[vpn-help] Not getting SA traffic out or in
kevin vpn
klmlk at hotmail.com
Thu Jan 6 20:21:10 CST 2011
On Thu, 06 Jan 2011 19:59:15 -0500
mikelupo at aol.com wrote:
> The tunnel shows connected, but I can't seen to pass any SA traffic
> between the client and remote host. NETGEAR FVS318G. The Trace tool
> shows 0 bytes in both directions. I'm using mode config and the IP
...
>
> 11/01/06 19:50:05 -> : send NAT-T:KEEP-ALIVE packet 10.0.0.18:4500 ->
> <MASKED>:4500 11/01/06 19:50:05 -> : resend 1 phase2 packet(s) [0/2]
> 10.0.0.18:4500 -> <MASKED>:4500 11/01/06 19:50:10 -> : resend 1
> phase2 packet(s) [1/2] 10.0.0.18:4500 -> <MASKED>:4500 11/01/06
> 19:50:15 -> : resend 1 phase2 packet(s) [2/2] 10.0.0.18:4500 ->
> <MASKED>:4500 11/01/06 19:50:20 DB : phase1 found 11/01/06 19:50:20
> -> : send NAT-T:KEEP-ALIVE packet 10.0.0.18:4500 -> <MASKED>:4500
> 11/01/06 19:50:20 ii : resend limit exceeded for phase2 exchange
> 11/01/06 19:50:20 ii : phase2 removal before expire time 11/01/06
> 19:50:20 DB : phase2 deleted ( obj count = 0 )
Hi Mike,
It looks to me like Phase 2 is not completing properly. Can you
double-check to make sure the tunneled IP policy matches in both the
client and the gateway?
More information about the vpn-help
mailing list