2.3.4
09/02/03 19:39:14 << : hash payload
09/02/03 19:39:14 << : notification payload
09/02/03 19:39:14 == : phase1 hash_r ( computed ) ( 20 bytes )
09/02/03 19:39:14 == : phase1 hash_r ( received ) ( 20 bytes )
09/02/03 19:39:14 ii : phase1 sa established
09/02/03 19:39:14 ii : 91.xxx.xxx.20:500 <-> 192.168.2.85:500
09/02/03 19:39:14 ii : a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:14 ii : sending peer INITIAL-CONTACT notification
09/02/03 19:39:14 ii : - 192.168.2.85:500 -> 91.xxx.xxx.20:500
09/02/03 19:39:14 ii : - isakmp spi = a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:14 ii : - data size 0
09/02/03 19:39:14 >> : hash payload
09/02/03 19:39:14 >> : notification payload
09/02/03 19:39:14 == : new informational hash ( 20 bytes )
09/02/03 19:39:14 == : new informational iv ( 16 bytes )
09/02/03 19:39:14 >= : cookies a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:14 >= : message 52306962
09/02/03 19:39:14 >= : encrypt iv ( 16 bytes )
09/02/03 19:39:14 == : encrypt packet ( 80 bytes )
09/02/03 19:39:14 == : stored iv ( 16 bytes )
09/02/03 19:39:14 -> : send IKE packet 192.168.2.85:500 -> 
91.xxx.xxx.20:500 ( 120 bytes )
09/02/03 19:39:14 DB : config added ( obj count = 1 )
09/02/03 19:39:14 ii : building config attribute list
09/02/03 19:39:14 ii : - IP4 Address
09/02/03 19:39:14 ii : - Address Expiry
09/02/03 19:39:14 ii : - IP4 Netamask
09/02/03 19:39:14 == : new config iv ( 16 bytes )
09/02/03 19:39:14 ii : sending config pull request
09/02/03 19:39:14 >> : hash payload
09/02/03 19:39:14 >> : attribute payload
09/02/03 19:39:14 == : new configure hash ( 20 bytes )
09/02/03 19:39:14 >= : cookies a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:14 >= : message 85acf67f
09/02/03 19:39:14 >= : encrypt iv ( 16 bytes )
09/02/03 19:39:14 == : encrypt packet ( 72 bytes )
09/02/03 19:39:14 == : stored iv ( 16 bytes )
09/02/03 19:39:14 -> : send IKE packet 192.168.2.85:500 -> 
91.xxx.xxx.20:500 ( 104 bytes )
09/02/03 19:39:14 DB : config resend event scheduled ( ref count = 2 )
09/02/03 19:39:14 DB : phase2 not found
09/02/03 19:39:19 -> : resend 1 config packet(s) 192.168.2.85:500 -> 
91.xxx.xxx.20:500
09/02/03 19:39:19 <- : recv IKE packet 91.xxx.xxx.20:500 -> 
192.168.2.85:500 ( 92 bytes )
09/02/03 19:39:19 DB : phase1 found
09/02/03 19:39:19 ii : processing informational packet ( 92 bytes )
09/02/03 19:39:19 == : new informational iv ( 16 bytes )
09/02/03 19:39:19 =< : cookies a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:19 =< : message 340bdc26
09/02/03 19:39:19 =< : decrypt iv ( 16 bytes )
09/02/03 19:39:19 == : decrypt packet ( 92 bytes )
09/02/03 19:39:19 <= : trimmed packet padding ( 12 bytes )
09/02/03 19:39:19 <= : stored iv ( 16 bytes )
09/02/03 19:39:19 << : hash payload
09/02/03 19:39:19 << : notification payload
09/02/03 19:39:19 == : informational hash_i ( computed ) ( 20 bytes )
09/02/03 19:39:19 == : informational hash_c ( received ) ( 20 bytes )
09/02/03 19:39:19 ii : informational hash verified
09/02/03 19:39:19 ii : received peer PAYLOAD-MALFORMED notification
09/02/03 19:39:19 ii : - 91.xxx.xxx.20:500 -> 192.168.2.85:500
09/02/03 19:39:19 ii : - isakmp spi = a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:19 ii : - data size 0
09/02/03 19:39:24 -> : resend 1 config packet(s) 192.168.2.85:500 -> 
91.xxx.xxx.20:500
09/02/03 19:39:24 <- : recv IKE packet 91.xxx.xxx.20:500 -> 
192.168.2.85:500 ( 92 bytes )
09/02/03 19:39:24 DB : phase1 found
09/02/03 19:39:24 ii : processing informational packet ( 92 bytes )
09/02/03 19:39:24 == : new informational iv ( 16 bytes )
09/02/03 19:39:24 =< : cookies a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:24 =< : message 7ee6b780
09/02/03 19:39:24 =< : decrypt iv ( 16 bytes )
09/02/03 19:39:24 == : decrypt packet ( 92 bytes )
09/02/03 19:39:24 <= : trimmed packet padding ( 12 bytes )
09/02/03 19:39:24 <= : stored iv ( 16 bytes )
09/02/03 19:39:24 << : hash payload
09/02/03 19:39:24 << : notification payload
09/02/03 19:39:24 == : informational hash_i ( computed ) ( 20 bytes )
09/02/03 19:39:24 == : informational hash_c ( received ) ( 20 bytes )
09/02/03 19:39:24 ii : informational hash verified
09/02/03 19:39:24 ii : received peer PAYLOAD-MALFORMED notification
09/02/03 19:39:24 ii : - 91.xxx.xxx.20:500 -> 192.168.2.85:500
09/02/03 19:39:24 ii : - isakmp spi = a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:24 ii : - data size 0
09/02/03 19:39:29 -> : resend 1 config packet(s) 192.168.2.85:500 -> 
91.xxx.xxx.20:500
09/02/03 19:39:29 <- : recv IKE packet 91.xxx.xxx.20:500 -> 
192.168.2.85:500 ( 92 bytes )
09/02/03 19:39:29 DB : phase1 found
09/02/03 19:39:29 ii : processing informational packet ( 92 bytes )
09/02/03 19:39:29 == : new informational iv ( 16 bytes )
09/02/03 19:39:29 =< : cookies a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:29 =< : message 63994d47
09/02/03 19:39:29 =< : decrypt iv ( 16 bytes )
09/02/03 19:39:29 == : decrypt packet ( 92 bytes )
09/02/03 19:39:29 <= : trimmed packet padding ( 12 bytes )
09/02/03 19:39:29 <= : stored iv ( 16 bytes )
09/02/03 19:39:29 << : hash payload
09/02/03 19:39:29 << : notification payload
09/02/03 19:39:29 == : informational hash_i ( computed ) ( 20 bytes )
09/02/03 19:39:29 == : informational hash_c ( received ) ( 20 bytes )
09/02/03 19:39:29 ii : informational hash verified
09/02/03 19:39:29 ii : received peer PAYLOAD-MALFORMED notification
09/02/03 19:39:29 ii : - 91.xxx.xxx.20:500 -> 192.168.2.85:500
09/02/03 19:39:29 ii : - isakmp spi = a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:39:29 ii : - data size 0
09/02/03 19:39:34 ii : resend limit exceeded for config exchange
09/02/03 19:39:34 DB : config deleted ( obj count = 0 )
09/02/03 19:41:11 <- : recv IKE packet 91.xxx.xxx.20:500 -> 
192.168.2.85:500 ( 92 bytes )
09/02/03 19:41:11 DB : phase1 found
09/02/03 19:41:11 ii : processing informational packet ( 92 bytes )
09/02/03 19:41:11 == : new informational iv ( 16 bytes )
09/02/03 19:41:11 =< : cookies a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:41:11 =< : message db10d3aa
09/02/03 19:41:11 =< : decrypt iv ( 16 bytes )
09/02/03 19:41:11 == : decrypt packet ( 92 bytes )
09/02/03 19:41:11 <= : trimmed packet padding ( 12 bytes )
09/02/03 19:41:11 <= : stored iv ( 16 bytes )
09/02/03 19:41:11 << : hash payload
09/02/03 19:41:11 << : delete payload
09/02/03 19:41:11 == : informational hash_i ( computed ) ( 20 bytes )
09/02/03 19:41:11 == : informational hash_c ( received ) ( 20 bytes )
09/02/03 19:41:11 ii : informational hash verified
09/02/03 19:41:11 ii : received peer DELETE message
09/02/03 19:41:11 ii : - 91.xxx.xxx.20:500 -> 192.168.2.85:500
09/02/03 19:41:11 ii : - isakmp spi = a719a953bc8a3944:30db79c7bb76fcb9
09/02/03 19:41:11 DB : phase1 found
09/02/03 19:41:11 ii : cleanup, marked phase1 
a719a953bc8a3944:30db79c7bb76fcb9 for removal
09/02/03 19:41:11 DB : phase1 soft event canceled ( ref count = 4 )
09/02/03 19:41:11 DB : phase1 hard event canceled ( ref count = 3 )
09/02/03 19:41:11 DB : phase1 dead event canceled ( ref count = 2 )
09/02/03 19:41:11 ii : phase1 removal before expire time
09/02/03 19:41:11 DB : phase1 not found
09/02/03 19:41:11 DB : phase1 deleted ( obj count = 0 )
09/02/03 19:41:11 DB : policy not found
09/02/03 19:41:11 DB : policy not found
09/02/03 19:41:11 DB : tunnel stats event canceled ( ref count = 1 )
09/02/03 19:41:11 DB : removing tunnel config references
09/02/03 19:41:11 DB : removing tunnel phase2 references
09/02/03 19:41:11 DB : removing tunnel phase1 references
09/02/03 19:41:11 DB : tunnel deleted ( obj count = 0 )
09/02/03 19:41:12 DB : removing all peer tunnel refrences
09/02/03 19:41:12 DB : peer deleted ( obj count = 0 )
09/02/03 19:41:12 ii : ipc client process thread exit ...


Regards,

Albert

More information about the vpn-help mailing list