[vpn-help] SHREW Dial Up Client and SSG 350 with certificates
Rainer Blaes
Rainer.Blaes at astrium.eads.net
Tue Feb 1 04:09:15 CST 2011
Clemens wrote:
<mailto:rainer.blaes at astrium.eads.net>
> That looks like the Client is terminating the connection:
> ## 2011-01-28 14:28:03 : IKE<192.168.11.3 > Recv*: [HASH] [DELETE]
> ## 2011-01-28 14:28:03 : IKE<192.168.11.3> Process [DELETE]:
> ## 2011-01-28 14:28:03 : IKE<192.168.11.3> DELETE payload received,
> deleting Phase-1 SA
> Something seems to be missing in the Xauth or Phase 2 settings.
> Too see what is happening you will need to use the Shrew Trace utility
> (see the according Wiki of ShrewSoft). That should give you (us) a hint.
*Partial success. We had used the wrong CA Root cert and now it seems so
that at
least Phase 1 is established. Though SHREW is telling "bringing up
tunnel/remote
device configured/tunnel enabled" but Juniper's "get sa" do not show an
Active tunnel.
In particular the 'no policy found' lines in the ipsec.log irritate us.
What does this mean?
Thanks for any hint!
Rainer*
This email (including any attachments) may contain confidential and/or privileged information or information otherwise protected from disclosure. If you are not the intended recipient, please notify the sender immediately, do not copy this message or any attachments and do not use it for any purpose or disclose its content to any person, but delete this message and any attachments from your system. Astrium disclaims any and all liability if this email transmission was virus corrupted, altered or falsified.
---------------------------------------------------------
Astrium GmbH Vorsitzender des Aufsichtsrates: Thomas Mueller - Geschaeftsfuehrung: Evert Dudok (Vorsitzender), Dr. Johannes von Thadden, Josef Stukenborg
Sitz der Gesellschaft: Muenchen - Registergericht: Amtsgericht Muenchen, HRB Nr. 107 647 Ust. Ident. Nr. / VAT reg. no. DE167015356
Weitere Informationen ueber EADS Astrium @ http://www.astrium.eads.net/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20110201/09b3cabd/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ipsec.log.zip
Type: application/zip
Size: 4842 bytes
Desc: not available
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20110201/09b3cabd/attachment-0002.zip>
More information about the vpn-help
mailing list