[Vpn-help] invalid message from gateway

Wed May 6 06:47:26 CDT 2009

Hello all,
i have an zywall where i want to connect to. Have also opened my UDP 
Ports on 500 & 4500.
Have configured exactly the same like on the tutorial. But everytime 
this error comes up, any clue?

09/05/06 13:32:47 >> : vendor id payload
09/05/06 13:32:47 ii : local supports nat-t ( draft v00 )
09/05/06 13:32:47 >> : vendor id payload
09/05/06 13:32:47 ii : local supports nat-t ( draft v01 )
09/05/06 13:32:47 >> : vendor id payload
09/05/06 13:32:47 ii : local supports nat-t ( draft v02 )
09/05/06 13:32:47 >> : vendor id payload
09/05/06 13:32:47 ii : local supports nat-t ( draft v03 )
09/05/06 13:32:47 >> : vendor id payload
09/05/06 13:32:47 ii : local supports nat-t ( rfc )
09/05/06 13:32:47 >> : vendor id payload
09/05/06 13:32:47 ii : local supports FRAGMENTATION
09/05/06 13:32:47 >> : vendor id payload
09/05/06 13:32:47 ii : local supports DPDv1
09/05/06 13:32:47 >> : vendor id payload
09/05/06 13:32:47 ii : local is SHREW SOFT compatible
09/05/06 13:32:47 >> : vendor id payload
09/05/06 13:32:47 ii : local is NETSCREEN compatible
09/05/06 13:32:47 >> : vendor id payload
09/05/06 13:32:47 ii : local is SIDEWINDER compatible
09/05/06 13:32:47 >> : vendor id payload
09/05/06 13:32:47 ii : local is CISCO UNITY compatible
09/05/06 13:32:47 >= : cookies 001e71032106385e:0000000000000000
09/05/06 13:32:47 >= : message 00000000
09/05/06 13:32:47 -> : send IKE packet 192.168.1.197:500 -> 
213.23.208.234:500 ( 1202 bytes )
09/05/06 13:32:47 DB : phase1 resend event scheduled ( ref count = 2 )
09/05/06 13:32:52 -> : resend 1 phase1 packet(s) 192.168.1.197:500 -> 
213.23.208.234:500
09/05/06 13:32:57 -> : resend 1 phase1 packet(s) 192.168.1.197:500 -> 
213.23.208.234:500
09/05/06 13:33:02 -> : resend 1 phase1 packet(s) 192.168.1.197:500 -> 
213.23.208.234:500
09/05/06 13:33:07 ii : resend limit exceeded for phase1 exchange
09/05/06 13:33:07 ii : phase1 removal before expire time
09/05/06 13:33:07 DB : phase1 deleted ( obj count = 0 )
09/05/06 13:33:07 DB : policy not found
09/05/06 13:33:07 DB : policy not found
09/05/06 13:33:07 DB : tunnel stats event canceled ( ref count = 1 )
09/05/06 13:33:07 DB : removing tunnel config references
09/05/06 13:33:07 DB : removing tunnel phase2 references
09/05/06 13:33:07 DB : removing tunnel phase1 references
09/05/06 13:33:07 DB : tunnel deleted ( obj count = 0 )
09/05/06 13:33:07 DB : removing all peer tunnel refrences
09/05/06 13:33:07 DB : peer deleted ( obj count = 0 )
09/05/06 13:33:07 ii : ipc client process thread exit ...
09/05/06 13:40:42 ii : ipc client process thread begin ...
09/05/06 13:40:42 <A : peer config add message
09/05/06 13:40:42 DB : peer added ( obj count = 1 )
09/05/06 13:40:42 ii : local address 192.168.1.197:500 selected for peer
09/05/06 13:40:43 DB : tunnel added ( obj count = 1 )
09/05/06 13:40:43 <A : proposal config message
09/05/06 13:40:43 <A : proposal config message
09/05/06 13:40:43 <A : client config message
09/05/06 13:40:43 <A : xauth username message
09/05/06 13:40:43 <A : xauth password message
09/05/06 13:40:43 <A : local id 'client.shrew.net' message
09/05/06 13:40:43 <A : preshared key message
09/05/06 13:40:43 <A : remote resource message
09/05/06 13:40:43 <A : peer tunnel enable message
09/05/06 13:40:43 DB : new phase1 ( ISAKMP initiator )
09/05/06 13:40:43 DB : exchange type is aggressive
09/05/06 13:40:43 DB : 192.168.1.197:500 <-> 213.23.208.234:500
09/05/06 13:40:43 DB : a560ae8d144dd45a:0000000000000000
09/05/06 13:40:43 DB : phase1 added ( obj count = 1 )
09/05/06 13:40:43 >> : security association payload
09/05/06 13:40:43 >> : - proposal #1 payload
09/05/06 13:40:43 >> : -- transform #1 payload
09/05/06 13:40:43 >> : -- transform #2 payload
09/05/06 13:40:43 >> : -- transform #3 payload
09/05/06 13:40:43 >> : -- transform #4 payload
09/05/06 13:40:43 >> : -- transform #5 payload
09/05/06 13:40:43 >> : -- transform #6 payload
09/05/06 13:40:43 >> : -- transform #7 payload
09/05/06 13:40:43 >> : -- transform #8 payload
09/05/06 13:40:43 >> : -- transform #9 payload
09/05/06 13:40:43 >> : -- transform #10 payload
09/05/06 13:40:43 >> : -- transform #11 payload
09/05/06 13:40:43 >> : -- transform #12 payload
09/05/06 13:40:43 >> : -- transform #13 payload
09/05/06 13:40:43 >> : -- transform #14 payload
09/05/06 13:40:43 >> : -- transform #15 payload
09/05/06 13:40:43 >> : -- transform #16 payload
09/05/06 13:40:43 >> : -- transform #17 payload
09/05/06 13:40:43 >> : -- transform #18 payload
09/05/06 13:40:43 >> : key exchange payload
09/05/06 13:40:43 >> : nonce payload
09/05/06 13:40:43 >> : identification payload
09/05/06 13:40:43 >> : vendor id payload
09/05/06 13:40:43 ii : local supports XAUTH
09/05/06 13:40:43 >> : vendor id payload
09/05/06 13:40:43 ii : local supports nat-t ( draft v00 )
09/05/06 13:40:43 >> : vendor id payload
09/05/06 13:40:43 ii : local supports nat-t ( draft v01 )
09/05/06 13:40:43 >> : vendor id payload
09/05/06 13:40:43 ii : local supports nat-t ( draft v02 )
09/05/06 13:40:43 >> : vendor id payload
09/05/06 13:40:43 ii : local supports nat-t ( draft v03 )
09/05/06 13:40:43 >> : vendor id payload
09/05/06 13:40:43 ii : local supports nat-t ( rfc )
09/05/06 13:40:43 >> : vendor id payload
09/05/06 13:40:43 ii : local supports FRAGMENTATION
09/05/06 13:40:43 >> : vendor id payload
09/05/06 13:40:43 ii : local supports DPDv1
09/05/06 13:40:43 >> : vendor id payload
09/05/06 13:40:43 ii : local is SHREW SOFT compatible
09/05/06 13:40:43 >> : vendor id payload
09/05/06 13:40:43 ii : local is NETSCREEN compatible
09/05/06 13:40:43 >> : vendor id payload
09/05/06 13:40:43 ii : local is SIDEWINDER compatible
09/05/06 13:40:43 >> : vendor id payload
09/05/06 13:40:43 ii : local is CISCO UNITY compatible
09/05/06 13:40:43 >= : cookies a560ae8d144dd45a:0000000000000000
09/05/06 13:40:43 >= : message 00000000
09/05/06 13:40:43 -> : send IKE packet 192.168.1.197:500 -> 
213.23.208.234:500 ( 1192 bytes )
09/05/06 13:40:43 DB : phase1 resend event scheduled ( ref count = 2 )
09/05/06 13:40:44 <- : recv IKE packet 213.23.208.234:500 -> 
192.168.1.197:500 ( 400 bytes )
09/05/06 13:40:44 DB : phase1 found
09/05/06 13:40:44 ii : processing phase1 packet ( 400 bytes )
09/05/06 13:40:44 =< : cookies a560ae8d144dd45a:f96abdc2c8ad4d43
09/05/06 13:40:44 =< : message 00000000
09/05/06 13:40:44 << : security association payload
09/05/06 13:40:44 << : - propsal #1 payload
09/05/06 13:40:44 << : -- transform #1 payload
09/05/06 13:40:44 ii : unmatched isakmp proposal/transform
09/05/06 13:40:44 ii : key length ( 128 != 256 )
09/05/06 13:40:44 ii : unmatched isakmp proposal/transform
09/05/06 13:40:44 ii : key length ( 128 != 256 )
09/05/06 13:40:44 ii : unmatched isakmp proposal/transform
09/05/06 13:40:44 ii : key length ( 128 != 192 )
09/05/06 13:40:44 ii : unmatched isakmp proposal/transform
09/05/06 13:40:44 ii : key length ( 128 != 192 )
09/05/06 13:40:44 !! : peer violates RFC, transform number mismatch ( 1 
!= 5 )
09/05/06 13:40:44 ii : matched isakmp proposal #1 transform #1
09/05/06 13:40:44 ii : - transform    = ike
09/05/06 13:40:44 ii : - cipher type  = aes
09/05/06 13:40:44 ii : - key length   = 128 bits
09/05/06 13:40:44 ii : - hash type    = md5
09/05/06 13:40:44 ii : - dh group     = modp-1024
09/05/06 13:40:44 ii : - auth type    = xauth-initiator-psk
09/05/06 13:40:44 ii : - life seconds = 86400
09/05/06 13:40:44 ii : - life kbytes  = 0
09/05/06 13:40:44 << : key exchange payload
09/05/06 13:40:44 << : nonce payload
09/05/06 13:40:44 << : identification payload
09/05/06 13:40:44 !! : phase1 id type mismatch ( received ipv4-host but 
expected fqdn )
09/05/06 13:40:44 DB : phase1 resend event canceled ( ref count = 1 )
09/05/06 13:40:44 ii : phase1 removal before expire time
09/05/06 13:40:44 DB : phase1 deleted ( obj count = 0 )
09/05/06 13:40:44 DB : policy not found
09/05/06 13:40:44 DB : policy not found
09/05/06 13:40:44 DB : tunnel stats event canceled ( ref count = 1 )
09/05/06 13:40:44 DB : removing tunnel config references
09/05/06 13:40:44 DB : removing tunnel phase2 references
09/05/06 13:40:44 DB : removing tunnel phase1 references
09/05/06 13:40:44 DB : tunnel deleted ( obj count = 0 )
09/05/06 13:40:44 DB : removing all peer tunnel refrences
09/05/06 13:40:44 DB : peer deleted ( obj count = 0 )
09/05/06 13:40:44 ii : ipc client process thread exit ...

many thanks in advance!!!

tko
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tko.vcf
Type: text/x-vcard
Size: 161 bytes
Desc: not available
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20090506/03c2dec8/attachment-0001.vcf>