[Vpn-help] Connection to Linksys BEFVP41
Gabor Boros
gaborboros at yahoo.com
Fri Feb 20 07:38:26 CST 2009
Now I tried from local and the result is same.
See below for the log.
Matthew Grooms írta:
> Do you have the complete log output?
09/02/20 14:35:31 ## : IKE Daemon, ver 2.1.4
09/02/20 14:35:31 ## : Copyright 2008 Shrew Soft Inc.
09/02/20 14:35:31 ## : This product linked OpenSSL 0.9.8h 28 May 2008
09/02/20 14:35:31 ii : opened 'C:\Program Files\ShrewSoft\VPN
Client\debug\iked.log'
09/02/20 14:35:31 ii : rebuilding vnet device list ...
09/02/20 14:35:31 ii : device ROOT\VNET\0000 disabled
09/02/20 14:35:31 ii : network process thread begin ...
09/02/20 14:35:31 ii : pfkey process thread begin ...
09/02/20 14:35:31 ii : ipc server process thread begin ...
09/02/20 14:35:38 ii : ipc client process thread begin ...
09/02/20 14:35:38 <A : peer config add message
09/02/20 14:35:38 DB : peer added ( obj count = 1 )
09/02/20 14:35:38 ii : local address 192.168.2.28:500 selected for peer
09/02/20 14:35:38 DB : tunnel added ( obj count = 1 )
09/02/20 14:35:38 <A : proposal config message
09/02/20 14:35:38 <A : proposal config message
09/02/20 14:35:38 <A : proposal config message
09/02/20 14:35:38 <A : client config message
09/02/20 14:35:38 <A : local id '192.168.2.28' message
09/02/20 14:35:38 <A : remote id '192.168.2.251' message
09/02/20 14:35:38 <A : preshared key message
09/02/20 14:35:38 <A : remote resource message
09/02/20 14:35:38 <A : peer tunnel enable message
09/02/20 14:35:38 DB : new phase1 ( ISAKMP initiator )
09/02/20 14:35:38 DB : exchange type is identity protect
09/02/20 14:35:38 DB : 192.168.2.28:500 <-> 192.168.2.251:500
09/02/20 14:35:38 DB : 71dacf50aa118fa4:0000000000000000
09/02/20 14:35:38 DB : phase1 added ( obj count = 1 )
09/02/20 14:35:38 >> : security association payload
09/02/20 14:35:38 >> : - proposal #1 payload
09/02/20 14:35:38 >> : -- transform #1 payload
09/02/20 14:35:38 >> : vendor id payload
09/02/20 14:35:38 ii : local supports nat-t ( draft v00 )
09/02/20 14:35:38 >> : vendor id payload
09/02/20 14:35:38 ii : local supports nat-t ( draft v01 )
09/02/20 14:35:38 >> : vendor id payload
09/02/20 14:35:38 ii : local supports nat-t ( draft v02 )
09/02/20 14:35:38 >> : vendor id payload
09/02/20 14:35:38 ii : local supports nat-t ( draft v03 )
09/02/20 14:35:38 >> : vendor id payload
09/02/20 14:35:38 ii : local supports nat-t ( rfc )
09/02/20 14:35:38 >> : vendor id payload
09/02/20 14:35:38 ii : local supports DPDv1
09/02/20 14:35:38 >> : vendor id payload
09/02/20 14:35:38 ii : local is SHREW SOFT compatible
09/02/20 14:35:38 >> : vendor id payload
09/02/20 14:35:38 ii : local is NETSCREEN compatible
09/02/20 14:35:38 >> : vendor id payload
09/02/20 14:35:38 ii : local is SIDEWINDER compatible
09/02/20 14:35:38 >> : vendor id payload
09/02/20 14:35:38 ii : local is CISCO UNITY compatible
09/02/20 14:35:38 >= : cookies 71dacf50aa118fa4:0000000000000000
09/02/20 14:35:38 >= : message 00000000
09/02/20 14:35:38 -> : send IKE packet 192.168.2.28:500 ->
192.168.2.251:500 ( 316 bytes )
09/02/20 14:35:38 DB : phase1 resend event scheduled ( ref count = 2 )
09/02/20 14:35:39 <- : recv IKE packet 192.168.2.251:500 ->
192.168.2.28:500 ( 84 bytes )
09/02/20 14:35:39 DB : phase1 found
09/02/20 14:35:39 ii : processing phase1 packet ( 84 bytes )
09/02/20 14:35:39 =< : cookies 71dacf50aa118fa4:2b932664220f8425
09/02/20 14:35:39 =< : message 00000000
09/02/20 14:35:39 << : security association payload
09/02/20 14:35:39 << : - propsal #1 payload
09/02/20 14:35:39 << : -- transform #1 payload
09/02/20 14:35:39 ii : matched isakmp proposal #1 transform #1
09/02/20 14:35:39 ii : - transform = ike
09/02/20 14:35:39 ii : - cipher type = 3des
09/02/20 14:35:39 ii : - key length = default
09/02/20 14:35:39 ii : - hash type = sha1
09/02/20 14:35:39 ii : - dh group = modp-1024
09/02/20 14:35:39 ii : - auth type = psk
09/02/20 14:35:39 ii : - life seconds = 86400
09/02/20 14:35:39 ii : - life kbytes = 0
09/02/20 14:35:39 >> : key exchange payload
09/02/20 14:35:39 >> : nonce payload
09/02/20 14:35:39 >= : cookies 71dacf50aa118fa4:2b932664220f8425
09/02/20 14:35:39 >= : message 00000000
09/02/20 14:35:39 DB : phase1 resend event canceled ( ref count = 1 )
09/02/20 14:35:39 -> : send IKE packet 192.168.2.28:500 ->
192.168.2.251:500 ( 212 bytes )
09/02/20 14:35:39 DB : phase1 resend event scheduled ( ref count = 2 )
09/02/20 14:35:40 <- : recv IKE packet 192.168.2.251:500 ->
192.168.2.28:500 ( 184 bytes )
09/02/20 14:35:40 DB : phase1 found
09/02/20 14:35:40 ii : processing phase1 packet ( 184 bytes )
09/02/20 14:35:40 =< : cookies 71dacf50aa118fa4:2b932664220f8425
09/02/20 14:35:40 =< : message 00000000
09/02/20 14:35:40 << : key exchange payload
09/02/20 14:35:40 << : nonce payload
09/02/20 14:35:40 ii : nat-t is unsupported by remote peer
09/02/20 14:35:40 == : DH shared secret ( 128 bytes )
09/02/20 14:35:40 == : SETKEYID ( 20 bytes )
09/02/20 14:35:40 == : SETKEYID_d ( 20 bytes )
09/02/20 14:35:40 == : SETKEYID_a ( 20 bytes )
09/02/20 14:35:40 == : SETKEYID_e ( 20 bytes )
09/02/20 14:35:40 == : cipher key ( 40 bytes )
09/02/20 14:35:40 == : cipher iv ( 8 bytes )
09/02/20 14:35:40 >> : identification payload
09/02/20 14:35:40 == : phase1 hash_i ( computed ) ( 20 bytes )
09/02/20 14:35:40 >> : hash payload
09/02/20 14:35:40 >= : cookies 71dacf50aa118fa4:2b932664220f8425
09/02/20 14:35:40 >= : message 00000000
09/02/20 14:35:40 >= : encrypt iv ( 8 bytes )
09/02/20 14:35:40 == : encrypt packet ( 64 bytes )
09/02/20 14:35:40 == : stored iv ( 8 bytes )
09/02/20 14:35:40 DB : phase1 resend event canceled ( ref count = 1 )
09/02/20 14:35:40 -> : send IKE packet 192.168.2.28:500 ->
192.168.2.251:500 ( 96 bytes )
09/02/20 14:35:40 <- : recv IKE packet 192.168.2.251:500 ->
192.168.2.28:500 ( 68 bytes )
09/02/20 14:35:40 DB : phase1 found
09/02/20 14:35:40 ii : processing phase1 packet ( 68 bytes )
09/02/20 14:35:40 =< : cookies 71dacf50aa118fa4:2b932664220f8425
09/02/20 14:35:40 =< : message 00000000
09/02/20 14:35:40 =< : decrypt iv ( 8 bytes )
09/02/20 14:35:40 == : decrypt packet ( 68 bytes )
09/02/20 14:35:40 <= : trimmed packet padding ( 4 bytes )
09/02/20 14:35:40 <= : stored iv ( 8 bytes )
09/02/20 14:35:40 << : identification payload
09/02/20 14:35:40 ii : phase1 id match ( natt prevents ip match )
09/02/20 14:35:40 ii : received = ipv4-host 192.168.2.251
09/02/20 14:35:40 << : hash payload
09/02/20 14:35:40 == : phase1 hash_r ( computed ) ( 20 bytes )
09/02/20 14:35:40 == : phase1 hash_r ( received ) ( 20 bytes )
09/02/20 14:35:40 ii : phase1 sa established
09/02/20 14:35:40 ii : 192.168.2.251:500 <-> 192.168.2.28:500
09/02/20 14:35:40 ii : 71dacf50aa118fa4:2b932664220f8425
09/02/20 14:35:40 ii : sending peer INITIAL-CONTACT notification
09/02/20 14:35:40 ii : - 192.168.2.28:500 -> 192.168.2.251:500
09/02/20 14:35:40 ii : - isakmp spi = 71dacf50aa118fa4:2b932664220f8425
09/02/20 14:35:40 ii : - data size 0
09/02/20 14:35:40 >> : hash payload
09/02/20 14:35:40 >> : notification payload
09/02/20 14:35:40 == : new informational hash ( 20 bytes )
09/02/20 14:35:40 == : new informational iv ( 8 bytes )
09/02/20 14:35:40 >= : cookies 71dacf50aa118fa4:2b932664220f8425
09/02/20 14:35:40 >= : message 2fc28de5
09/02/20 14:35:40 >= : encrypt iv ( 8 bytes )
09/02/20 14:35:40 == : encrypt packet ( 80 bytes )
09/02/20 14:35:40 == : stored iv ( 8 bytes )
09/02/20 14:35:40 -> : send IKE packet 192.168.2.28:500 ->
192.168.2.251:500 ( 112 bytes )
09/02/20 14:35:40 DB : config added ( obj count = 1 )
09/02/20 14:35:40 ii : configuration method is manual
09/02/20 14:35:40 DB : phase2 not found
09/02/20 14:35:41 <- : recv IKE packet 192.168.2.251:500 ->
192.168.2.28:500 ( 292 bytes )
09/02/20 14:35:41 DB : phase1 found
09/02/20 14:35:41 ii : processing phase2 packet ( 292 bytes )
09/02/20 14:35:41 DB : phase2 not found
09/02/20 14:35:41 DB : new phase2 ( IPSEC responder )
09/02/20 14:35:41 DB : phase2 added ( obj count = 1 )
09/02/20 14:35:41 == : new phase2 iv ( 8 bytes )
09/02/20 14:35:41 =< : cookies 71dacf50aa118fa4:2b932664220f8425
09/02/20 14:35:41 =< : message 716784e0
09/02/20 14:35:41 =< : decrypt iv ( 8 bytes )
09/02/20 14:35:41 == : decrypt packet ( 292 bytes )
09/02/20 14:35:41 <= : trimmed packet padding ( 4 bytes )
09/02/20 14:35:41 <= : stored iv ( 8 bytes )
09/02/20 14:35:41 << : hash payload
09/02/20 14:35:41 << : security association payload
09/02/20 14:35:41 << : - propsal #1 payload
09/02/20 14:35:41 << : -- transform #1 payload
09/02/20 14:35:41 << : nonce payload
09/02/20 14:35:41 << : key exchange payload
09/02/20 14:35:41 << : identification payload
09/02/20 14:35:41 << : identification payload
09/02/20 14:35:41 !! : unhandled ipv4 id type 'none'( 0 )
09/02/20 14:35:41 ii : phase2 removal before expire time
09/02/20 14:35:41 DB : phase2 deleted ( obj count = 0 )
09/02/20 14:35:42 ii : waiting for vnet to arrive ...
09/02/20 14:35:43 ii : VNET adapter MTU is 1520
09/02/20 14:35:43 ii : enabled adapter ROOT\VNET\0000
09/02/20 14:35:43 ii : creating IPSEC INBOUND policy
ANY:192.168.1.0/24:* -> ANY:10.10.10.2:*
09/02/20 14:35:43 DB : policy added ( obj count = 1 )
09/02/20 14:35:43 K> : send pfkey X_SPDADD UNSPEC message
09/02/20 14:35:43 K< : recv pfkey X_SPDADD UNSPEC message
09/02/20 14:35:43 DB : policy found
09/02/20 14:35:43 ii : creating IPSEC OUTBOUND policy ANY:10.10.10.2:*
-> ANY:192.168.1.0/24:*
09/02/20 14:35:44 ii : created IPSEC policy route for 192.168.1.0/24
09/02/20 14:35:44 DB : policy added ( obj count = 2 )
09/02/20 14:35:44 K> : send pfkey X_SPDADD UNSPEC message
09/02/20 14:35:44 ii : split DNS is disabled
09/02/20 14:35:44 K< : recv pfkey X_SPDADD UNSPEC message
09/02/20 14:35:44 DB : policy found
09/02/20 14:35:44 ii : calling init phase2 for nailed policy
09/02/20 14:35:44 DB : policy found
09/02/20 14:35:44 DB : policy found
09/02/20 14:35:44 DB : tunnel found
09/02/20 14:35:44 DB : new phase2 ( IPSEC initiator )
09/02/20 14:35:44 DB : phase2 added ( obj count = 1 )
09/02/20 14:35:44 K> : send pfkey GETSPI ESP message
09/02/20 14:35:44 K< : recv pfkey GETSPI ESP message
09/02/20 14:35:44 DB : phase2 found
09/02/20 14:35:44 ii : updated spi for 1 ipsec-esp proposal
09/02/20 14:35:44 DB : phase1 found
09/02/20 14:35:44 >> : hash payload
09/02/20 14:35:44 >> : security association payload
09/02/20 14:35:44 >> : - proposal #1 payload
09/02/20 14:35:44 >> : -- transform #1 payload
09/02/20 14:35:44 >> : nonce payload
09/02/20 14:35:44 >> : key exchange payload
09/02/20 14:35:44 >> : identification payload
09/02/20 14:35:44 >> : identification payload
09/02/20 14:35:44 == : phase2 hash_i ( input ) ( 244 bytes )
09/02/20 14:35:44 == : phase2 hash_i ( computed ) ( 20 bytes )
09/02/20 14:35:44 == : new phase2 iv ( 8 bytes )
09/02/20 14:35:44 >= : cookies 71dacf50aa118fa4:2b932664220f8425
09/02/20 14:35:44 >= : message f184f74c
09/02/20 14:35:44 >= : encrypt iv ( 8 bytes )
09/02/20 14:35:44 == : encrypt packet ( 292 bytes )
09/02/20 14:35:44 == : stored iv ( 8 bytes )
09/02/20 14:35:44 -> : send IKE packet 192.168.2.28:500 ->
192.168.2.251:500 ( 320 bytes )
09/02/20 14:35:44 DB : phase2 resend event scheduled ( ref count = 2 )
09/02/20 14:35:49 -> : resend 1 phase2 packet(s) 192.168.2.28:500 ->
192.168.2.251:500
09/02/20 14:35:54 -> : resend 1 phase2 packet(s) 192.168.2.28:500 ->
192.168.2.251:500
09/02/20 14:35:59 -> : resend 1 phase2 packet(s) 192.168.2.28:500 ->
192.168.2.251:500
09/02/20 14:36:04 -> : resend 1 phase2 packet(s) 192.168.2.28:500 ->
192.168.2.251:500
09/02/20 14:36:09 -> : resend 1 phase2 packet(s) 192.168.2.28:500 ->
192.168.2.251:500
09/02/20 14:36:14 -> : resend 1 phase2 packet(s) 192.168.2.28:500 ->
192.168.2.251:500
09/02/20 14:36:19 -> : resend 1 phase2 packet(s) 192.168.2.28:500 ->
192.168.2.251:500
09/02/20 14:36:24 -> : resend 1 phase2 packet(s) 192.168.2.28:500 ->
192.168.2.251:500
Cancelled by me.
09/02/20 14:36:27 <A : peer tunnel disable message
09/02/20 14:36:27 DB : policy found
09/02/20 14:36:27 ii : removing IPSEC INBOUND policy
ANY:192.168.1.0/24:* -> ANY:10.10.10.2:*
09/02/20 14:36:27 K> : send pfkey X_SPDDELETE2 UNSPEC message
09/02/20 14:36:27 K< : recv pfkey X_SPDDELETE2 UNSPEC message
09/02/20 14:36:27 DB : policy found
09/02/20 14:36:27 ii : removing IPSEC OUTBOUND policy ANY:10.10.10.2:*
-> ANY:192.168.1.0/24:*
09/02/20 14:36:27 K> : send pfkey X_SPDDELETE2 UNSPEC message
09/02/20 14:36:27 ii : removed IPSEC policy route for ANY:192.168.1.0/24:*
09/02/20 14:36:27 DB : policy found
09/02/20 14:36:27 DB : policy deleted ( obj count = 1 )
09/02/20 14:36:27 K< : recv pfkey X_SPDDELETE2 UNSPEC message
09/02/20 14:36:27 DB : policy found
09/02/20 14:36:27 DB : policy deleted ( obj count = 0 )
09/02/20 14:36:28 ii : disabled adapter ROOT\VNET\0000
09/02/20 14:36:28 DB : tunnel stats event canceled ( ref count = 4 )
09/02/20 14:36:28 DB : removing tunnel config references
09/02/20 14:36:28 DB : config deleted ( obj count = 0 )
09/02/20 14:36:28 DB : removing tunnel phase2 references
09/02/20 14:36:28 DB : phase2 resend event canceled ( ref count = 1 )
09/02/20 14:36:28 ii : phase2 removal before expire time
09/02/20 14:36:28 DB : phase2 deleted ( obj count = 0 )
09/02/20 14:36:28 DB : removing tunnel phase1 references
09/02/20 14:36:28 DB : phase1 soft event canceled ( ref count = 3 )
09/02/20 14:36:28 DB : phase1 hard event canceled ( ref count = 2 )
09/02/20 14:36:28 DB : phase1 dead event canceled ( ref count = 1 )
09/02/20 14:36:28 ii : sending peer DELETE message
09/02/20 14:36:28 ii : - 192.168.2.28:500 -> 192.168.2.251:500
09/02/20 14:36:28 ii : - isakmp spi = 71dacf50aa118fa4:2b932664220f8425
09/02/20 14:36:28 ii : - data size 0
09/02/20 14:36:28 >> : hash payload
09/02/20 14:36:28 >> : delete payload
09/02/20 14:36:28 == : new informational hash ( 20 bytes )
09/02/20 14:36:28 == : new informational iv ( 8 bytes )
09/02/20 14:36:28 >= : cookies 71dacf50aa118fa4:2b932664220f8425
09/02/20 14:36:28 >= : message 8e3d87ba
09/02/20 14:36:28 >= : encrypt iv ( 8 bytes )
09/02/20 14:36:28 == : encrypt packet ( 80 bytes )
09/02/20 14:36:28 == : stored iv ( 8 bytes )
09/02/20 14:36:28 -> : send IKE packet 192.168.2.28:500 ->
192.168.2.251:500 ( 112 bytes )
09/02/20 14:36:28 ii : phase1 removal before expire time
09/02/20 14:36:28 DB : phase1 deleted ( obj count = 0 )
09/02/20 14:36:28 DB : tunnel deleted ( obj count = 0 )
09/02/20 14:36:28 DB : removing all peer tunnel refrences
09/02/20 14:36:28 DB : peer deleted ( obj count = 0 )
09/02/20 14:36:28 ii : ipc client process thread exit ...
More information about the vpn-help
mailing list