[vpn-help] Can't ping/ssh remote machines over vpn [ver 2.1.5 on Ubuntu 10.04]

Gaurav gaurav.knangla at gmail.com
Tue Apr 27 15:21:13 CDT 2010 

Hi All,

I've been using the Shrew Soft client for years on Windows without any
problems.

I switched to Ubuntu 10.04 once and for all recently; but ran into issues
with a .pcf imported that worked flawlessly on Windows 7 recently.

Imported the sane .pcf into the Shrew Soft ver 2.1.5 on Ubuntu 10.04,
managed to connect as well but just couldn't ping/ssh my remote machines
over vpn.

I've tried possible workarounds/tweaks/fixes, the little that I could dig up
around this but things didn't workout.

Any suggestions?

Prints/logs follow.

*Connection prints:*
config loaded for site 'xxxxxxxxxx.pcf'
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
remote id configured
pre-shared key configured
bringing up tunnel ...
user authentication error
tunnel disabled
detached from key daemon ...
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
remote id configured
pre-shared key configured
bringing up tunnel ...
user authentication error
tunnel disabled
detached from key daemon ...
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
remote id configured
pre-shared key configured
bringing up tunnel ...
network device configured
tunnel enabled

*Logs:*
desktop:~$ cat /var/log/iked.log
10/04/28 00:36:01 ## : IKE Daemon, ver 2.1.5
10/04/28 00:36:01 ## : Copyright 2009 Shrew Soft Inc.
10/04/28 00:36:01 ## : This product linked OpenSSL 0.9.8k 25 Mar 2009
10/04/28 00:36:01 K! : recv X_SPDDUMP message failure ( errno = 2 )
10/04/28 00:41:19 !! : invalid private netmask, defaulting to class c
10/04/28 00:41:19 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 00:41:26 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 00:42:18 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 00:46:48 !! : invalid private netmask, defaulting to class c
10/04/28 00:46:48 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 00:46:57 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 00:51:32 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 00:53:19 !! : invalid private netmask, defaulting to class c
10/04/28 00:53:19 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 00:53:19 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 00:53:26 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 00:54:31 !! : invalid private netmask, defaulting to class c
10/04/28 00:54:37 !! : invalid private netmask, defaulting to class c
10/04/28 00:55:01 K! : unhandled pfkey message type EXPIRE ( 8 )
10/04/28 00:55:07 K! : unhandled pfkey message type EXPIRE ( 8 )
10/04/28 00:55:07 K! : unhandled pfkey message type EXPIRE ( 8 )
10/04/28 00:55:22 !! : invalid private netmask, defaulting to class c
10/04/28 00:55:22 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 00:55:22 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 00:55:28 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 00:56:42 !! : invalid private netmask, defaulting to class c
10/04/28 00:56:52 !! : invalid private netmask, defaulting to class c
10/04/28 00:57:12 K! : unhandled pfkey message type EXPIRE ( 8 )
10/04/28 00:57:22 K! : unhandled pfkey message type EXPIRE ( 8 )
10/04/28 00:58:12 !! : invalid private netmask, defaulting to class c
10/04/28 00:58:12 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 00:58:12 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:00:33 !! : invalid private netmask, defaulting to class c
10/04/28 01:00:33 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:00:34 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:00:38 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:02:46 !! : invalid private netmask, defaulting to class c
10/04/28 01:02:46 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:02:46 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:02:56 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:05:04 K! : unhandled pfkey message type EXPIRE ( 8 )
10/04/28 01:05:04 K! : unhandled pfkey message type EXPIRE ( 8 )
10/04/28 01:05:16 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:05:17 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:05:43 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:05:48 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:17:59 !! : invalid private netmask, defaulting to class c
10/04/28 01:17:59 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:18:11 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:22:33 !! : invalid private netmask, defaulting to class c
10/04/28 01:22:33 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:22:46 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )
10/04/28 01:22:52 !! : peer violates RFC, transform number mismatch ( 1 !=
17 )


Gaurav
pgp.mit.edu - PubkeyID:0x1bf31eef13ee431e
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100428/7c126f10/attachment-0001.html>

More information about the vpn-help mailing list