[vpn-help] Problem establishing tunnel using Fedora 6: resend limit exceeded for phase1 exchange
Stefan Bauer
stefan.bauer at cubewerk.de
Wed Apr 28 01:31:48 CDT 2010
Am 24.04.2010 15:28, Rob Ratcliff schrieb:
> 10/04/24 06:55:45 DB : exchange type is aggressive
> 10/04/24 06:55:45 ii : local supports nat-t ( draft v00 )
> 10/04/24 06:55:45 >> : vendor id payload
> 10/04/24 06:55:45 ii : local supports nat-t ( draft v01 )
> 10/04/24 06:55:45 >> : vendor id payload
> 10/04/24 06:55:45 ii : local supports nat-t ( draft v02 )
> 10/04/24 06:55:45 >> : vendor id payload
> 10/04/24 06:55:45 ii : local supports nat-t ( draft v03 )
> 10/04/24 06:55:45 >> : vendor id payload
> 10/04/24 06:55:45 ii : local supports nat-t ( rfc )
> 10/04/24 06:55:45 -> : send IKE packet 192.168.1.103:500 ->
> xx.xxx.xxx.xx:500 ( 533 bytes )
> 10/04/24 06:55:45 DB : phase1 resend event scheduled ( ref count = 2 )
> 10/04/24 06:55:45 ii : opened tap device tap0
> 10/04/24 06:55:55 -> : resend 1 phase1 packet(s) 192.168.1.103:500 ->
> xx.xxx.xxx.xx:500
> 10/04/24 06:56:05 -> : resend 1 phase1 packet(s) 192.168.1.103:500 ->
> xx.xxx.xxx.xx:500
> 10/04/24 06:56:15 -> : resend 1 phase1 packet(s) 192.168.1.103:500 ->
> xx.xxx.xxx.xx:500
> 10/04/24 06:56:25 ii : resend limit exceeded for phase1 exchange
> 10/04/24 06:56:25 ii : phase1 removal before expire time
Rob,
not even the initial port change to 4500 udp (nat-t) is done
correctly. Are you sure, your machine is not running a firewall?
What's the output of "iptables -vnL" ?
Stefan
--
Stefan Bauer -----------------------------------------
PGP: E80A 50D5 2D46 341C A887 F05D 5C81 5858 DCEF 8C34
-------- plzk.de - Linux - because it works ----------
More information about the vpn-help
mailing list