[vpn-help] Trouble opening tunnel to FVS336G

Robert Rolnik panamania at gmail.com
Mon May 10 08:35:58 CDT 2010 

Folks:
  I think I've got about 95% of my handshake complete between Shrewsoft VPN
client and a Cisco FVS336G.  Here is the log on the FVS336G:



-- 2010 May 10 07:44:29 [FVS336G] [IKE] Remote configuration for identifier
"fvs_remote.com" found_
2010 May 10 07:44:29 [FVS336G] [IKE] Received request for new phase 1
negotiation: 67.76.235.148[500]<=>173.11.130.253[500]_
2010 May 10 07:44:29 [FVS336G] [IKE] Beginning Aggressive mode._
2010 May 10 07:44:29 [FVS336G] [IKE] Received Vendor ID:
draft-ietf-ipsra-isakmp-xauth-06.txt_
2010 May 10 07:44:29 [FVS336G] [IKE] Received unknown Vendor ID_
                - Last output repeated twice -
2010 May 10 07:44:29 [FVS336G] [IKE] Received Vendor ID:
draft-ietf-ipsec-nat-t-ike-02__
2010 May 10 07:44:29 [FVS336G] [IKE] Received unknown Vendor ID_
                - Last output repeated 6 times -
2010 May 10 07:44:29 [FVS336G] [IKE] Received Vendor ID: CISCO-UNITY_
2010 May 10 07:44:29 [FVS336G] [IKE] For 173.11.130.253[500], Selected NAT-T
version: draft-ietf-ipsec-nat-t-ike-02_
2010 May 10 07:44:30 [FVS336G] [IKE] Floating ports for NAT-T with peer
173.11.130.253[4500]_
2010 May 10 07:44:30 [FVS336G] [IKE] NAT-D payload does not match for
67.76.235.148[4500]_
2010 May 10 07:44:30 [FVS336G] [IKE] NAT-D payload does not match for
173.11.130.253[4500]_
2010 May 10 07:44:30 [FVS336G] [IKE] NAT detected: Local is behind a NAT
device. and alsoPeer is behind a NAT device_
2010 May 10 07:44:30 [FVS336G] [IKE] 172.20.0.1 IP address is assigned to
remote peer 173.11.130.253[4500]_
2010 May 10 07:44:30 [FVS336G] [IKE] ISAKMP-SA established for
67.76.235.148[4500]-173.11.130.253[4500] with
spi:64b2b83fb57674d7:98e4904d5fc27eff_
2010 May 10 07:44:30 [FVS336G] [IKE] Sending Informational Exchange: notify
payload[INITIAL-CONTACT]_
2010 May 10 07:44:30 [FVS336G] [IKE] Purged ISAKMP-SA with proto_id=ISAKMP
and spi=64b2b83fb57674d7:98e4904d5fc27eff._
2010 May 10 07:44:31 [FVS336G] [IKE] ISAKMP-SA deleted for
67.76.235.148[4500]-173.11.130.253[4500] with
spi:64b2b83fb57674d7:98e4904d5fc27eff_
2010 May 10 07:44:31 [FVS336G] [IKE] 172.20.0.1 IP address has been released
by remote peer._
2010 May 10 07:44:31 [FVS336G] [IKE] No policy found: 172.20.0.1/32[0]
0.0.0.0/0[0] proto=any dir=in_
2010 May 10 07:44:31 [FVS336G] [IKE] No policy found: 0.0.0.0/0[0]
172.20.0.1/32[0] proto=any dir=out_

I've tried operating the Trace Utility as administrator.  It opens, but the
'Open Log' and 'Trace Log' seem to have no effect.  I'm running Shrewsoft on
a HP DV5T laptop 64-bit on Vista. Any help/tips would be greatly
appreciated.  Currently Shrewsoft  seems to hang at "Opening Tunnel..."

Best Regards,
Robert C. Rolnik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100510/d5173177/attachment-0001.html>

More information about the vpn-help mailing list