[Vpn-help] pcf and certificate imported, but gateway authentication error [2.1.5 rc1]
Daniel Sabanes Bove
daniel.sabanesbove at gmx.net
Thu Jul 9 04:45:54 CDT 2009
Aaron,
thanks for your help.
No, the shrew authentication tab is "Hybrid GRP + XAuth" (mode 5 in the
pcf file). I really need the imported certificate! I have tried to
connect to the VPN via my openSUSE Linux box, with another vpnc
frontend, and without the certificate, yet without success. I would not
say that this is a standard cisco server...
Regards,
Daniel
-------- Original Message --------
Subject: Re: [Vpn-help] pcf and certificate imported, but gateway
authentication error [2.1.5 rc1]
From: Aaron Herkomer <aherkomer at techvision.com>
To: Daniel Sabanes Bove <daniel.sabanesbove at gmx.net>
Date: Wed Jul 08 2009 20:08:05 GMT+0200 (CEST)
> Daniel-
>
> Yes, I wasn't asking for the group p/w, just that you need it to use
> the VPNC client (it has no .pcf import).
> You probably don't need the pre and post scripts if you have a fairly
> standard config on your cisco (I don't use them).
> If you don't get shrew to work, go ahead and try the VPNC without the
> scripts. You should just need VPN address, group name and pass, and
> user name and pass.
>
> The shrew authentication tab is setting to /Mutual PSK + XAuth,/ correct?
> You also may want to try re-typing the group password in shrew after
> the .pcf import.
>
> Sorry if I'm no help... Good luck!
>
> -Aaron
>
> On Wed, Jul 8, 2009 at 10:52 AM, Daniel Sabanes Bove
> <daniel.sabanesbove at gmx.net <mailto:daniel.sabanesbove at gmx.net>> wrote:
>
> Aaron,
>
> thanks for the quick response! Yes, I do know the group password, but
> did not want to share it with the whole world :-)
> I have tried the VPNC Front End you mention, but it needs some manual
> adjustments (the pre- and postscripts mentioned in the linked
> web-page).
> Since I am not experienced with the VPN internals, I do not want
> to mess
> around with such things.
>
> And I thought I was so close to the ShrewSoft solution, but it did not
> work... but perhaps this can be solved?
>
> Regards,
> Daniel
>
> -------- Original Message --------
> Subject: Re: [Vpn-help] pcf and certificate imported, but gateway
> authentication error [2.1.5 rc1]
> From: Aaron Herkomer <aherkomer at techvision.com
> <mailto:aherkomer at techvision.com>>
> To: Daniel Sabanes Bove <daniel.sabanesbove at gmx.net
> <mailto:daniel.sabanesbove at gmx.net>>
> Date: Wed Jul 08 2009 19:06:08 GMT+0200 (CEST)
> > Daniel-
> >
> > Do you know the group password? If so you can try this build of
> VPNC
> created by the university of Akron:
> > http://support.uakron.edu/wiki/index.php/VPNC
> > I use it for all 64-bit windows clients.
> >
> > -Aaron
> >
> > On Wed, Jul 8, 2009 at 9:52 AM, Daniel Sabanes Bove
> <daniel.sabanesbove at gmx.net <mailto:daniel.sabanesbove at gmx.net>
> <mailto:daniel.sabanesbove at gmx.net
> <mailto:daniel.sabanesbove at gmx.net>>> wrote:
> >
> > Hi,
> >
> > I would like to connect to a university VPN using the ShrewSoft VPN
> > client 2.1.5 rc1.
> >
> > After importing the pcf configuration file [find it attached,
> but the
> > group password has been deleted] originally made for the Cisco VPN
> > client, and also pointing to the correct root certificate, I was not
> > able to get a connection. I always got a "gateway authentication
> > error". I also tried several modifications of the imported VPN
> > profile, without success - it got even worse with negotiation time
> > outs etc.
> >
> > Exactly the same procedure with Cisco VPN client 5.0.0.3
> succeeded, on
> > the same Windows XP 32bit, on the same physical computer.
> >
> > What am I doing wrong? I also attach a log file where a correct
> Cisco
> > VPN connection is logged. How can I log the ShrewSoft VPN client?
> >
> > Thank you very much in advance!
> > Daniel
> >
>
> Cisco Systems VPN Client Version 5.0.03.0530
> Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
> Client Type(s): Windows, WinNT
> Running on: 5.1.2600 Service Pack 3
> Config file directory: C:\Programme\Cisco Systems\VPN Client\
>
> 1 13:45:19.804 07/08/09 Sev=Info/6 IKE/0x63000055
> Sent a keepalive on the IPSec SA
>
> 2 13:45:21.587 07/08/09 Sev=Info/6 GUI/0x63B0000D
> Disconnecting VPN connection.
>
> 3 13:45:21.587 07/08/09 Sev=Info/4 CM/0x6310000A
> Secure connections terminated
>
> 4 13:45:21.587 07/08/09 Sev=Info/4 IKE/0x63000001
> IKE received signal to terminate VPN connection
>
> 5 13:45:21.587 07/08/09 Sev=Info/4 IKE/0x63000013
> SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 137.250.140.242
>
> 6 13:45:21.587 07/08/09 Sev=Info/5 IKE/0x63000018
> Deleting IPsec SA: (OUTBOUND SPI = 6E4718D1 INBOUND SPI = 1969986D)
>
> 7 13:45:21.587 07/08/09 Sev=Info/4 IKE/0x63000049
> Discarding IPsec SA negotiation, MsgID=B80433D4
>
> 8 13:45:21.587 07/08/09 Sev=Info/4 IKE/0x63000017
> Marking IKE SA for deletion (I_Cookie=A39B8823916D6910
> R_Cookie=A7C7EFC9B93A3CD1) reason = DEL_REASON_RESET_SADB
>
> 9 13:45:21.587 07/08/09 Sev=Info/4 IKE/0x63000013
> SENDING >>> ISAKMP OAK INFO *(HASH, DWR) to 137.250.140.242
>
> 10 13:45:21.597 07/08/09 Sev=Info/5 CVPND/0x63400013
> Destination Netmask Gateway Interface
> Metric
> 0.0.0.0 0.0.0.0 137.250.137.175
> 137.250.137.175 1
> 127.0.0.0 255.0.0.0 127.0.0.1
> 127.0.0.1 1
> 137.250.136.0 255.255.252.0 137.250.137.175
> 137.250.137.175 20
> 137.250.137.175 255.255.255.255 127.0.0.1
> 127.0.0.1 20
> 137.250.140.242 255.255.255.255 192.168.1.1
> 192.168.1.4 1
> 137.250.255.255 255.255.255.255 137.250.137.175
> 137.250.137.175 20
> 192.168.1.0 255.255.255.0 192.168.1.4
> 192.168.1.4 20
> 192.168.1.4 255.255.255.255 127.0.0.1
> 127.0.0.1 20
> 192.168.1.255 255.255.255.255 192.168.1.4
> 192.168.1.4 20
> 224.0.0.0 240.0.0.0 137.250.137.175
> 137.250.137.175 20
> 224.0.0.0 240.0.0.0 192.168.1.4
> 192.168.1.4 20
> 255.255.255.255 255.255.255.255 137.250.137.175
> 137.250.137.175 1
> 255.255.255.255 255.255.255.255 192.168.1.4
> 192.168.1.4 1
>
>
> 11 13:45:21.607 07/08/09 Sev=Info/6 CM/0x63100037
> The routing table was returned to original state prior to Virtual
> Adapter
>
> 12 13:45:22.178 07/08/09 Sev=Info/5 CVPND/0x63400013
> Destination Netmask Gateway Interface
> Metric
> 0.0.0.0 0.0.0.0 192.168.1.1
> 192.168.1.4 20
> 127.0.0.0 255.0.0.0 127.0.0.1
> 127.0.0.1 1
> 192.168.1.0 255.255.255.0 192.168.1.4
> 192.168.1.4 20
> 192.168.1.4 255.255.255.255 127.0.0.1
> 127.0.0.1 20
> 192.168.1.255 255.255.255.255 192.168.1.4
> 192.168.1.4 20
> 224.0.0.0 240.0.0.0 192.168.1.4
> 192.168.1.4 20
> 255.255.255.255 255.255.255.255 192.168.1.4
> 192.168.1.4 1
>
>
> 13 13:45:22.178 07/08/09 Sev=Info/4 CM/0x63100035
> The Virtual Adapter was disabled
>
> 14 13:45:22.178 07/08/09 Sev=Info/4 IKE/0x6300004B
> Discarding IKE SA negotiation (I_Cookie=A39B8823916D6910
> R_Cookie=A7C7EFC9B93A3CD1) reason = DEL_REASON_RESET_SADB
>
> 15 13:45:22.178 07/08/09 Sev=Info/4 CM/0x63100013
> Phase 1 SA deleted cause by DEL_REASON_RESET_SADB. 0 Crypto
> Active IKE
> SA, 0 User Authenticated IKE SA in the system
>
> 16 13:45:22.178 07/08/09 Sev=Info/5 CM/0x63100025
> Initializing CVPNDrv
>
> 17 13:45:22.178 07/08/09 Sev=Info/6 CM/0x63100031
> Tunnel to headend device 137.250.140.242 disconnected: duration: 0
> days
> 0:1:43
>
> 18 13:45:22.188 07/08/09 Sev=Info/6 CM/0x63100046
> Set tunnel established flag in registry to 0.
>
> 19 13:45:22.198 07/08/09 Sev=Info/4 IKE/0x63000086
> Microsoft IPSec Policy Agent service started successfully
>
> 20 13:45:22.198 07/08/09 Sev=Info/5 CM/0x63100025
> Initializing CVPNDrv
>
> 21 13:45:22.208 07/08/09 Sev=Info/6 CM/0x63100046
> Set tunnel established flag in registry to 0.
>
> 22 13:45:22.208 07/08/09 Sev=Info/4 IPSEC/0x63700013
> Delete internal key with SPI=0x6d986919
>
> 23 13:45:22.208 07/08/09 Sev=Info/4 IPSEC/0x6370000C
> Key deleted by SPI 0x6d986919
>
> 24 13:45:22.208 07/08/09 Sev=Info/4 IPSEC/0x63700013
> Delete internal key with SPI=0xd118476e
>
> 25 13:45:22.208 07/08/09 Sev=Info/4 IPSEC/0x6370000C
> Key deleted by SPI 0xd118476e
>
> 26 13:45:22.208 07/08/09 Sev=Info/4 IPSEC/0x63700014
> Deleted all keys
>
> 27 13:45:22.208 07/08/09 Sev=Info/4 IPSEC/0x63700014
> Deleted all keys
>
> 28 13:45:22.208 07/08/09 Sev=Info/4 IPSEC/0x6370000A
> IPSec driver successfully stopped
>
> 29 13:45:22.208 07/08/09 Sev=Info/4 IPSEC/0x63700014
> Deleted all keys
>
> 30 13:45:23.249 07/08/09 Sev=Info/4 CM/0x63100002
> Begin connection process
>
> 31 13:45:23.269 07/08/09 Sev=Info/4 CVPND/0xE3400001
> Microsoft IPSec Policy Agent service stopped successfully
>
> 32 13:45:23.269 07/08/09 Sev=Info/4 CM/0x63100004
> Establish secure connection
>
> 33 13:45:23.269 07/08/09 Sev=Info/4 CM/0x63100024
> Attempt connection with server "vpn.uni-augsburg.de
> <http://vpn.uni-augsburg.de>
> <http://vpn.uni-augsburg.de>"
>
> 34 13:45:23.340 07/08/09 Sev=Info/6 IKE/0x6300003B
> Attempting to establish a connection with 137.250.140.240.
>
> 35 13:45:23.370 07/08/09 Sev=Info/4 IKE/0x63000013
> SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd),
> VID(Frag), VID(Nat-T), VID(Unity)) to 137.250.140.240
>
> 36 13:45:23.370 07/08/09 Sev=Info/4 IPSEC/0x63700008
> IPSec driver successfully started
>
> 37 13:45:23.370 07/08/09 Sev=Info/4 IPSEC/0x63700014
> Deleted all keys
>
> 38 13:45:23.370 07/08/09 Sev=Info/6 IPSEC/0x6370002C
> Sent 573 packets, 0 were fragmented.
>
> 39 13:45:23.850 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.240
>
> 40 13:45:23.850 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.240
>
> 41 13:45:23.850 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.240
>
> 42 13:45:23.850 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.240
>
> 43 13:45:23.850 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.240
>
> 44 13:45:23.850 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.240
>
> 45 13:45:23.850 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.240
>
> 46 13:45:23.850 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.240
>
> 47 13:45:23.850 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.240
>
> 48 13:45:23.850 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.240
>
> 49 13:45:23.850 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.240
>
> 50 13:45:23.860 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.240
>
> 51 13:45:23.860 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.240
>
> 52 13:45:23.860 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.240
>
> 53 13:45:23.860 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.240
>
> 54 13:45:23.860 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.240
>
> 55 13:45:23.860 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.240
>
> 56 13:45:23.860 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.240
>
> 57 13:45:23.860 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.240
>
> 58 13:45:23.860 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.240
>
> 59 13:45:23.860 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.240
>
> 60 13:45:23.860 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.240
>
> 61 13:45:23.860 07/08/09 Sev=Info/5 IKE/0x63000073
> All fragments received.
>
> 62 13:45:23.860 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, CERT, CERT, CERT, CERT,
> SIG, VID(Unity), VID(Xauth), VID(Nat-T), NAT-D, NAT-D, VID(Frag),
> VID(?), VID(?)) from 137.250.140.240
>
> 63 13:45:23.860 07/08/09 Sev=Info/4 CERT/0x6360000E
> Discarding ROOT CA cert sent from peer.
>
> 64 13:45:23.870 07/08/09 Sev=Info/4 CERT/0x63600015
> Cert (cn=vpn1.rz.uni-augsburg.de <http://vpn1.rz.uni-augsburg.de>
> <http://vpn1.rz.uni-augsburg.de>,ou=Rechenzentrum,o=Universitaet
> Augsburg,l=Augsburg,st=Bayern,c=DE) verification succeeded.
>
> 65 13:45:23.880 07/08/09 Sev=Info/5 IKE/0x63000001
> Peer is a Cisco-Unity compliant peer
>
> 66 13:45:23.880 07/08/09 Sev=Info/5 IKE/0x63000001
> Peer supports XAUTH
>
> 67 13:45:23.880 07/08/09 Sev=Info/5 IKE/0x63000001
> Peer supports NAT-T
>
> 68 13:45:23.880 07/08/09 Sev=Info/5 IKE/0x63000001
> Peer supports IKE fragmentation payloads
>
> 69 13:45:23.880 07/08/09 Sev=Info/5 IKE/0x63000001
> Peer supports DWR Code and DWR Text
>
> 70 13:45:23.900 07/08/09 Sev=Info/6 IKE/0x63000001
> IOS Vendor ID Contruction successful
>
> 71 13:45:23.900 07/08/09 Sev=Info/4 IKE/0x63000013
> SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT,
> NOTIFY:PRESHARED_KEY_HASH, NAT-D, NAT-D, VID(?), VID(Unity)) to
> 137.250.140.240
>
> 72 13:45:23.900 07/08/09 Sev=Info/6 IKE/0x63000055
> Sent a keepalive on the IPSec SA
>
> 73 13:45:23.900 07/08/09 Sev=Info/4 IKE/0x63000083
> IKE Port in use - Local Port = 0x1194, Remote Port = 0x1194
>
> 74 13:45:23.900 07/08/09 Sev=Info/5 IKE/0x63000072
> Automatic NAT Detection Status:
> Remote end is NOT behind a NAT device
> This end IS behind a NAT device
>
> 75 13:45:23.900 07/08/09 Sev=Info/4 CM/0x6310000E
> Established Phase 1 SA. 1 Crypto Active IKE SA, 0 User Authenticated
> IKE SA in the system
>
> 76 13:45:23.980 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.240
>
> 77 13:45:23.980 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:LOAD_BALANCE) from
> 137.250.140.240
>
> 78 13:45:23.980 07/08/09 Sev=Info/4 CM/0x6310001B
> Received alternative server address "137.250.140.242" from primary
> server
>
> 79 13:45:25.593 07/08/09 Sev=Info/6 GUI/0x63B00012
> Authentication request attributes is 7h.
>
> 80 13:45:23.980 07/08/09 Sev=Info/4 IKE/0x63000017
> Marking IKE SA for deletion (I_Cookie=A84B134FB531D88B
> R_Cookie=64C6E6D518531AA2) reason = DEL_REASON_LOAD_BALANCING
>
> 81 13:45:23.980 07/08/09 Sev=Info/4 IKE/0x63000013
> SENDING >>> ISAKMP OAK INFO *(HASH, DWR) to 137.250.140.240
>
> 82 13:45:24.852 07/08/09 Sev=Info/4 IKE/0x6300004B
> Discarding IKE SA negotiation (I_Cookie=A84B134FB531D88B
> R_Cookie=64C6E6D518531AA2) reason = DEL_REASON_LOAD_BALANCING
>
> 83 13:45:24.852 07/08/09 Sev=Info/4 CM/0x63100014
> Unable to establish Phase 1 SA with server "vpn.uni-augsburg.de
> <http://vpn.uni-augsburg.de>
> <http://vpn.uni-augsburg.de>" because of "DEL_REASON_LOAD_BALANCING"
>
> 84 13:45:24.852 07/08/09 Sev=Info/4 CM/0x63100010
> Try alternative server "137.250.140.242" given by the primary server
>
> 85 13:45:24.852 07/08/09 Sev=Info/4 CM/0x63100024
> Attempt connection with server "137.250.140.242"
>
> 86 13:45:24.862 07/08/09 Sev=Info/6 IKE/0x6300003B
> Attempting to establish a connection with 137.250.140.242.
>
> 87 13:45:24.882 07/08/09 Sev=Info/4 IKE/0x63000013
> SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd),
> VID(Frag), VID(Nat-T), VID(Unity)) to 137.250.140.242
>
> 88 13:45:25.423 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 89 13:45:25.423 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.242
>
> 90 13:45:25.423 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 91 13:45:25.423 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.242
>
> 92 13:45:25.433 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 93 13:45:25.433 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.242
>
> 94 13:45:25.433 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 95 13:45:25.433 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.242
>
> 96 13:45:25.433 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 97 13:45:25.433 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.242
>
> 98 13:45:25.433 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 99 13:45:25.433 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.242
>
> 100 13:45:25.433 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 101 13:45:25.433 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.242
>
> 102 13:45:25.433 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 103 13:45:25.433 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.242
>
> 104 13:45:25.433 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 105 13:45:25.433 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.242
>
> 106 13:45:25.433 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 107 13:45:25.433 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.242
>
> 108 13:45:25.433 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 109 13:45:25.433 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (FRAG) from 137.250.140.242
>
> 110 13:45:25.433 07/08/09 Sev=Info/5 IKE/0x63000073
> All fragments received.
>
> 111 13:45:25.433 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, CERT, CERT, CERT, CERT,
> SIG, VID(Unity), VID(Xauth), VID(Nat-T), NAT-D, NAT-D, VID(Frag),
> VID(?), VID(?)) from 137.250.140.242
>
> 112 13:45:25.433 07/08/09 Sev=Info/4 CERT/0x6360000E
> Discarding ROOT CA cert sent from peer.
>
> 113 13:45:25.483 07/08/09 Sev=Info/4 CERT/0x63600015
> Cert (cn=vpn1.rz.uni-augsburg.de <http://vpn1.rz.uni-augsburg.de>
> <http://vpn1.rz.uni-augsburg.de>,ou=Rechenzentrum,o=Universitaet
> Augsburg,l=Augsburg,st=Bayern,c=DE) verification succeeded.
>
> 114 13:45:25.483 07/08/09 Sev=Info/4 CERT/0x63600015
> Cert (cn=vpn1.rz.uni-augsburg.de <http://vpn1.rz.uni-augsburg.de>
> <http://vpn1.rz.uni-augsburg.de>,ou=Rechenzentrum,o=Universitaet
> Augsburg,l=Augsburg,st=Bayern,c=DE) verification succeeded.
>
> 115 13:45:25.493 07/08/09 Sev=Info/4 CERT/0x63600015
> Cert (cn=vpn1.rz.uni-augsburg.de <http://vpn1.rz.uni-augsburg.de>
> <http://vpn1.rz.uni-augsburg.de>,ou=Rechenzentrum,o=Universitaet
> Augsburg,l=Augsburg,st=Bayern,c=DE) verification succeeded.
>
> 116 13:45:25.503 07/08/09 Sev=Info/4 CERT/0x63600015
> Cert (cn=vpn2.rz.uni-augsburg.de <http://vpn2.rz.uni-augsburg.de>
> <http://vpn2.rz.uni-augsburg.de>,ou=Rechenzentrum,o=Universitaet
> Augsburg,l=Augsburg,st=Bayern,c=DE) verification succeeded.
>
> 117 13:45:25.503 07/08/09 Sev=Info/5 IKE/0x63000001
> Peer is a Cisco-Unity compliant peer
>
> 118 13:45:25.503 07/08/09 Sev=Info/5 IKE/0x63000001
> Peer supports XAUTH
>
> 119 13:45:25.503 07/08/09 Sev=Info/5 IKE/0x63000001
> Peer supports NAT-T
>
> 120 13:45:25.503 07/08/09 Sev=Info/5 IKE/0x63000001
> Peer supports IKE fragmentation payloads
>
> 121 13:45:25.503 07/08/09 Sev=Info/5 IKE/0x63000001
> Peer supports DWR Code and DWR Text
>
> 122 13:45:25.513 07/08/09 Sev=Info/6 IKE/0x63000001
> IOS Vendor ID Contruction successful
>
> 123 13:45:25.513 07/08/09 Sev=Info/4 IKE/0x63000013
> SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT,
> NOTIFY:PRESHARED_KEY_HASH, NAT-D, NAT-D, VID(?), VID(Unity)) to
> 137.250.140.242
>
> 124 13:45:25.513 07/08/09 Sev=Info/6 IKE/0x63000055
> Sent a keepalive on the IPSec SA
>
> 125 13:45:25.513 07/08/09 Sev=Info/4 IKE/0x63000083
> IKE Port in use - Local Port = 0x1194, Remote Port = 0x1194
>
> 126 13:45:25.513 07/08/09 Sev=Info/5 IKE/0x63000072
> Automatic NAT Detection Status:
> Remote end is NOT behind a NAT device
> This end IS behind a NAT device
>
> 127 13:45:25.513 07/08/09 Sev=Info/4 CM/0x6310000E
> Established Phase 1 SA. 1 Crypto Active IKE SA, 0 User Authenticated
> IKE SA in the system
>
> 128 13:45:25.583 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 129 13:45:25.583 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 137.250.140.242
>
> 130 13:45:25.583 07/08/09 Sev=Info/4 CM/0x63100015
> Launch xAuth application
>
> 131 13:45:29.308 07/08/09 Sev=Info/4 CM/0x63100017
> xAuth application returned
>
> 132 13:45:29.308 07/08/09 Sev=Info/4 IKE/0x63000013
> SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 137.250.140.242
>
> 133 13:45:30.480 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 134 13:45:30.480 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 137.250.140.242
>
> 135 13:45:30.480 07/08/09 Sev=Info/4 IKE/0x63000013
> SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 137.250.140.242
>
> 136 13:45:30.480 07/08/09 Sev=Info/4 CM/0x6310000E
> Established Phase 1 SA. 1 Crypto Active IKE SA, 1 User Authenticated
> IKE SA in the system
>
> 137 13:45:30.500 07/08/09 Sev=Info/5 IKE/0x6300005E
> Client sending a firewall request to concentrator
>
> 138 13:45:30.510 07/08/09 Sev=Info/4 IKE/0x63000013
> SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 137.250.140.242
>
> 139 13:45:31.421 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 140 13:45:31.421 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 137.250.140.242
>
> 141 13:45:31.421 07/08/09 Sev=Info/5 IKE/0x63000010
> MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_ADDRESS: , value =
> 137.250.137.116
>
> 142 13:45:31.421 07/08/09 Sev=Info/5 IKE/0x63000010
> MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NETMASK: , value =
> 255.255.252.0
>
> 143 13:45:31.421 07/08/09 Sev=Info/5 IKE/0x63000010
> MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(1): , value =
> 137.250.1.254
>
> 144 13:45:31.421 07/08/09 Sev=Info/5 IKE/0x63000010
> MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(2): , value =
> 137.250.1.30
>
> 145 13:45:31.421 07/08/09 Sev=Info/5 IKE/0x63000010
> MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NBNS(1) (a.k.a. WINS) : ,
> value = 137.250.1.20
>
> 146 13:45:31.421 07/08/09 Sev=Info/5 IKE/0x6300000E
> MODE_CFG_REPLY: Attribute = MODECFG_UNITY_BANNER, value = Herzlich
> Willkommen am VPN der Universit??t Augsburg
>
> Hinweis: Der gesamte Datenverkehr wird ??ber die Universit??t Augsburg
> getunnelt!
>
> 147 13:45:31.421 07/08/09 Sev=Info/5 IKE/0x6300000D
> MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SAVEPWD: , value =
> 0x00000000
>
> 148 13:45:31.421 07/08/09 Sev=Info/5 IKE/0x6300000D
> MODE_CFG_REPLY: Attribute = MODECFG_UNITY_PFS: , value = 0x00000001
>
> 149 13:45:31.421 07/08/09 Sev=Info/5 IKE/0x6300000E
> MODE_CFG_REPLY: Attribute = APPLICATION_VERSION, value = Cisco
> Systems,
> Inc./VPN 3000 Concentrator Version 4.7.2.O built by vmurphy on Mar 05
> 2008 16:24:28
>
> 150 13:45:31.421 07/08/09 Sev=Info/5 IKE/0x6300000D
> MODE_CFG_REPLY: Attribute = MODECFG_UNITY_INCLUDE_LOCAL_LAN (# of
> local_nets), value = 0x00000001
>
> 151 13:45:31.421 07/08/09 Sev=Info/5 IKE/0x6300000F
> LOCAL_NET #1
> subnet = 192.168.1.0
> mask = 255.255.255.0
> protocol = 0
> src port = 0
> dest port=0
>
> 152 13:45:31.421 07/08/09 Sev=Info/5 IKE/0x6300000D
> MODE_CFG_REPLY: Attribute = Received and using NAT-T port number ,
> value
> = 0x00001194
>
> 153 13:45:31.431 07/08/09 Sev=Info/4 CM/0x63100019
> Mode Config data received
>
> 154 13:45:31.431 07/08/09 Sev=Info/4 IKE/0x63000056
> Received a key request from Driver: Local IP = 137.250.137.116, GW
> IP =
> 137.250.140.242, Remote IP = 0.0.0.0
>
> 155 13:45:31.461 07/08/09 Sev=Info/4 IKE/0x63000013
> SENDING >>> ISAKMP OAK QM *(HASH, SA, NON, KE, ID, ID) to
> 137.250.140.242
>
> 156 13:45:31.461 07/08/09 Sev=Info/4 IPSEC/0x63700014
> Deleted all keys
>
> 157 13:45:31.561 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 158 13:45:31.561 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:STATUS_RESP_LIFETIME)
> from
> 137.250.140.242
>
> 159 13:45:31.561 07/08/09 Sev=Info/5 IKE/0x63000045
> RESPONDER-LIFETIME notify has value of 86400 seconds
>
> 160 13:45:31.561 07/08/09 Sev=Info/5 IKE/0x63000047
> This SA has already been alive for 7 seconds, setting expiry to 86393
> seconds from now
>
> 161 13:45:31.591 07/08/09 Sev=Info/5 IKE/0x6300002F
> Received ISAKMP packet: peer = 137.250.140.242
>
> 162 13:45:31.591 07/08/09 Sev=Info/4 IKE/0x63000014
> RECEIVING <<< ISAKMP OAK QM *(HASH, SA, NON, KE, ID, ID,
> NOTIFY:STATUS_RESP_LIFETIME) from 137.250.140.242
>
> 163 13:45:31.591 07/08/09 Sev=Info/5 IKE/0x63000045
> RESPONDER-LIFETIME notify has value of 28800 seconds
>
> 164 13:45:31.611 07/08/09 Sev=Info/4 IKE/0x63000013
> SENDING >>> ISAKMP OAK QM *(HASH) to 137.250.140.242
>
> 165 13:45:31.611 07/08/09 Sev=Info/5 IKE/0x63000059
> Loading IPsec SA (MsgID=87786B8C OUTBOUND SPI = 0x23BEF5A1 INBOUND
> SPI =
> 0xE897968A)
>
> 166 13:45:31.611 07/08/09 Sev=Info/5 IKE/0x63000025
> Loaded OUTBOUND ESP SPI: 0x23BEF5A1
>
> 167 13:45:31.611 07/08/09 Sev=Info/5 IKE/0x63000026
> Loaded INBOUND ESP SPI: 0xE897968A
>
> 168 13:45:31.782 07/08/09 Sev=Info/5 CVPND/0x63400013
> Destination Netmask Gateway Interface
> Metric
> 0.0.0.0 0.0.0.0 192.168.1.1
> 192.168.1.4 20
> 127.0.0.0 255.0.0.0 127.0.0.1
> 127.0.0.1 1
> 192.168.1.0 255.255.255.0 192.168.1.4
> 192.168.1.4 20
> 192.168.1.4 255.255.255.255 127.0.0.1
> 127.0.0.1 20
> 192.168.1.255 255.255.255.255 192.168.1.4
> 192.168.1.4 20
> 224.0.0.0 240.0.0.0 192.168.1.4
> 192.168.1.4 20
> 255.255.255.255 255.255.255.255 192.168.1.4
> 192.168.1.4 1
>
>
> 169 13:45:36.899 07/08/09 Sev=Info/4 CM/0x63100034
> The Virtual Adapter was enabled:
> IP=137.250.137.116/255.255.252.0
> <http://137.250.137.116/255.255.252.0>
> <http://137.250.137.116/255.255.252.0>
> DNS=137.250.1.254,137.250.1.30
> WINS=137.250.1.20,0.0.0.0
> Domain=
> Split DNS Names=
>
> 170 13:45:36.899 07/08/09 Sev=Info/5 CVPND/0x63400013
> Destination Netmask Gateway Interface
> Metric
> 0.0.0.0 0.0.0.0 137.250.137.116
> 137.250.137.116 1
> 0.0.0.0 0.0.0.0 192.168.1.1
> 192.168.1.4 20
> 127.0.0.0 255.0.0.0 127.0.0.1
> 127.0.0.1 1
> 137.250.136.0 255.255.252.0 137.250.137.116
> 137.250.137.116 20
> 137.250.137.116 255.255.255.255 127.0.0.1
> 127.0.0.1 20
> 137.250.255.255 255.255.255.255 137.250.137.116
> 137.250.137.116 20
> 192.168.1.0 255.255.255.0 192.168.1.4
> 192.168.1.4 20
> 192.168.1.4 255.255.255.255 127.0.0.1
> 127.0.0.1 20
> 192.168.1.255 255.255.255.255 192.168.1.4
> 192.168.1.4 20
> 224.0.0.0 240.0.0.0 137.250.137.116
> 137.250.137.116 20
> 224.0.0.0 240.0.0.0 192.168.1.4
> 192.168.1.4 20
> 255.255.255.255 255.255.255.255 137.250.137.116
> 137.250.137.116 1
> 255.255.255.255 255.255.255.255 192.168.1.4
> 192.168.1.4 1
>
>
> 171 13:45:36.909 07/08/09 Sev=Info/4 CM/0x63100038
> Successfully saved route changes to file.
>
> 172 13:45:36.909 07/08/09 Sev=Info/5 CVPND/0x63400013
> Destination Netmask Gateway Interface
> Metric
> 0.0.0.0 0.0.0.0 137.250.137.116
> 137.250.137.116 1
> 127.0.0.0 255.0.0.0 127.0.0.1
> 127.0.0.1 1
> 137.250.136.0 255.255.252.0 137.250.137.116
> 137.250.137.116 20
> 137.250.137.116 255.255.255.255 127.0.0.1
> 127.0.0.1 20
> 137.250.140.242 255.255.255.255 192.168.1.1
> 192.168.1.4 1
> 137.250.255.255 255.255.255.255 137.250.137.116
> 137.250.137.116 20
> 192.168.1.0 255.255.255.0 192.168.1.4
> 192.168.1.4 20
> 192.168.1.4 255.255.255.255 127.0.0.1
> 127.0.0.1 20
> 192.168.1.255 255.255.255.255 192.168.1.4
> 192.168.1.4 20
> 224.0.0.0 240.0.0.0 137.250.137.116
> 137.250.137.116 20
> 224.0.0.0 240.0.0.0 192.168.1.4
> 192.168.1.4 20
> 255.255.255.255 255.255.255.255 137.250.137.116
> 137.250.137.116 1
> 255.255.255.255 255.255.255.255 192.168.1.4
> 192.168.1.4 1
>
>
> 173 13:45:36.909 07/08/09 Sev=Info/6 CM/0x63100036
> The routing table was updated for the Virtual Adapter
>
> 174 13:45:36.949 07/08/09 Sev=Info/4 CM/0x6310001A
> One secure connection established
>
> 175 13:45:37.009 07/08/09 Sev=Info/4 CM/0x6310003B
> Address watch added for 192.168.1.4. Current hostname: Daniel,
> Current
> address(es): 137.250.137.116, 192.168.1.4.
>
> 176 13:45:37.009 07/08/09 Sev=Info/4 CM/0x6310003B
> Address watch added for 137.250.137.116. Current hostname: Daniel,
> Current address(es): 137.250.137.116, 192.168.1.4.
>
> 177 13:45:37.009 07/08/09 Sev=Info/4 IPSEC/0x63700010
> Created a new key structure
>
> 178 13:45:37.009 07/08/09 Sev=Info/4 IPSEC/0x6370000F
> Added key with SPI=0xa1f5be23 into key list
>
> 179 13:45:37.009 07/08/09 Sev=Info/4 IPSEC/0x63700010
> Created a new key structure
>
> 180 13:45:37.009 07/08/09 Sev=Info/4 IPSEC/0x6370000F
> Added key with SPI=0x8a9697e8 into key list
>
> 181 13:45:37.019 07/08/09 Sev=Info/4 IPSEC/0x6370002F
> Assigned VA private interface addr 137.250.137.116
>
> 182 13:45:37.019 07/08/09 Sev=Info/4 IPSEC/0x63700037
> Configure public interface: 192.168.1.4. SG: 137.250.140.242
>
> 183 13:45:37.019 07/08/09 Sev=Info/6 IKE/0x63000055
> Sent a keepalive on the IPSec SA
>
> 184 13:45:39.072 07/08/09 Sev=Info/6 CM/0x63100046
> Set tunnel established flag in registry to 1.
>
> 185 13:45:39.363 07/08/09 Sev=Info/4 IPSEC/0x63700019
> Activate outbound key with SPI=0xa1f5be23 for inbound key with
> SPI=0x8a9697e8
>
> 186 13:45:57.368 07/08/09 Sev=Info/6 IKE/0x63000055
> Sent a keepalive on the IPSec SA
>
> 187 13:46:07.383 07/08/09 Sev=Info/6 IKE/0x63000055
> Sent a keepalive on the IPSec SA
>
> 188 13:46:17.397 07/08/09 Sev=Info/6 IKE/0x63000055
> Sent a keepalive on the IPSec SA
>
> 189 13:46:27.412 07/08/09 Sev=Info/6 IKE/0x63000055
> Sent a keepalive on the IPSec SA
>
> 190 13:46:37.426 07/08/09 Sev=Info/6 IKE/0x63000055
> Sent a keepalive on the IPSec SA
>
> 191 13:46:47.440 07/08/09 Sev=Info/6 IKE/0x63000055
> Sent a keepalive on the IPSec SA
>
> 192 13:46:57.455 07/08/09 Sev=Info/6 IKE/0x63000055
> Sent a keepalive on the IPSec SA
>
>
> _______________________________________________
> vpn-help mailing list
> vpn-help at lists.shrew.net <mailto:vpn-help at lists.shrew.net>
> <mailto:vpn-help at lists.shrew.net <mailto:vpn-help at lists.shrew.net>>
> http://lists.shrew.net/mailman/listinfo/vpn-help
>
>
>
>
More information about the vpn-help
mailing list