[vpn-help] Windows Client 2.1.7 and Linksys BEFSX41
Alexander Coers
Alexander.Coers at gmx.de
Wed Apr 20 05:53:29 CDT 2011
Hello all,
does anyone tested this config and can help me?
The thing is, I can connect to the router, the status is "tunnel enabled".
If I start to ping a client inside the 192.168.6.0 network, the client starts negotiating again, but nothing happens (e.g. I get no answer from the pinged device).
With VPN Trace I can see (in Security Associations), that the tunnel always stays in LARVAL state.
The IKE Service Log can be found below.
Any suggestions for me (and sorry for this long mail)?
Thanks,
Alexander
The settings I use on the Linksys (Firmware 1.45.7, Dec 30 2003) are:
(I know not the best settings possible, but these are the default settings of the device)
VPN SETTINGS
Tunnel Name: Alex1
Local Secure Group: 192.168.6.0, Mask:255.255.255.0 (Local LAN behind Linksys)
Remote Secure Group: Any (This Gateway accepts request from any IP address!)
Remote Security Gateway: Any (This Gateway accepts request from any IP address!)
Encryption: DES (3DES is not selected)
Authentication: MD5 (SHA is not selected)
Key Management: Auto (IKE)
PFS (Perfect Forward Secrecy) enabled
Pre-shared Key:xxxxxx
Key Lifetime: 3600 Sec.
ADVANCED SETTINGS
Phase 1:
Mode: Main mode
Proposal 1:
Encryption: DES
Authentication: MD5
Group 768 Bit
Key Lifetime: 3600 seconds
(Note: Following three additional proposals are also proposed in Main mode: DES/MD5/768, 3DES/SHA/1024 and 3DES/MD5/1024.)
Phase 2:
Enccryption: DES
Authentication: MD5
PFS: On
Group: 768 Bit
Key Lifetime: 3600 seconds
------------------------------------------------------------------
On the Client Side I use:
General:
Serverip, Port 500, Auto Config disabled
Local Host, Address Method: Use existing
Client:
NAT Traversal: enable, Port 4500, 15s, IKE Fragmentation disabled
Dead Peer Detection and ISAKMP Failure Notifications enabled
Name Resolution:
Nothing enabled/checked.
Authentication:
Mutual PSK
Local Identity: IP Address, checked Use a discovered local host address
Remote Identity: IP Address, checked Use a discovered remote host address
Credentials: the Pre Shared Key :-)
Phase1:
Main, auto, des, md5, 3600s, 0kbytes.
Phase2:
esp-des,md5,group1, disabled, 3600s, 0kbytes
Policy:
Unique, nothing checked, include 192.168.6.0 / 255.255.255.0
------------------------------------------------------------------
IKE Service Log
11/04/20 12:47:37 ## : IKE Daemon, ver 2.1.7
11/04/20 12:47:37 ## : Copyright 2010 Shrew Soft Inc.
11/04/20 12:47:37 ## : This product linked OpenSSL 0.9.8h 28 May 2008
11/04/20 12:47:37 ii : opened 'C:\Programme\ShrewSoft\VPN Client\debug\iked.log'
11/04/20 12:47:37 ii : rebuilding vnet device list ...
11/04/20 12:47:37 ii : device ROOT\VNET\0000 disabled
11/04/20 12:47:37 ii : network process thread begin ...
11/04/20 12:47:37 ii : ipc server process thread begin ...
11/04/20 12:47:37 ii : pfkey process thread begin ...
11/04/20 12:47:47 !! : unable to connect to pfkey interface
11/04/20 12:47:54 ii : ipc client process thread begin ...
11/04/20 12:47:54 <A : peer config add message
11/04/20 12:47:54 DB : peer ref increment ( ref count = 1, obj count = 0 )
11/04/20 12:47:54 DB : peer added ( obj count = 1 )
11/04/20 12:47:54 ii : local address 2.200.38.165 selected for peer
11/04/20 12:47:54 DB : peer ref increment ( ref count = 2, obj count = 1 )
11/04/20 12:47:54 DB : tunnel ref increment ( ref count = 1, obj count = 0 )
11/04/20 12:47:54 DB : tunnel added ( obj count = 1 )
11/04/20 12:47:54 <A : proposal config message
11/04/20 12:47:54 <A : proposal config message
11/04/20 12:47:54 <A : client config message
11/04/20 12:47:54 <A : preshared key message
11/04/20 12:47:54 <A : remote resource message
11/04/20 12:47:54 <A : peer tunnel enable message
11/04/20 12:47:54 DB : tunnel ref increment ( ref count = 2, obj count = 1 )
11/04/20 12:47:54 DB : new phase1 ( ISAKMP initiator )
11/04/20 12:47:54 DB : exchange type is identity protect
11/04/20 12:47:54 DB : 2.200.38.165:500 <-> 62.226.82.189:500
11/04/20 12:47:54 DB : 24bc4af0af0b6800:0000000000000000
11/04/20 12:47:54 DB : phase1 ref increment ( ref count = 1, obj count = 0 )
11/04/20 12:47:54 DB : phase1 added ( obj count = 1 )
11/04/20 12:47:54 >> : security association payload
11/04/20 12:47:54 >> : - proposal #1 payload
11/04/20 12:47:54 >> : -- transform #1 payload
11/04/20 12:47:54 >> : -- transform #2 payload
11/04/20 12:47:54 >> : -- transform #3 payload
11/04/20 12:47:54 >> : -- transform #4 payload
11/04/20 12:47:54 >> : -- transform #5 payload
11/04/20 12:47:54 >> : vendor id payload
11/04/20 12:47:54 ii : local supports nat-t ( draft v00 )
11/04/20 12:47:54 >> : vendor id payload
11/04/20 12:47:54 ii : local supports nat-t ( draft v01 )
11/04/20 12:47:54 >> : vendor id payload
11/04/20 12:47:54 ii : local supports nat-t ( draft v02 )
11/04/20 12:47:54 >> : vendor id payload
11/04/20 12:47:54 ii : local supports nat-t ( draft v03 )
11/04/20 12:47:54 >> : vendor id payload
11/04/20 12:47:54 ii : local supports nat-t ( rfc )
11/04/20 12:47:54 >> : vendor id payload
11/04/20 12:47:54 ii : local supports DPDv1
11/04/20 12:47:54 >> : vendor id payload
11/04/20 12:47:54 ii : local is SHREW SOFT compatible
11/04/20 12:47:54 >> : vendor id payload
11/04/20 12:47:54 ii : local is NETSCREEN compatible
11/04/20 12:47:54 >> : vendor id payload
11/04/20 12:47:54 ii : local is SIDEWINDER compatible
11/04/20 12:47:54 >> : vendor id payload
11/04/20 12:47:54 ii : local is CISCO UNITY compatible
11/04/20 12:47:54 >= : cookies 24bc4af0af0b6800:0000000000000000
11/04/20 12:47:54 >= : message 00000000
11/04/20 12:47:54 -> : send IKE packet 2.200.38.165:500 -> 62.226.82.189:500 ( 460 bytes )
11/04/20 12:47:54 DB : phase1 resend event scheduled ( ref count = 2 )
11/04/20 12:47:54 DB : phase1 ref decrement ( ref count = 1, obj count = 1 )
11/04/20 12:47:54 DB : tunnel ref increment ( ref count = 3, obj count = 1 )
11/04/20 12:47:56 <- : recv IKE packet 62.226.82.189:500 -> 2.200.38.165:500 ( 84 bytes )
11/04/20 12:47:56 DB : phase1 found
11/04/20 12:47:56 DB : phase1 ref increment ( ref count = 2, obj count = 1 )
11/04/20 12:47:56 ii : processing phase1 packet ( 84 bytes )
11/04/20 12:47:56 =< : cookies 24bc4af0af0b6800:45830cf66a05afc1
11/04/20 12:47:56 =< : message 00000000
11/04/20 12:47:56 << : security association payload
11/04/20 12:47:56 << : - propsal #1 payload
11/04/20 12:47:56 << : -- transform #1 payload
11/04/20 12:47:56 ii : unmatched isakmp proposal/transform
11/04/20 12:47:56 ii : dh group description ( modp-1024 != modp-3072 )
11/04/20 12:47:56 ii : unmatched isakmp proposal/transform
11/04/20 12:47:56 ii : dh group description ( modp-1024 != modp-2048 )
11/04/20 12:47:56 ii : unmatched isakmp proposal/transform
11/04/20 12:47:56 ii : dh group description ( modp-1024 != modp-1536 )
11/04/20 12:47:56 !! : peer violates RFC, transform number mismatch ( 1 != 4 )
11/04/20 12:47:56 ii : matched isakmp proposal #1 transform #1
11/04/20 12:47:56 ii : - transform = ike
11/04/20 12:47:56 ii : - cipher type = des
11/04/20 12:47:56 ii : - key length = default
11/04/20 12:47:56 ii : - hash type = md5
11/04/20 12:47:56 ii : - dh group = modp-1024
11/04/20 12:47:56 ii : - auth type = psk
11/04/20 12:47:56 ii : - life seconds = 3600
11/04/20 12:47:56 ii : - life kbytes = 0
11/04/20 12:47:56 >> : key exchange payload
11/04/20 12:47:56 >> : nonce payload
11/04/20 12:47:56 >= : cookies 24bc4af0af0b6800:45830cf66a05afc1
11/04/20 12:47:56 >= : message 00000000
11/04/20 12:47:56 DB : phase1 resend event canceled ( ref count = 1 )
11/04/20 12:47:56 -> : send IKE packet 2.200.38.165:500 -> 62.226.82.189:500 ( 212 bytes )
11/04/20 12:47:56 DB : phase1 resend event scheduled ( ref count = 2 )
11/04/20 12:47:56 DB : phase1 ref decrement ( ref count = 1, obj count = 1 )
11/04/20 12:47:57 <- : recv IKE packet 62.226.82.189:500 -> 2.200.38.165:500 ( 184 bytes )
11/04/20 12:47:57 DB : phase1 found
11/04/20 12:47:57 DB : phase1 ref increment ( ref count = 2, obj count = 1 )
11/04/20 12:47:57 ii : processing phase1 packet ( 184 bytes )
11/04/20 12:47:57 =< : cookies 24bc4af0af0b6800:45830cf66a05afc1
11/04/20 12:47:57 =< : message 00000000
11/04/20 12:47:57 << : key exchange payload
11/04/20 12:47:57 << : nonce payload
11/04/20 12:47:57 ii : nat-t is unsupported by remote peer
11/04/20 12:47:57 == : DH shared secret ( 128 bytes )
11/04/20 12:47:57 == : SETKEYID ( 16 bytes )
11/04/20 12:47:57 == : SETKEYID_d ( 16 bytes )
11/04/20 12:47:57 == : SETKEYID_a ( 16 bytes )
11/04/20 12:47:57 == : SETKEYID_e ( 16 bytes )
11/04/20 12:47:57 == : cipher key ( 8 bytes )
11/04/20 12:47:57 == : cipher iv ( 8 bytes )
11/04/20 12:47:57 >> : identification payload
11/04/20 12:47:57 == : phase1 hash_i ( computed ) ( 16 bytes )
11/04/20 12:47:57 >> : hash payload
11/04/20 12:47:57 >= : cookies 24bc4af0af0b6800:45830cf66a05afc1
11/04/20 12:47:57 >= : message 00000000
11/04/20 12:47:57 >= : encrypt iv ( 8 bytes )
11/04/20 12:47:57 == : encrypt packet ( 60 bytes )
11/04/20 12:47:57 == : stored iv ( 8 bytes )
11/04/20 12:47:57 DB : phase1 resend event canceled ( ref count = 1 )
11/04/20 12:47:57 -> : send IKE packet 2.200.38.165:500 -> 62.226.82.189:500 ( 88 bytes )
11/04/20 12:47:57 DB : phase1 ref decrement ( ref count = 0, obj count = 1 )
11/04/20 12:47:58 <- : recv IKE packet 62.226.82.189:500 -> 2.200.38.165:500 ( 60 bytes )
11/04/20 12:47:58 DB : phase1 found
11/04/20 12:47:58 DB : phase1 ref increment ( ref count = 1, obj count = 1 )
11/04/20 12:47:58 ii : processing phase1 packet ( 60 bytes )
11/04/20 12:47:58 =< : cookies 24bc4af0af0b6800:45830cf66a05afc1
11/04/20 12:47:58 =< : message 00000000
11/04/20 12:47:58 =< : decrypt iv ( 8 bytes )
11/04/20 12:47:58 == : decrypt packet ( 60 bytes )
11/04/20 12:47:58 <= : stored iv ( 8 bytes )
11/04/20 12:47:58 << : identification payload
11/04/20 12:47:58 ii : phase1 id match ( natt prevents ip match )
11/04/20 12:47:58 ii : received = ipv4-host 62.226.82.189
11/04/20 12:47:58 << : hash payload
11/04/20 12:47:58 == : phase1 hash_r ( computed ) ( 16 bytes )
11/04/20 12:47:58 == : phase1 hash_r ( received ) ( 16 bytes )
11/04/20 12:47:58 ii : phase1 sa established
11/04/20 12:47:58 ii : 62.226.82.189:500 <-> 2.200.38.165:500
11/04/20 12:47:58 ii : 24bc4af0af0b6800:45830cf66a05afc1
11/04/20 12:47:58 ii : sending peer INITIAL-CONTACT notification
11/04/20 12:47:58 ii : - 2.200.38.165:500 -> 62.226.82.189:500
11/04/20 12:47:58 ii : - isakmp spi = 24bc4af0af0b6800:45830cf66a05afc1
11/04/20 12:47:58 ii : - data size 0
11/04/20 12:47:58 >> : hash payload
11/04/20 12:47:58 >> : notification payload
11/04/20 12:47:58 == : new informational hash ( 16 bytes )
11/04/20 12:47:58 == : new informational iv ( 8 bytes )
11/04/20 12:47:58 >= : cookies 24bc4af0af0b6800:45830cf66a05afc1
11/04/20 12:47:58 >= : message 45fc1aaa
11/04/20 12:47:58 >= : encrypt iv ( 8 bytes )
11/04/20 12:47:58 == : encrypt packet ( 76 bytes )
11/04/20 12:47:58 == : stored iv ( 8 bytes )
11/04/20 12:47:58 -> : send IKE packet 2.200.38.165:500 -> 62.226.82.189:500 ( 104 bytes )
11/04/20 12:47:58 DB : tunnel ref increment ( ref count = 4, obj count = 1 )
11/04/20 12:47:58 DB : config ref increment ( ref count = 1, obj count = 0 )
11/04/20 12:47:58 DB : config added ( obj count = 1 )
11/04/20 12:47:58 ii : configuration method is manual
11/04/20 12:47:58 DB : config ref decrement ( ref count = 0, obj count = 1 )
11/04/20 12:47:58 DB : phase1 ref increment ( ref count = 2, obj count = 1 )
11/04/20 12:47:58 DB : phase1 ref increment ( ref count = 3, obj count = 1 )
11/04/20 12:47:58 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
11/04/20 12:47:58 DB : phase2 not found
11/04/20 12:47:58 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
11/04/20 12:47:58 ii : generating IPSEC security policies at UNIQUE level
11/04/20 12:47:58 ii : creating NONE INBOUND policy ANY:62.226.82.189:* -> ANY:2.200.38.165:*
11/04/20 12:47:58 DB : policy ref increment ( ref count = 1, obj count = 0 )
11/04/20 12:47:58 DB : policy added ( obj count = 1 )
11/04/20 12:47:58 DB : policy ref decrement ( ref count = 0, obj count = 1 )
11/04/20 12:47:58 K> : send pfkey X_SPDADD UNSPEC message
11/04/20 12:47:58 ii : creating NONE OUTBOUND policy ANY:2.200.38.165:* -> ANY:62.226.82.189:*
11/04/20 12:47:58 K< : recv pfkey X_SPDADD UNSPEC message
11/04/20 12:47:58 DB : policy found
11/04/20 12:47:58 DB : policy ref increment ( ref count = 1, obj count = 1 )
11/04/20 12:47:58 DB : policy ref decrement ( ref count = 0, obj count = 1 )
11/04/20 12:47:58 ii : created NONE policy route for 62.226.82.189/32
11/04/20 12:47:58 DB : policy ref increment ( ref count = 1, obj count = 1 )
11/04/20 12:47:58 DB : policy added ( obj count = 2 )
11/04/20 12:47:58 DB : policy ref decrement ( ref count = 0, obj count = 2 )
11/04/20 12:47:58 K> : send pfkey X_SPDADD UNSPEC message
11/04/20 12:47:58 K< : recv pfkey X_SPDADD UNSPEC message
11/04/20 12:47:58 DB : policy found
11/04/20 12:47:58 DB : policy ref increment ( ref count = 1, obj count = 2 )
11/04/20 12:47:58 DB : policy ref decrement ( ref count = 0, obj count = 2 )
11/04/20 12:47:58 ii : creating IPSEC INBOUND policy ANY:192.168.6.0/24:* -> ANY:2.200.38.165:*
11/04/20 12:47:58 DB : policy ref increment ( ref count = 1, obj count = 2 )
11/04/20 12:47:58 DB : policy added ( obj count = 3 )
11/04/20 12:47:58 DB : policy ref decrement ( ref count = 0, obj count = 3 )
11/04/20 12:47:58 K> : send pfkey X_SPDADD UNSPEC message
11/04/20 12:47:58 ii : creating IPSEC OUTBOUND policy ANY:2.200.38.165:* -> ANY:192.168.6.0/24:*
11/04/20 12:47:58 K< : recv pfkey X_SPDADD UNSPEC message
11/04/20 12:47:58 DB : policy found
11/04/20 12:47:58 DB : policy ref increment ( ref count = 1, obj count = 3 )
11/04/20 12:47:58 DB : policy ref decrement ( ref count = 0, obj count = 3 )
11/04/20 12:47:58 ii : created IPSEC policy route for 192.168.6.0/24
11/04/20 12:47:58 DB : policy ref increment ( ref count = 1, obj count = 3 )
11/04/20 12:47:58 DB : policy added ( obj count = 4 )
11/04/20 12:47:58 DB : policy ref decrement ( ref count = 0, obj count = 4 )
11/04/20 12:47:58 K> : send pfkey X_SPDADD UNSPEC message
11/04/20 12:47:58 ii : split DNS is disabled
11/04/20 12:47:58 K< : recv pfkey X_SPDADD UNSPEC message
11/04/20 12:47:58 DB : policy found
11/04/20 12:47:58 DB : policy ref increment ( ref count = 1, obj count = 4 )
11/04/20 12:47:58 DB : policy ref decrement ( ref count = 0, obj count = 4 )
11/04/20 12:48:05 K< : recv pfkey ACQUIRE UNSPEC message
11/04/20 12:48:05 DB : policy found
11/04/20 12:48:05 DB : policy ref increment ( ref count = 1, obj count = 4 )
11/04/20 12:48:05 DB : policy found
11/04/20 12:48:05 DB : policy ref increment ( ref count = 1, obj count = 4 )
11/04/20 12:48:05 DB : tunnel found
11/04/20 12:48:05 DB : tunnel ref increment ( ref count = 5, obj count = 1 )
11/04/20 12:48:05 DB : tunnel ref increment ( ref count = 6, obj count = 1 )
11/04/20 12:48:05 DB : new phase2 ( IPSEC initiator )
11/04/20 12:48:05 DB : phase2 ref increment ( ref count = 1, obj count = 0 )
11/04/20 12:48:05 DB : phase2 added ( obj count = 1 )
11/04/20 12:48:05 K> : send pfkey GETSPI ESP message
11/04/20 12:48:05 DB : phase2 ref decrement ( ref count = 0, obj count = 1 )
11/04/20 12:48:05 DB : tunnel ref decrement ( ref count = 5, obj count = 1 )
11/04/20 12:48:05 DB : policy ref decrement ( ref count = 0, obj count = 4 )
11/04/20 12:48:05 DB : policy ref decrement ( ref count = 0, obj count = 4 )
11/04/20 12:48:05 K< : recv pfkey GETSPI ESP message
11/04/20 12:48:05 DB : phase2 found
11/04/20 12:48:05 DB : phase2 ref increment ( ref count = 1, obj count = 1 )
11/04/20 12:48:05 ii : updated spi for 1 ipsec-esp proposal
11/04/20 12:48:05 DB : phase1 found
11/04/20 12:48:05 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
11/04/20 12:48:05 >> : hash payload
11/04/20 12:48:05 >> : security association payload
11/04/20 12:48:05 >> : - proposal #1 payload
11/04/20 12:48:05 >> : -- transform #1 payload
11/04/20 12:48:05 >> : nonce payload
11/04/20 12:48:05 >> : key exchange payload
11/04/20 12:48:05 >> : identification payload
11/04/20 12:48:05 >> : identification payload
11/04/20 12:48:05 == : phase2 hash_i ( input ) ( 212 bytes )
11/04/20 12:48:05 == : phase2 hash_i ( computed ) ( 16 bytes )
11/04/20 12:48:05 == : new phase2 iv ( 8 bytes )
11/04/20 12:48:05 >= : cookies 24bc4af0af0b6800:45830cf66a05afc1
11/04/20 12:48:05 >= : message d04428db
11/04/20 12:48:05 >= : encrypt iv ( 8 bytes )
11/04/20 12:48:05 == : encrypt packet ( 256 bytes )
11/04/20 12:48:05 == : stored iv ( 8 bytes )
11/04/20 12:48:05 -> : send IKE packet 2.200.38.165:500 -> 62.226.82.189:500 ( 288 bytes )
11/04/20 12:48:05 DB : phase2 resend event scheduled ( ref count = 2 )
11/04/20 12:48:05 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
11/04/20 12:48:05 DB : phase2 ref decrement ( ref count = 1, obj count = 1 )
11/04/20 12:48:10 -> : resend 1 phase2 packet(s) 2.200.38.165:500 -> 62.226.82.189:500
11/04/20 12:48:15 -> : resend 1 phase2 packet(s) 2.200.38.165:500 -> 62.226.82.189:500
11/04/20 12:48:20 -> : resend 1 phase2 packet(s) 2.200.38.165:500 -> 62.226.82.189:500
11/04/20 12:48:21 K< : recv pfkey ACQUIRE UNSPEC message
11/04/20 12:48:21 DB : policy found
11/04/20 12:48:21 DB : policy ref increment ( ref count = 1, obj count = 4 )
11/04/20 12:48:21 DB : policy found
11/04/20 12:48:21 DB : policy ref increment ( ref count = 1, obj count = 4 )
11/04/20 12:48:21 DB : tunnel found
11/04/20 12:48:21 DB : tunnel ref increment ( ref count = 6, obj count = 1 )
11/04/20 12:48:21 DB : tunnel ref increment ( ref count = 7, obj count = 1 )
11/04/20 12:48:21 DB : new phase2 ( IPSEC initiator )
11/04/20 12:48:21 DB : phase2 ref increment ( ref count = 1, obj count = 1 )
11/04/20 12:48:21 DB : phase2 added ( obj count = 2 )
11/04/20 12:48:21 K> : send pfkey GETSPI ESP message
11/04/20 12:48:21 DB : phase2 ref decrement ( ref count = 0, obj count = 2 )
11/04/20 12:48:21 DB : tunnel ref decrement ( ref count = 6, obj count = 1 )
11/04/20 12:48:21 DB : policy ref decrement ( ref count = 0, obj count = 4 )
11/04/20 12:48:21 DB : policy ref decrement ( ref count = 0, obj count = 4 )
11/04/20 12:48:21 K< : recv pfkey GETSPI ESP message
11/04/20 12:48:21 DB : phase2 found
11/04/20 12:48:21 DB : phase2 ref increment ( ref count = 1, obj count = 2 )
11/04/20 12:48:21 ii : updated spi for 1 ipsec-esp proposal
11/04/20 12:48:21 DB : phase1 found
11/04/20 12:48:21 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
11/04/20 12:48:21 >> : hash payload
11/04/20 12:48:21 >> : security association payload
11/04/20 12:48:21 >> : - proposal #1 payload
11/04/20 12:48:21 >> : -- transform #1 payload
11/04/20 12:48:21 >> : nonce payload
11/04/20 12:48:21 >> : key exchange payload
11/04/20 12:48:21 >> : identification payload
11/04/20 12:48:21 >> : identification payload
11/04/20 12:48:21 == : phase2 hash_i ( input ) ( 212 bytes )
11/04/20 12:48:21 == : phase2 hash_i ( computed ) ( 16 bytes )
11/04/20 12:48:21 == : new phase2 iv ( 8 bytes )
11/04/20 12:48:21 >= : cookies 24bc4af0af0b6800:45830cf66a05afc1
11/04/20 12:48:21 >= : message 4880aaf1
11/04/20 12:48:21 >= : encrypt iv ( 8 bytes )
11/04/20 12:48:21 == : encrypt packet ( 256 bytes )
11/04/20 12:48:21 == : stored iv ( 8 bytes )
11/04/20 12:48:21 -> : send IKE packet 2.200.38.165:500 -> 62.226.82.189:500 ( 288 bytes )
11/04/20 12:48:21 DB : phase2 resend event scheduled ( ref count = 2 )
11/04/20 12:48:21 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
11/04/20 12:48:21 DB : phase2 ref decrement ( ref count = 1, obj count = 2 )
11/04/20 12:48:25 ii : resend limit exceeded for phase2 exchange
11/04/20 12:48:25 ii : phase2 removal before expire time
11/04/20 12:48:25 DB : phase2 deleted ( obj count = 1 )
11/04/20 12:48:25 DB : tunnel ref decrement ( ref count = 5, obj count = 1 )
11/04/20 12:48:25 <A : peer tunnel disable message
11/04/20 12:48:25 DB : policy found
11/04/20 12:48:25 DB : policy ref increment ( ref count = 1, obj count = 4 )
11/04/20 12:48:25 ii : removing IPSEC INBOUND policy ANY:192.168.6.0/24:* -> ANY:2.200.38.165:*
11/04/20 12:48:25 K> : send pfkey X_SPDDELETE2 UNSPEC message
11/04/20 12:48:25 K< : recv pfkey X_SPDDELETE2 UNSPEC message
11/04/20 12:48:25 DB : policy ref decrement ( ref count = 0, obj count = 4 )
11/04/20 12:48:25 DB : policy found
11/04/20 12:48:25 DB : policy ref increment ( ref count = 1, obj count = 4 )
11/04/20 12:48:25 ii : removing IPSEC OUTBOUND policy ANY:2.200.38.165:* -> ANY:192.168.6.0/24:*
11/04/20 12:48:25 K> : send pfkey X_SPDDELETE2 UNSPEC message
11/04/20 12:48:25 DB : policy ref decrement ( ref count = 0, obj count = 4 )
11/04/20 12:48:25 ii : removed IPSEC policy route for ANY:192.168.6.0/24:*
11/04/20 12:48:25 DB : policy found
11/04/20 12:48:25 DB : policy ref increment ( ref count = 1, obj count = 4 )
11/04/20 12:48:25 ii : removing NONE INBOUND policy ANY:62.226.82.189:* -> ANY:2.200.38.165:*
11/04/20 12:48:25 K> : send pfkey X_SPDDELETE2 UNSPEC message
11/04/20 12:48:25 DB : policy ref decrement ( ref count = 0, obj count = 4 )
11/04/20 12:48:25 DB : policy found
11/04/20 12:48:25 DB : policy ref increment ( ref count = 1, obj count = 4 )
11/04/20 12:48:25 ii : removing NONE OUTBOUND policy ANY:2.200.38.165:* -> ANY:62.226.82.189:*
11/04/20 12:48:25 K> : send pfkey X_SPDDELETE2 UNSPEC message
11/04/20 12:48:25 DB : policy ref decrement ( ref count = 0, obj count = 4 )
11/04/20 12:48:25 ii : removed NONE policy route for ANY:62.226.82.189:*
11/04/20 12:48:25 DB : policy found
11/04/20 12:48:25 DB : policy ref increment ( ref count = 1, obj count = 4 )
11/04/20 12:48:25 DB : policy deleted ( obj count = 3 )
11/04/20 12:48:25 K< : recv pfkey X_SPDDELETE2 UNSPEC message
11/04/20 12:48:25 DB : policy found
11/04/20 12:48:25 DB : policy ref increment ( ref count = 1, obj count = 3 )
11/04/20 12:48:25 DB : policy deleted ( obj count = 2 )
11/04/20 12:48:25 K< : recv pfkey X_SPDDELETE2 UNSPEC message
11/04/20 12:48:25 DB : policy found
11/04/20 12:48:25 DB : policy ref increment ( ref count = 1, obj count = 2 )
11/04/20 12:48:25 DB : policy deleted ( obj count = 1 )
11/04/20 12:48:25 K< : recv pfkey X_SPDDELETE2 UNSPEC message
11/04/20 12:48:25 DB : policy found
11/04/20 12:48:25 DB : policy ref increment ( ref count = 1, obj count = 1 )
11/04/20 12:48:25 DB : policy deleted ( obj count = 0 )
11/04/20 12:48:25 DB : tunnel stats event canceled ( ref count = 4 )
11/04/20 12:48:25 DB : removing tunnel config references
11/04/20 12:48:25 DB : config ref increment ( ref count = 1, obj count = 1 )
11/04/20 12:48:25 DB : config deleted ( obj count = 0 )
11/04/20 12:48:25 DB : tunnel ref decrement ( ref count = 3, obj count = 1 )
11/04/20 12:48:25 DB : removing tunnel phase2 references
11/04/20 12:48:25 DB : phase2 ref increment ( ref count = 2, obj count = 1 )
11/04/20 12:48:25 DB : phase2 resend event canceled ( ref count = 1 )
11/04/20 12:48:25 ii : phase2 removal before expire time
11/04/20 12:48:25 DB : phase2 deleted ( obj count = 0 )
11/04/20 12:48:25 DB : tunnel ref decrement ( ref count = 2, obj count = 1 )
11/04/20 12:48:25 DB : removing tunnel phase1 references
11/04/20 12:48:25 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
11/04/20 12:48:25 DB : phase1 soft event canceled ( ref count = 3 )
11/04/20 12:48:25 DB : phase1 hard event canceled ( ref count = 2 )
11/04/20 12:48:25 DB : phase1 dead event canceled ( ref count = 1 )
11/04/20 12:48:25 ii : sending peer DELETE message
11/04/20 12:48:25 ii : - 2.200.38.165:500 -> 62.226.82.189:500
11/04/20 12:48:25 ii : - isakmp spi = 24bc4af0af0b6800:45830cf66a05afc1
11/04/20 12:48:25 ii : - data size 0
11/04/20 12:48:25 >> : hash payload
11/04/20 12:48:25 >> : delete payload
11/04/20 12:48:25 == : new informational hash ( 16 bytes )
11/04/20 12:48:25 == : new informational iv ( 8 bytes )
11/04/20 12:48:25 >= : cookies 24bc4af0af0b6800:45830cf66a05afc1
11/04/20 12:48:25 >= : message e08fc1b5
11/04/20 12:48:25 >= : encrypt iv ( 8 bytes )
11/04/20 12:48:25 == : encrypt packet ( 76 bytes )
11/04/20 12:48:25 == : stored iv ( 8 bytes )
11/04/20 12:48:25 -> : send IKE packet 2.200.38.165:500 -> 62.226.82.189:500 ( 104 bytes )
11/04/20 12:48:25 ii : phase1 removal before expire time
11/04/20 12:48:25 DB : phase1 deleted ( obj count = 0 )
11/04/20 12:48:25 DB : tunnel ref decrement ( ref count = 1, obj count = 1 )
11/04/20 12:48:25 DB : tunnel deleted ( obj count = 0 )
11/04/20 12:48:25 DB : peer ref decrement ( ref count = 1, obj count = 1 )
11/04/20 12:48:25 DB : removing all peer tunnel refrences
11/04/20 12:48:25 DB : peer deleted ( obj count = 0 )
11/04/20 12:48:25 ii : ipc client process thread exit ...
--
GMX DSL Doppel-Flat ab 19,99 Euro/mtl.! Jetzt mit
gratis Handy-Flat! http://portal.gmx.net/de/go/dsl
More information about the vpn-help
mailing list