[vpn-help] Help with "Session terminated by Gateway problem" with Shrew Soft VPN client 2.1.7 needed

[kevin vpn]

On Wed, 22 Jun 2011 09:59:51 +0100
KrishnaMohan Bandi <krishnamohan.bandi at gmail.com> wrote:

> Hi all,
> 
>     I am having problem with establishing a VPN connection using a
> Sierra Wireless 3G modem connected to a Linux PC running Ubuntu 10.04
> LTS via USB interface to a SARIAN systems HSPDA/3G-EDGE/GPRS Router
> (HR4110).
> 
> VPN Client Version : 2.1.7
> Linux OS Version : Ubuntu 10.04 LTS
> Gateway Make/Model : Sierra Wireless 3G Modem, MC8795V
> 
> I can connect to the Internet using the wireless 3G modem and I can
> ping the 3G Router. I have configured the Shrew client and when I
> click on 'Connect', it always comes up with "Session terminated by
> gateway" error. I am attaching the log files for the same.
> 

Hi Krishnamohan,

From the iked.log you sent, Shrew and the gateway are able to
successfully negotiate a phase 1 connection, but something happens
during the configuration negotiation.  You can see in the snippet below
that the client sends a "config pull" request, but that what comes back
is a "DELETE" response from the gateway.

I think that it would be useful if you could look at the logs from the
gateway and see what messages it provides.  Perhaps you need to use
"ike config push" or another option instead of "ike config pull" in the
Auto Configuration field.

...
11/06/22 09:38:33 ii : sending config pull request
11/06/22 09:38:33 >> : hash payload
11/06/22 09:38:33 >> : attribute payload
11/06/22 09:38:33 == : new configure hash ( 16 bytes )
11/06/22 09:38:33 >= : cookies 6449e54f868d95b2:dda86dffb97902a4
11/06/22 09:38:33 >= : message 515f034c
11/06/22 09:38:33 >= : encrypt iv ( 8 bytes )
11/06/22 09:38:33 == : encrypt packet ( 136 bytes )
11/06/22 09:38:33 == : stored iv ( 8 bytes )
11/06/22 09:38:33 -> : send IKE packet x.x.x.x:500 -> y.y.y.y:500 ( 168
bytes ) 11/06/22 09:38:33 DB : config resend event scheduled ( ref
count = 2 ) 11/06/22 09:38:33 DB : phase2 not found
11/06/22 09:38:34 <- : recv IKE packet y.y.y.y:500 -> x.x.x.x:500 ( 76
bytes ) 11/06/22 09:38:34 DB : phase1 found
11/06/22 09:38:34 ii : processing informational packet ( 76 bytes )
11/06/22 09:38:34 == : new informational iv ( 8 bytes )
11/06/22 09:38:34 =< : cookies 6449e54f868d95b2:dda86dffb97902a4
11/06/22 09:38:34 =< : message c9489444
11/06/22 09:38:34 =< : decrypt iv ( 8 bytes )
11/06/22 09:38:34 == : decrypt packet ( 76 bytes )
11/06/22 09:38:34 <= : stored iv ( 8 bytes )
11/06/22 09:38:34 << : hash payload
11/06/22 09:38:34 << : delete payload
11/06/22 09:38:34 == : informational hash_i ( computed ) ( 16 bytes )
11/06/22 09:38:34 == : informational hash_c ( received ) ( 16 bytes )
11/06/22 09:38:34 ii : informational hash verified
11/06/22 09:38:34 ii : received peer DELETE message
...