[vpn-help] Problem reaching subnets behind Fritzbox
Michael Hüttl
mihue.huettl at googlemail.com
Tue Jan 26 15:15:41 CST 2010
Hi,
I used the AVM VPN connection software before to connect to a Fritzbox and
would like to use the Shrew client instead. Installation and connection to
the remote network worked fine, but I still have a problem connecting to
subnets behind the remote net, in details:
I am connecting to a remote net 192.168.116.0/24, where the Fritzbox is
located and which works fine. There exist three further subnets behind the
Fritzbox, which I cannot reach:
192.168.115.32/27, 192.168.115.64/27, 200.200.200.0/24, which works fine
using the Fritz VPN Software. I Have configured the networks in the policy
segment of the VPN Site Configuration and concerning the Debug trace, the
policies are added, but I cannot ping any of the three nets. Any idea, where
to search the problem? My routing table and the Ike trace are attached. I´m
not sure whether it has to with the routing in the remote nets or the VPN
client, because it works fine with the AVM Client. Any idea?
Thanks a lot
Michael Huettl
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.110.250 192.168.110.150 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.72.0 255.255.255.0 192.168.72.1 192.168.72.1 20
192.168.72.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.72.255 255.255.255.255 192.168.72.1 192.168.72.1 20
192.168.110.0 255.255.255.0 192.168.110.150 192.168.110.150 25
192.168.110.150 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.110.255 255.255.255.255 192.168.110.150 192.168.110.150 25
192.168.115.32 255.255.255.224 192.168.116.202 192.168.116.202 1
192.168.115.64 255.255.255.224 192.168.116.202 192.168.116.202 1
192.168.116.0 255.255.255.0 192.168.116.202 192.168.116.202 1
192.168.116.202 255.255.255.255 127.0.0.1 127.0.0.1 30
192.168.116.255 255.255.255.255 192.168.116.202 192.168.116.202 30
192.168.136.0 255.255.255.0 192.168.136.1 192.168.136.1 20
192.168.136.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.136.255 255.255.255.255 192.168.136.1 192.168.136.1 20
200.200.200.0 255.255.255.0 192.168.116.202 192.168.116.202 1
224.0.0.0 240.0.0.0 192.168.72.1 192.168.72.1 20
224.0.0.0 240.0.0.0 192.168.110.150 192.168.110.150 25
224.0.0.0 240.0.0.0 192.168.116.202 192.168.116.202 30
224.0.0.0 240.0.0.0 192.168.136.1 192.168.136.1 20
255.255.255.255 255.255.255.255 192.168.72.1 192.168.72.1 1
255.255.255.255 255.255.255.255 192.168.110.150 192.168.110.150 1
255.255.255.255 255.255.255.255 192.168.116.202 192.168.116.202 1
255.255.255.255 255.255.255.255 192.168.136.1 192.168.136.1 1
255.255.255.255 255.255.255.255 192.168.136.1 4 1
255.255.255.255 255.255.255.255 192.168.136.1 10007 1
Default Gateway: 192.168.110.250
===========================================================================
10/01/26 21:18:10 ## : IKE Daemon, ver 2.1.5
10/01/26 21:18:10 ## : Copyright 2009 Shrew Soft Inc.
10/01/26 21:18:10 ## : This product linked OpenSSL 0.9.8h 28 May 2008
10/01/26 21:18:10 ii : opened 'C:\Program Files\ShrewSoft\VPN
Client\debug\iked.log'
10/01/26 21:18:10 ii : opened 'C:\Program Files\ShrewSoft\VPN
Client/debug/dump-ike-decrypt.cap'
10/01/26 21:18:10 ii : opened 'C:\Program Files\ShrewSoft\VPN
Client/debug/dump-ike-encrypt.cap'
10/01/26 21:18:10 ii : rebuilding vnet device list ...
10/01/26 21:18:10 ii : device ROOT\VNET\0000 disabled
10/01/26 21:18:10 ii : network process thread begin ...
10/01/26 21:18:10 ii : pfkey process thread begin ...
10/01/26 21:18:10 ii : ipc server process thread begin ...
10/01/26 21:19:05 ii : ipc client process thread begin ...
10/01/26 21:19:05 <A : peer config add message
10/01/26 21:19:05 DB : peer added ( obj count = 1 )
10/01/26 21:19:05 ii : local address 192.168.110.150 selected for peer
10/01/26 21:19:05 DB : tunnel added ( obj count = 1 )
10/01/26 21:19:05 <A : proposal config message
10/01/26 21:19:05 <A : proposal config message
10/01/26 21:19:05 <A : proposal config message
10/01/26 21:19:05 <A : client config message
10/01/26 21:19:05 <A : local id 'michael.huettl at huettl-gmbh.de' message
10/01/26 21:19:05 <A : preshared key message
10/01/26 21:19:05 <A : remote resource message
10/01/26 21:19:05 <A : remote resource message
10/01/26 21:19:05 <A : remote resource message
10/01/26 21:19:05 <A : remote resource message
10/01/26 21:19:05 <A : peer tunnel enable message
10/01/26 21:19:05 DB : new phase1 ( ISAKMP initiator )
10/01/26 21:19:05 DB : exchange type is aggressive
10/01/26 21:19:05 DB : 192.168.110.150:500 <-> 87.78.69.220:500
10/01/26 21:19:05 DB : 9e1e592bf5ae00db:0000000000000000
10/01/26 21:19:05 DB : phase1 added ( obj count = 1 )
10/01/26 21:19:05 >> : security association payload
10/01/26 21:19:05 >> : - proposal #1 payload
10/01/26 21:19:05 >> : -- transform #1 payload
10/01/26 21:19:05 >> : key exchange payload
10/01/26 21:19:05 >> : nonce payload
10/01/26 21:19:05 >> : identification payload
10/01/26 21:19:05 >> : vendor id payload
10/01/26 21:19:05 ii : local supports nat-t ( draft v00 )
10/01/26 21:19:05 >> : vendor id payload
10/01/26 21:19:05 ii : local supports nat-t ( draft v01 )
10/01/26 21:19:05 >> : vendor id payload
10/01/26 21:19:05 ii : local supports nat-t ( draft v02 )
10/01/26 21:19:05 >> : vendor id payload
10/01/26 21:19:05 ii : local supports nat-t ( draft v03 )
10/01/26 21:19:05 >> : vendor id payload
10/01/26 21:19:05 ii : local supports nat-t ( rfc )
10/01/26 21:19:05 >> : vendor id payload
10/01/26 21:19:05 ii : local supports FRAGMENTATION
10/01/26 21:19:05 >> : vendor id payload
10/01/26 21:19:05 ii : local supports DPDv1
10/01/26 21:19:05 >> : vendor id payload
10/01/26 21:19:05 ii : local is SHREW SOFT compatible
10/01/26 21:19:05 >> : vendor id payload
10/01/26 21:19:05 ii : local is NETSCREEN compatible
10/01/26 21:19:05 >> : vendor id payload
10/01/26 21:19:05 ii : local is SIDEWINDER compatible
10/01/26 21:19:05 >> : vendor id payload
10/01/26 21:19:05 ii : local is CISCO UNITY compatible
10/01/26 21:19:05 >= : cookies 9e1e592bf5ae00db:0000000000000000
10/01/26 21:19:05 >= : message 00000000
10/01/26 21:19:05 -> : send IKE packet 192.168.110.150:500 ->
87.78.69.220:500 ( 537 bytes )
10/01/26 21:19:05 DB : phase1 resend event scheduled ( ref count = 2 )
10/01/26 21:19:06 <- : recv IKE packet 87.78.69.220:500 ->
192.168.110.150:500 ( 304 bytes )
10/01/26 21:19:06 DB : phase1 found
10/01/26 21:19:06 ii : processing phase1 packet ( 304 bytes )
10/01/26 21:19:06 =< : cookies 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:06 =< : message 00000000
10/01/26 21:19:06 << : security association payload
10/01/26 21:19:06 << : - propsal #1 payload
10/01/26 21:19:06 << : -- transform #1 payload
10/01/26 21:19:06 ii : matched isakmp proposal #1 transform #1
10/01/26 21:19:06 ii : - transform = ike
10/01/26 21:19:06 ii : - cipher type = aes
10/01/26 21:19:06 ii : - key length = 256 bits
10/01/26 21:19:06 ii : - hash type = sha1
10/01/26 21:19:06 ii : - dh group = modp-1024
10/01/26 21:19:06 ii : - auth type = psk
10/01/26 21:19:06 ii : - life seconds = 3600
10/01/26 21:19:06 ii : - life kbytes = 0
10/01/26 21:19:06 << : key exchange payload
10/01/26 21:19:06 << : nonce payload
10/01/26 21:19:06 << : identification payload
10/01/26 21:19:06 ii : phase1 id match ( natt prevents ip match )
10/01/26 21:19:06 ii : received = ipv4-host 87.78.69.220
10/01/26 21:19:06 << : hash payload
10/01/26 21:19:06 << : vendor id payload
10/01/26 21:19:06 ii : peer supports XAUTH
10/01/26 21:19:06 << : vendor id payload
10/01/26 21:19:06 ii : peer supports DPDv1
10/01/26 21:19:06 ii : nat-t is unsupported by remote peer
10/01/26 21:19:06 == : DH shared secret ( 128 bytes )
10/01/26 21:19:06 == : SETKEYID ( 20 bytes )
10/01/26 21:19:06 == : SETKEYID_d ( 20 bytes )
10/01/26 21:19:06 == : SETKEYID_a ( 20 bytes )
10/01/26 21:19:06 == : SETKEYID_e ( 20 bytes )
10/01/26 21:19:06 == : cipher key ( 32 bytes )
10/01/26 21:19:06 == : cipher iv ( 16 bytes )
10/01/26 21:19:06 == : phase1 hash_i ( computed ) ( 20 bytes )
10/01/26 21:19:06 >> : hash payload
10/01/26 21:19:06 >= : cookies 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:06 >= : message 00000000
10/01/26 21:19:06 >= : encrypt iv ( 16 bytes )
10/01/26 21:19:06 == : encrypt packet ( 52 bytes )
10/01/26 21:19:06 == : stored iv ( 16 bytes )
10/01/26 21:19:06 DB : phase1 resend event canceled ( ref count = 1 )
10/01/26 21:19:06 -> : send IKE packet 192.168.110.150:500 ->
87.78.69.220:500 ( 88 bytes )
10/01/26 21:19:06 == : phase1 hash_r ( computed ) ( 20 bytes )
10/01/26 21:19:06 == : phase1 hash_r ( received ) ( 20 bytes )
10/01/26 21:19:06 ii : phase1 sa established
10/01/26 21:19:06 ii : 87.78.69.220:500 <-> 192.168.110.150:500
10/01/26 21:19:06 ii : 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:06 ii : sending peer INITIAL-CONTACT notification
10/01/26 21:19:06 ii : - 192.168.110.150:500 -> 87.78.69.220:500
10/01/26 21:19:06 ii : - isakmp spi = 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:06 ii : - data size 0
10/01/26 21:19:06 >> : hash payload
10/01/26 21:19:06 >> : notification payload
10/01/26 21:19:06 == : new informational hash ( 20 bytes )
10/01/26 21:19:06 == : new informational iv ( 16 bytes )
10/01/26 21:19:06 >= : cookies 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:06 >= : message e725d291
10/01/26 21:19:06 >= : encrypt iv ( 16 bytes )
10/01/26 21:19:06 == : encrypt packet ( 80 bytes )
10/01/26 21:19:06 == : stored iv ( 16 bytes )
10/01/26 21:19:06 -> : send IKE packet 192.168.110.150:500 ->
87.78.69.220:500 ( 120 bytes )
10/01/26 21:19:06 DB : config added ( obj count = 1 )
10/01/26 21:19:06 ii : building config attribute list
10/01/26 21:19:06 ii : - IP4 Address
10/01/26 21:19:06 ii : - Address Expiry
10/01/26 21:19:06 ii : - IP4 Netamask
10/01/26 21:19:06 == : new config iv ( 16 bytes )
10/01/26 21:19:06 ii : sending config pull request
10/01/26 21:19:06 >> : hash payload
10/01/26 21:19:06 >> : attribute payload
10/01/26 21:19:06 == : new configure hash ( 20 bytes )
10/01/26 21:19:06 >= : cookies 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:06 >= : message 7963e34c
10/01/26 21:19:06 >= : encrypt iv ( 16 bytes )
10/01/26 21:19:06 == : encrypt packet ( 72 bytes )
10/01/26 21:19:06 == : stored iv ( 16 bytes )
10/01/26 21:19:06 -> : send IKE packet 192.168.110.150:500 ->
87.78.69.220:500 ( 104 bytes )
10/01/26 21:19:06 DB : config resend event scheduled ( ref count = 2 )
10/01/26 21:19:06 DB : phase2 not found
10/01/26 21:19:06 <- : recv IKE packet 87.78.69.220:500 ->
192.168.110.150:500 ( 92 bytes )
10/01/26 21:19:06 DB : phase1 found
10/01/26 21:19:06 ii : processing informational packet ( 92 bytes )
10/01/26 21:19:06 == : new informational iv ( 16 bytes )
10/01/26 21:19:06 =< : cookies 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:06 =< : message 71bffda7
10/01/26 21:19:06 =< : decrypt iv ( 16 bytes )
10/01/26 21:19:06 == : decrypt packet ( 92 bytes )
10/01/26 21:19:06 <= : trimmed packet padding ( 12 bytes )
10/01/26 21:19:06 <= : stored iv ( 16 bytes )
10/01/26 21:19:06 << : hash payload
10/01/26 21:19:06 << : notification payload
10/01/26 21:19:06 == : informational hash_i ( computed ) ( 20 bytes )
10/01/26 21:19:06 == : informational hash_c ( received ) ( 20 bytes )
10/01/26 21:19:06 ii : informational hash verified
10/01/26 21:19:06 ii : received peer INITIAL-CONTACT notification
10/01/26 21:19:06 ii : - 87.78.69.220:500 -> 192.168.110.150:500
10/01/26 21:19:06 ii : - isakmp spi = 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:06 ii : - data size 0
10/01/26 21:19:06 <- : recv IKE packet 87.78.69.220:500 ->
192.168.110.150:500 ( 76 bytes )
10/01/26 21:19:06 DB : phase1 found
10/01/26 21:19:06 ii : processing config packet ( 76 bytes )
10/01/26 21:19:06 DB : config found
10/01/26 21:19:06 =< : cookies 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:06 =< : message 7963e34c
10/01/26 21:19:06 =< : decrypt iv ( 16 bytes )
10/01/26 21:19:06 == : decrypt packet ( 76 bytes )
10/01/26 21:19:06 <= : trimmed packet padding ( 8 bytes )
10/01/26 21:19:06 <= : stored iv ( 16 bytes )
10/01/26 21:19:06 << : hash payload
10/01/26 21:19:06 << : attribute payload
10/01/26 21:19:06 == : configure hash_i ( computed ) ( 20 bytes )
10/01/26 21:19:06 == : configure hash_c ( computed ) ( 20 bytes )
10/01/26 21:19:06 ii : configure hash verified
10/01/26 21:19:06 ii : received config pull response
10/01/26 21:19:06 ii : - IP4 Address = 192.168.116.202
10/01/26 21:19:06 DB : config resend event canceled ( ref count = 1 )
10/01/26 21:19:06 !! : invalid private netmask, defaulting to class c
10/01/26 21:19:10 ii : VNET adapter MTU is 1500
10/01/26 21:19:10 ii : enabled adapter ROOT\VNET\0000
10/01/26 21:19:10 ii : creating IPSEC INBOUND policy ANY:192.168.116.0/24:*
-> ANY:192.168.116.202:*
10/01/26 21:19:10 DB : policy added ( obj count = 1 )
10/01/26 21:19:10 K> : send pfkey X_SPDADD UNSPEC message
10/01/26 21:19:10 K< : recv pfkey X_SPDADD UNSPEC message
10/01/26 21:19:10 ii : creating IPSEC OUTBOUND policy ANY:192.168.116.202:*
-> ANY:192.168.116.0/24:*
10/01/26 21:19:10 DB : policy found
10/01/26 21:19:13 ii : created IPSEC policy route for 192.168.116.0/24
10/01/26 21:19:13 DB : policy added ( obj count = 2 )
10/01/26 21:19:13 K> : send pfkey X_SPDADD UNSPEC message
10/01/26 21:19:13 ii : creating IPSEC INBOUND policy ANY:192.168.115.32/27:*
-> ANY:192.168.116.202:*
10/01/26 21:19:13 DB : policy added ( obj count = 3 )
10/01/26 21:19:13 K> : send pfkey X_SPDADD UNSPEC message
10/01/26 21:19:13 ii : creating IPSEC OUTBOUND policy ANY:192.168.116.202:*
-> ANY:192.168.115.32/27:*
10/01/26 21:19:13 ii : created IPSEC policy route for 192.168.115.32/27
10/01/26 21:19:13 DB : policy added ( obj count = 4 )
10/01/26 21:19:13 K> : send pfkey X_SPDADD UNSPEC message
10/01/26 21:19:13 ii : creating IPSEC INBOUND policy ANY:192.168.115.64/27:*
-> ANY:192.168.116.202:*
10/01/26 21:19:13 DB : policy added ( obj count = 5 )
10/01/26 21:19:13 K> : send pfkey X_SPDADD UNSPEC message
10/01/26 21:19:13 ii : creating IPSEC OUTBOUND policy ANY:192.168.116.202:*
-> ANY:192.168.115.64/27:*
10/01/26 21:19:13 ii : created IPSEC policy route for 192.168.115.64/27
10/01/26 21:19:13 DB : policy added ( obj count = 6 )
10/01/26 21:19:13 K> : send pfkey X_SPDADD UNSPEC message
10/01/26 21:19:13 ii : creating IPSEC INBOUND policy ANY:200.200.200.0/24:*
-> ANY:192.168.116.202:*
10/01/26 21:19:13 DB : policy added ( obj count = 7 )
10/01/26 21:19:13 K> : send pfkey X_SPDADD UNSPEC message
10/01/26 21:19:13 ii : creating IPSEC OUTBOUND policy ANY:192.168.116.202:*
-> ANY:200.200.200.0/24:*
10/01/26 21:19:13 ii : created IPSEC policy route for 200.200.200.0/24
10/01/26 21:19:13 DB : policy added ( obj count = 8 )
10/01/26 21:19:13 K> : send pfkey X_SPDADD UNSPEC message
10/01/26 21:19:13 ii : split DNS is disabled
10/01/26 21:19:14 K< : recv pfkey X_SPDADD UNSPEC message
10/01/26 21:19:14 DB : policy found
10/01/26 21:19:14 K< : recv pfkey X_SPDADD UNSPEC message
10/01/26 21:19:14 DB : policy found
10/01/26 21:19:14 K< : recv pfkey X_SPDADD UNSPEC message
10/01/26 21:19:14 DB : policy found
10/01/26 21:19:14 K< : recv pfkey X_SPDADD UNSPEC message
10/01/26 21:19:14 DB : policy found
10/01/26 21:19:14 K< : recv pfkey X_SPDADD UNSPEC message
10/01/26 21:19:14 DB : policy found
10/01/26 21:19:14 K< : recv pfkey X_SPDADD UNSPEC message
10/01/26 21:19:14 DB : policy found
10/01/26 21:19:14 K< : recv pfkey X_SPDADD UNSPEC message
10/01/26 21:19:14 DB : policy found
10/01/26 21:19:16 <- : recv IKE packet 87.78.69.220:500 ->
192.168.110.150:500 ( 76 bytes )
10/01/26 21:19:16 DB : phase1 found
10/01/26 21:19:16 ii : processing config packet ( 76 bytes )
10/01/26 21:19:16 DB : config found
10/01/26 21:19:16 !! : config packet ignored, ( config already mature )
10/01/26 21:19:21 DB : phase1 found
10/01/26 21:19:21 ii : sending peer DPDV1-R-U-THERE notification
10/01/26 21:19:21 ii : - 192.168.110.150:500 -> 87.78.69.220:500
10/01/26 21:19:21 ii : - isakmp spi = 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:21 ii : - data size 4
10/01/26 21:19:21 >> : hash payload
10/01/26 21:19:21 >> : notification payload
10/01/26 21:19:21 == : new informational hash ( 20 bytes )
10/01/26 21:19:21 == : new informational iv ( 16 bytes )
10/01/26 21:19:21 >= : cookies 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:21 >= : message d47cfd58
10/01/26 21:19:21 >= : encrypt iv ( 16 bytes )
10/01/26 21:19:21 == : encrypt packet ( 84 bytes )
10/01/26 21:19:21 == : stored iv ( 16 bytes )
10/01/26 21:19:21 -> : send IKE packet 192.168.110.150:500 ->
87.78.69.220:500 ( 120 bytes )
10/01/26 21:19:21 ii : DPD ARE-YOU-THERE sequence 13557105 requested
10/01/26 21:19:21 <- : recv IKE packet 87.78.69.220:500 ->
192.168.110.150:500 ( 92 bytes )
10/01/26 21:19:21 DB : phase1 found
10/01/26 21:19:21 ii : processing informational packet ( 92 bytes )
10/01/26 21:19:21 == : new informational iv ( 16 bytes )
10/01/26 21:19:21 =< : cookies 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:21 =< : message d47cfd58
10/01/26 21:19:21 =< : decrypt iv ( 16 bytes )
10/01/26 21:19:21 == : decrypt packet ( 92 bytes )
10/01/26 21:19:21 <= : trimmed packet padding ( 8 bytes )
10/01/26 21:19:21 <= : stored iv ( 16 bytes )
10/01/26 21:19:21 << : hash payload
10/01/26 21:19:21 << : notification payload
10/01/26 21:19:21 == : informational hash_i ( computed ) ( 20 bytes )
10/01/26 21:19:21 == : informational hash_c ( received ) ( 20 bytes )
10/01/26 21:19:21 ii : informational hash verified
10/01/26 21:19:21 ii : received peer DPDV1-R-U-THERE-ACK notification
10/01/26 21:19:21 ii : - 87.78.69.220:500 -> 192.168.110.150:500
10/01/26 21:19:21 ii : - isakmp spi = 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:21 ii : - data size 4
10/01/26 21:19:21 ii : DPD ARE-YOU-THERE-ACK sequence 13557105 accepted
10/01/26 21:19:21 ii : next tunnel DPD request in 15 secs for peer
87.78.69.220:500
10/01/26 21:19:36 DB : phase1 found
10/01/26 21:19:36 ii : sending peer DPDV1-R-U-THERE notification
10/01/26 21:19:36 ii : - 192.168.110.150:500 -> 87.78.69.220:500
10/01/26 21:19:36 ii : - isakmp spi = 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:36 ii : - data size 4
10/01/26 21:19:36 >> : hash payload
10/01/26 21:19:36 >> : notification payload
10/01/26 21:19:36 == : new informational hash ( 20 bytes )
10/01/26 21:19:36 == : new informational iv ( 16 bytes )
10/01/26 21:19:36 >= : cookies 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:36 >= : message d94919f8
10/01/26 21:19:36 >= : encrypt iv ( 16 bytes )
10/01/26 21:19:36 == : encrypt packet ( 84 bytes )
10/01/26 21:19:36 == : stored iv ( 16 bytes )
10/01/26 21:19:36 -> : send IKE packet 192.168.110.150:500 ->
87.78.69.220:500 ( 120 bytes )
10/01/26 21:19:36 ii : DPD ARE-YOU-THERE sequence 13557106 requested
10/01/26 21:19:36 <- : recv IKE packet 87.78.69.220:500 ->
192.168.110.150:500 ( 92 bytes )
10/01/26 21:19:36 DB : phase1 found
10/01/26 21:19:36 ii : processing informational packet ( 92 bytes )
10/01/26 21:19:36 == : new informational iv ( 16 bytes )
10/01/26 21:19:36 =< : cookies 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:36 =< : message d94919f8
10/01/26 21:19:36 =< : decrypt iv ( 16 bytes )
10/01/26 21:19:36 == : decrypt packet ( 92 bytes )
10/01/26 21:19:36 <= : trimmed packet padding ( 8 bytes )
10/01/26 21:19:36 <= : stored iv ( 16 bytes )
10/01/26 21:19:36 << : hash payload
10/01/26 21:19:36 << : notification payload
10/01/26 21:19:36 == : informational hash_i ( computed ) ( 20 bytes )
10/01/26 21:19:36 == : informational hash_c ( received ) ( 20 bytes )
10/01/26 21:19:36 ii : informational hash verified
10/01/26 21:19:36 ii : received peer DPDV1-R-U-THERE-ACK notification
10/01/26 21:19:36 ii : - 87.78.69.220:500 -> 192.168.110.150:500
10/01/26 21:19:36 ii : - isakmp spi = 9e1e592bf5ae00db:434283c235f105b3
10/01/26 21:19:36 ii : - data size 4
10/01/26 21:19:36 ii : DPD ARE-YOU-THERE-ACK sequence 13557106 accepted
10/01/26 21:19:36 ii : next tunnel DPD request in 15 secs for peer
87.78.69.220:500
10/01/26 21:19:36 <- : recv IKE packet 87.78.69.220:500 ->
192.168.110.150:500 ( 76 bytes )
10/01/26 21:19:36 DB : phase1 found
10/01/26 21:19:36 ii : processing config packet ( 76 bytes )
10/01/26 21:19:36 DB : config found
10/01/26 21:19:36 !! : config packet ignored, ( config already mature )
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100126/d3e84666/attachment-0001.html>
More information about the vpn-help
mailing list