[vpn-help] Not getting SA traffic out or in

mikelupo at aol.com mikelupo at aol.com
Fri Jan 7 11:30:05 CST 2011 


The router log confirms your suspicion.
2011 Jan  6 20:49:38 [FVS318g] [IKE] Received attribute type "ISAKMP_CFG_REQUEST" from 174.62.176.140[4500]_
2011 Jan  6 20:49:39 [FVS318g] [IKE] 192.168.2.50 IP address is assigned to remote peer 174.62.176.140[4500]_
2011 Jan  6 20:49:39 [FVS318g] [IKE] Responding to new phase 2 negotiation: <VPN HOST MASKED>[0]<=>174.62.176.140[0]_
2011 Jan  6 20:49:39 [FVS318g] [IKE] Failed to get IPsec SA configuration for: 192.168.1.0/24<->10.0.0.19/32 from client.domain.com_

The strange thing is that it was working just fine two days ago. 
I decided to reboot the router just for kicks to see if maybe something in memory got corrupted but no joy.

Is there something in the adapter that needs to be disabled? I have a vague memory of needing to do something along those lines.
I'm connecting over Wireless N.

Mike


-----Original Message-----
From: kevin vpn <klmlk at hotmail.com>
To: vpn-help at lists.shrew.net
Sent: Thu, Jan 6, 2011 9:21 pm
Subject: Re: [vpn-help] Not getting SA traffic out or in


On Thu, 06 Jan 2011 19:59:15 -0500
ikelupo at aol.com wrote:
> The tunnel shows connected, but I can't seen to pass any SA traffic
 between the client and remote host. NETGEAR FVS318G. The Trace tool
 shows 0 bytes in both directions. I'm using mode config and the IP
..
 
 11/01/06 19:50:05 -> : send NAT-T:KEEP-ALIVE packet 10.0.0.18:4500 ->
 <MASKED>:4500 11/01/06 19:50:05 -> : resend 1 phase2 packet(s) [0/2]
 10.0.0.18:4500 -> <MASKED>:4500 11/01/06 19:50:10 -> : resend 1
 phase2 packet(s) [1/2] 10.0.0.18:4500 -> <MASKED>:4500 11/01/06
 19:50:15 -> : resend 1 phase2 packet(s) [2/2] 10.0.0.18:4500 ->
 <MASKED>:4500 11/01/06 19:50:20 DB : phase1 found 11/01/06 19:50:20
 -> : send NAT-T:KEEP-ALIVE packet 10.0.0.18:4500 -> <MASKED>:4500
 11/01/06 19:50:20 ii : resend limit exceeded for phase2 exchange
 11/01/06 19:50:20 ii : phase2 removal before expire time 11/01/06
 19:50:20 DB : phase2 deleted ( obj count = 0 ) 
Hi Mike,
It looks to me like Phase 2 is not completing properly.  Can you
ouble-check to make sure the tunneled IP policy matches in both the
lient and the gateway?
______________________________________________
pn-help mailing list
pn-help at lists.shrew.net
ttp://lists.shrew.net/mailman/listinfo/vpn-help

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20110107/fee51ee4/attachment-0002.html>

More information about the vpn-help mailing list