[vpn-help] Not passing SA traffic from VPN to Client.

mikelupo at aol.com mikelupo at aol.com
Wed May 19 19:29:08 CDT 2010 

 

 Hi,

VPN = Netgear FVS318G. Shrew Client v 2.1.6 running on Windows XP SP3.
Does this log output scream anything that I've done incorrectly? This was previously working with no changes made to either client or VPN Router. I'm a bit baffled.

VPN Trace:
The SP tab looks good. The SA tab shows traffic from client to router but there's 0 bytes from Router to Client.
The IP address of the Remote LAN is 192.168.1.1/255.255.255.0. The Mode config DHCP range is in the 192.168.2.x subnet 255.255.255.0. 
The Local LAN is 10.0.0.x/255.255.255.0 subnet.

The VPN log output:
                - Last output repeated 2 times -
2010 May 19 20:14:01 [FVS318g] [IKE] an undead schedule has been deleted: 'pk_recvupdate'._
2010 May 19 20:14:01 [FVS318g] [IKE] Purged IPsec-SA with proto_id=ESP and spi=2557767751(0x98747047)._
2010 May 19 20:14:01 [FVS318g] [IKE] Purged ISAKMP-SA with proto_id=ISAKMP and spi=4ffe558a9287ad0d:57a38005c87b2bca._
2010 May 19 20:14:02 [FVS318g] [IKE] ISAKMP-SA deleted for 66.30.154.165[4500]-98.216.225.129[4500] with spi:4ffe558a9287ad0d:57a38005c87b2bca_
2010 May 19 20:14:03 [FVS318g] [IKE] 192.168.2.50 IP address has been released by remote peer._
2010 May 19 20:14:08 [FVS318g] [IKE] Remote configuration for identifier "client.domain.com" found_
2010 May 19 20:14:08 [FVS318g] [IKE] Received request for new phase 1 negotiation: 66.30.154.165[500]<=>98.216.225.129[500]_
2010 May 19 20:14:08 [FVS318g] [IKE] Beginning Aggressive mode._
2010 May 19 20:14:08 [FVS318g] [IKE] Received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt_
2010 May 19 20:14:08 [FVS318g] [IKE] Received unknown Vendor ID_
                - Last output repeated twice -
2010 May 19 20:14:08 [FVS318g] [IKE] Received Vendor ID: draft-ietf-ipsec-nat-t-ike-02__
2010 May 19 20:14:08 [FVS318g] [IKE] Received unknown Vendor ID_
                - Last output repeated 2 times -
2010 May 19 20:14:08 [FVS318g] [IKE] Received Vendor ID: DPD_
2010 May 19 20:14:08 [FVS318g] [IKE] Received unknown Vendor ID_
                - Last output repeated 2 times -
2010 May 19 20:14:08 [FVS318g] [IKE] Received Vendor ID: CISCO-UNITY_
2010 May 19 20:14:08 [FVS318g] [IKE] For 98.216.225.129[500], Selected NAT-T version: draft-ietf-ipsec-nat-t-ike-02_
2010 May 19 20:14:09 [FVS318g] [IKE] Floating ports for NAT-T with peer 98.216.225.129[4500]_
2010 May 19 20:14:09 [FVS318g] [IKE] NAT-D payload does not match for 66.30.154.165[4500]_
2010 May 19 20:14:09 [FVS318g] [IKE] NAT-D payload does not match for 98.216.225.129[4500]_
2010 May 19 20:14:10 [FVS318g] [IKE] NAT detected: Local is behind a NAT device. and alsoPeer is behind a NAT device_
2010 May 19 20:14:10 [FVS318g] [IKE] Sending Xauth request to 98.216.225.129[4500]_
2010 May 19 20:14:10 [FVS318g] [IKE] ISAKMP-SA established for 66.30.154.165[4500]-98.216.225.129[4500] with spi:cdff094ce5ec83fd:b37ec0139449df85_
2010 May 19 20:14:10 [FVS318g] [IKE] purging spi=50156922._
2010 May 19 20:14:10 [FVS318g] [IKE] Received attribute type "ISAKMP_CFG_REPLY" from 98.216.225.129[4500]_
2010 May 19 20:14:10 [FVS318g] [IKE] Login succeeded for user "necb"_
2010 May 19 20:14:10 [FVS318g] [IKE] Received attribute type "ISAKMP_CFG_REQUEST" from 98.216.225.129[4500]_
2010 May 19 20:14:10 [FVS318g] [IKE] 192.168.2.50 IP address is assigned to remote peer 98.216.225.129[4500]_
2010 May 19 20:14:10 [FVS318g] [IKE] Ignored attribute 5_
2010 May 19 20:14:16 [FVS318g] [IKE] Responding to new phase 2 negotiation: 66.30.154.165[0]<=>98.216.225.129[0]_
2010 May 19 20:14:16 [FVS318g] [IKE] Using IPsec SA configuration: 192.168.1.0/24<->192.168.2.0/24_
2010 May 19 20:14:17 [FVS318g] [IKE] Adjusting peer's encmode 61443(61443)->Tunnel(1)_
2010 May 19 20:14:17 [FVS318g] [IKE] IPsec-SA established[UDP encap 4500->4500]: ESP/Tunnel 98.216.225.129->66.30.154.165 with spi=1265547(0x134f8b)_
2010 May 19 20:14:17 [FVS318g] [IKE] IPsec-SA established[UDP encap 4500->4500]: ESP/Tunnel 66.30.154.165->98.216.225.129 with spi=3340201975(0xc7176ff7)_
2010 May 19 20:14:25 [FVS318g] [IKE] Sending Informational Exchange: notify payload[10637]_

Thanks in advance,
Mike


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100519/d54cb97e/attachment-0001.html>

More information about the vpn-help mailing list