[vpn-help] Log says phase1 ID's mismatch, but they are the same

Mark Larwill larwill at gmail.com
Fri May 20 18:00:39 CDT 2011


I am having a problem connecting to a WatchGuard XTM510 using certificates.
Specifically I get the following confusing message in the log:

11/05/20 15:31:34 << : identification payload
11/05/20 15:31:34 !! : phase1 id mismatch
11/05/20 15:31:34 !! : received = fqdn 4.4.4.5
11/05/20 15:31:34 !! : expected = fqdn 4.4.4.5
11/05/20 15:31:34 DB : phase1 resend event canceled ( ref count = 1 )

I found a similar issue in the past list, but it's not clear to me if that
was ever resolved.
http://lists.shrew.net/pipermail/vpn-help/2007-May/000333.html Here is the
full log, from a fresh boot trying to connect only one time from a Windows
XP machine using release 2.1.7. I also have the packet
capture separately and can send it if you wish. I wonder is it possible that
the format of the certificates is creating a problem, or is that totally
unrelated to the IDs? The same set of certificates work with a NCP ipsec
client and the same WatchGuard XTM510.

11/05/20 15:31:23 ## : IKE Daemon, ver 2.1.7
11/05/20 15:31:23 ## : Copyright 2010 Shrew Soft Inc.
11/05/20 15:31:23 ## : This product linked OpenSSL 0.9.8h 28 May 2008
11/05/20 15:31:23 ii : opened 'C:\Program Files\ShrewSoft\VPN
Client\debug\iked.log'
11/05/20 15:31:23 ii : opened 'C:\Program Files\ShrewSoft\VPN
Client/debug/dump-ike-decrypt.cap'
11/05/20 15:31:23 ii : rebuilding vnet device list ...
11/05/20 15:31:23 ii : device ROOT\VNET\0000 disabled
11/05/20 15:31:23 ii : network process thread begin ...
11/05/20 15:31:23 ii : pfkey process thread begin ...
11/05/20 15:31:23 ii : ipc server process thread begin ...
11/05/20 15:31:30 ii : ipc client process thread begin ...
11/05/20 15:31:30 <A : peer config add message
11/05/20 15:31:30 DB : peer ref increment ( ref count = 1, obj count = 0 )
11/05/20 15:31:30 DB : peer added ( obj count = 1 )
11/05/20 15:31:30 ii : local address 1.1.1.1 selected for peer
11/05/20 15:31:30 DB : peer ref increment ( ref count = 2, obj count = 1 )
11/05/20 15:31:30 DB : tunnel ref increment ( ref count = 1, obj count = 0 )
11/05/20 15:31:30 DB : tunnel added ( obj count = 1 )
11/05/20 15:31:30 <A : proposal config message
11/05/20 15:31:30 <A : proposal config message
11/05/20 15:31:30 <A : client config message
11/05/20 15:31:30 <A : xauth username message
11/05/20 15:31:30 <A : xauth password message
11/05/20 15:31:30 <A : local id 'group' message
11/05/20 15:31:30 <A : remote id '4.4.4.5' message
11/05/20 15:31:30 <A : remote cert 'C:\Documents and
Settings\mlarwill\Desktop\group\wgx\cacert.pem' message
11/05/20 15:31:30 ii : 'C:\Documents and
Settings\mlarwill\Desktop\group\wgx\cacert.pem' loaded
11/05/20 15:31:30 <A : local cert 'C:\Documents and
Settings\mlarwill\Desktop\group\wgx\group.p12' message
11/05/20 15:31:30 !! : 'C:\Documents and
Settings\mlarwill\Desktop\group\wgx\group.p12' load failed, requesting
password
11/05/20 15:31:32 <A : file password
11/05/20 15:31:32 <A : local cert 'C:\Documents and
Settings\mlarwill\Desktop\group\wgx\group.p12' message
11/05/20 15:31:32 ii : 'C:\Documents and
Settings\mlarwill\Desktop\group\wgx\group.p12' loaded
11/05/20 15:31:32 <A : local key 'C:\Documents and
Settings\mlarwill\Desktop\group\wgx\group.p12' message
11/05/20 15:31:32 ii : 'C:\Documents and
Settings\mlarwill\Desktop\group\wgx\group.p12' loaded
11/05/20 15:31:32 <A : remote resource message
11/05/20 15:31:32 <A : peer tunnel enable message
11/05/20 15:31:32 DB : tunnel ref increment ( ref count = 2, obj count = 1 )
11/05/20 15:31:32 DB : new phase1 ( ISAKMP initiator )
11/05/20 15:31:32 DB : exchange type is aggressive
11/05/20 15:31:32 DB : 1.1.1.1:500 <-> 4.4.4.5:500
11/05/20 15:31:32 DB : d63ec93ab2932115:0000000000000000
11/05/20 15:31:32 DB : phase1 ref increment ( ref count = 1, obj count = 0 )
11/05/20 15:31:32 DB : phase1 added ( obj count = 1 )
11/05/20 15:31:32 >> : security association payload
11/05/20 15:31:32 >> : - proposal #1 payload
11/05/20 15:31:32 >> : -- transform #1 payload
11/05/20 15:31:32 >> : key exchange payload
11/05/20 15:31:32 >> : nonce payload
11/05/20 15:31:32 >> : cert request payload
11/05/20 15:31:32 >> : identification payload
11/05/20 15:31:32 >> : vendor id payload
11/05/20 15:31:32 ii : local supports XAUTH
11/05/20 15:31:32 >> : vendor id payload
11/05/20 15:31:32 ii : local supports nat-t ( draft v00 )
11/05/20 15:31:32 >> : vendor id payload
11/05/20 15:31:32 ii : local supports nat-t ( draft v01 )
11/05/20 15:31:32 >> : vendor id payload
11/05/20 15:31:32 ii : local supports nat-t ( draft v02 )
11/05/20 15:31:32 >> : vendor id payload
11/05/20 15:31:32 ii : local supports nat-t ( draft v03 )
11/05/20 15:31:32 >> : vendor id payload
11/05/20 15:31:32 ii : local supports nat-t ( rfc )
11/05/20 15:31:32 >> : vendor id payload
11/05/20 15:31:32 ii : local supports DPDv1
11/05/20 15:31:32 >> : vendor id payload
11/05/20 15:31:32 ii : local is SHREW SOFT compatible
11/05/20 15:31:32 >> : vendor id payload
11/05/20 15:31:32 ii : local is NETSCREEN compatible
11/05/20 15:31:32 >> : vendor id payload
11/05/20 15:31:32 ii : local is SIDEWINDER compatible
11/05/20 15:31:32 >> : vendor id payload
11/05/20 15:31:32 ii : local is CISCO UNITY compatible
11/05/20 15:31:32 >= : cookies d63ec93ab2932115:0000000000000000
11/05/20 15:31:32 >= : message 00000000
11/05/20 15:31:32 -> : send IKE packet 1.1.1.1:500 -> 4.4.4.5:500 ( 470
bytes )
11/05/20 15:31:32 0x : 450001d6 86360000 4011e8d6 01010101 04040405 01f401f4
01c21599 d63ec93a
11/05/20 15:31:32 0x : b2932115 00000000 00000000 01100400 00000000 000001ba
04000038 00000001
11/05/20 15:31:32 0x : 00000001 0000002c 01010001 00000024 01010000 80010005
80020002 80040001
11/05/20 15:31:32 0x : 8003fded 800b0001 000c0004 00015180 0a000064 3e6cd296
79fbe232 f97e9059
11/05/20 15:31:32 0x : 8b98f710 63701f9b b01219a6 7890c71f 8a72987a 0efe46ee
27afb12e 0ae8058b
11/05/20 15:31:32 0x : 4405979b b783d705 77bda0f3 e8ae678b 6bf8b799 2868f566
2bbdc259 3a67e53d
11/05/20 15:31:32 0x : cfce98f5 7f5d3c77 8fd6b48d ed814bd0 7d081ecf 07000018
1ff35268 8e0c5c28
11/05/20 15:31:32 0x : ec5e2c4e 7961b0c2 e8245713 05000005 040d0000 0d030000
0067726f 75700d00
11/05/20 15:31:32 0x : 000c0900 2689dfd6 b7120d00 00144485 152d18b6 bbcd0be8
a8469579 ddcc0d00
11/05/20 15:31:32 0x : 001416f6 ca16e4a4 066d8382 1a0f0aea a8620d00 001490cb
80913ebb 696e0863
11/05/20 15:31:32 0x : 81b5ec42 7b1f0d00 00147d94 19a65310 ca6f2c17 9d921552
9d560d00 00144a13
11/05/20 15:31:32 0x : 1c810703 58455c57 28f20e95 452f0d00 0014afca d71368a1
f1c96b86 96fc7757
11/05/20 15:31:32 0x : 01000d00 0014f14b 94b7bff1 fef02773 b8c49fed ed260d00
0018166f 932d55eb
11/05/20 15:31:32 0x : 64d8e4df 4fd37e23 13f0d0fd 84510d00 00148404 adf9cda0
5760b2ca 292e4bff
11/05/20 15:31:32 0x : 537b0000 001412f5 f28c4571 68a9702d 9fe274cc 0100
11/05/20 15:31:32 DB : phase1 resend event scheduled ( ref count = 2 )
11/05/20 15:31:32 DB : phase1 ref decrement ( ref count = 1, obj count = 1 )
11/05/20 15:31:32 DB : tunnel ref increment ( ref count = 3, obj count = 1 )
11/05/20 15:31:34 <- : recv IKE packet 4.4.4.5:500 -> 1.1.1.1:500 ( 1497
bytes )
11/05/20 15:31:34 0x : d63ec93a b2932115 0902fa61 07abdafc 01100400 00000000
000005d9 06000038
11/05/20 15:31:34 0x : 00000001 00000001 0000002c 01010001 00000024 01010000
80010005 80020002
11/05/20 15:31:34 0x : 80040001 8003fded 800b0001 000c0004 00015180 040003e2
04308203 d9308202
11/05/20 15:31:34 0x : c1a00302 01020201 02300d06 092a8648 86f70d01 01050500
30403129 30270603
11/05/20 15:31:34 0x : 55040313 20576174 63684775 61726420 43657274 69666963
61746520 41757468
11/05/20 15:31:34 0x : 6f726974 79311330 11060355 040a130a 57617463 68477561
7264301e 170d3131
11/05/20 15:31:34 0x : 30353138 31363531 32375a17 0d313230 35313731 36353132
375a3027 3110300e
11/05/20 15:31:34 0x : 06035504 03130734 2e342e34 2e353113 30110603 55040a13
0a576174 63684775
11/05/20 15:31:34 0x : 61726430 819f300d 06092a86 4886f70d 01010105 0003818d
00308189 02818100
11/05/20 15:31:34 0x : bafdfc84 deffb71b 248cec68 9cbdec6f 7d1e3102 5f30481c
011f1406 feea91b8
11/05/20 15:31:34 0x : cb8df62e ca60e044 ef2eb783 2640a340 c21011c9 58912344
c93455bc 0a70dbe1
11/05/20 15:31:34 0x : b7688aff a378a146 4ae5e783 7fd7a3f8 9ec69a5f b31fd589
f6d2280d b2729a5a
11/05/20 15:31:34 0x : 8ffc6c78 bce8324a 212a8d15 c4433cda 5d6ca6eb a624ceb0
919c80c6 90847903
11/05/20 15:31:34 0x : 02030100 01a38201 79308201 75300906 03551d13 04023000
300b0603 551d0f04
11/05/20 15:31:34 0x : 04030205 e0306806 09608648 0186f842 010d045b 16594f70
656e5353 4c206765
11/05/20 15:31:34 0x : 6e657261 74656420 63657274 69666963 61746520 666f7220
75736520 696e2070
11/05/20 15:31:34 0x : 726f6475 63747320 6f662057 61746368 47756172 64205465
63686e6f 6c6f6769
11/05/20 15:31:34 0x : 65732049 6e636f72 706f7261 74656430 1d060355 1d0e0416
04142f42 89afa380
11/05/20 15:31:34 0x : eccc0112 dcb2721f b5d4dfb7 18ff3070 0603551d 23046930
6780148e b0765d0d
11/05/20 15:31:34 0x : caf023c1 8259a771 07347dd4 46ca51a1 44a44230 40312930
27060355 04031320
11/05/20 15:31:34 0x : 57617463 68477561 72642043 65727469 66696361 74652041
7574686f 72697479
11/05/20 15:31:34 0x : 31133011 06035504 0a130a57 61746368 47756172 64820900
ab4378b7 19a3b97c
11/05/20 15:31:34 0x : 302d0603 551d1f04 26302430 22a020a0 1e861c68 7474703a
2f2f332e 332e332e
11/05/20 15:31:34 0x : 313a3431 31332f77 6763612e 63726c30 12060355 1d11040b
30098207 342e342e
11/05/20 15:31:34 0x : 342e3530 1d060355 1d250416 30140608 2b060105 05070301
06082b06 01050508
11/05/20 15:31:34 0x : 0202300d 06092a86 4886f70d 01010505 00038201 01004d0b
d67c27f4 59d7fd58
11/05/20 15:31:34 0x : 29ca5a4b 5d14f28c f3f615c4 bb029bb8 37f94f03 4ab5c04a
119664a8 7ac15a1b
11/05/20 15:31:34 0x : 91102ffb 8085f1a6 67a4ca3c de21fd24 a5860961 cf59e4fe
3beaa6a5 2fbb9a5a
11/05/20 15:31:34 0x : cdb583bc e2e24063 b11c3c48 49e5a37a 473d68b0 6aeb67d5
b4d37f46 b3fb9b74
11/05/20 15:31:34 0x : c5833147 b124093c 25736f82 3e97427a 791ec699 abb63ee6
4da30977 211ceeb4
11/05/20 15:31:34 0x : e8d9e07d b330ba8f 07bf033d 27ca59b2 c03a5e34 6237ae83
9c11689a 36b1ab1b
11/05/20 15:31:34 0x : ea4c26d4 e14c6ca2 f596a3eb 242ec96b 08590511 91743f72
5e94ccea e93cd399
11/05/20 15:31:34 0x : a723de96 2435f085 c1bdfc37 4b4512b8 b2bc2840 975d9aae
832e15c2 9348aced
11/05/20 15:31:34 0x : 0f05e267 08ac9605 5547dcb7 09476e01 a78d2a57 7b010a00
00643521 ed4318e9
11/05/20 15:31:34 0x : fe3ae5bb 58d9dca5 9fcf0f80 c24e93e2 58c6ddb0 e1824601
40ff8d1f e0039356
11/05/20 15:31:34 0x : 87f3a995 7304e525 e3cb99cb d8705337 cc5c32df 0531b418
0573b247 8ed6031b
11/05/20 15:31:34 0x : c8506842 b3b46dc3 c73c3555 4d050ade 8141eec1 6322273e
e9050500 000cec33
11/05/20 15:31:34 0x : a41a8fe2 be870d00 00100200 0000342e 342e342e 35000d00
0014afca d71368a1
11/05/20 15:31:34 0x : f1c96b86 96fc7757 01008200 001490cb 80913ebb 696e0863
81b5ec42 7b1f8200
11/05/20 15:31:34 0x : 0018e9b4 00fd7b4c d8d371c0 2410f601 e0a98b86 56660900
0018bea1 1302e4a8
11/05/20 15:31:34 0x : 01cb0a49 8e832125 0c480040 8bd60700 00840177 c95520be
6cae5f76 155ab82e
11/05/20 15:31:34 0x : 7685d5de 590813ed 466b26a7 d3fbb5e8 a1ae0b82 7c3ec6f0
544ba9a6 c9fe570d
11/05/20 15:31:34 0x : beed85c2 10d1c8cb a384ee66 9a3308de 648689cc 74d6f724
39530c17 33399375
11/05/20 15:31:34 0x : 96c38261 22852a57 94764e71 60496739 f29b1cb6 d593735d
d9906ba1 c8b7bf0a
11/05/20 15:31:34 0x : e824dde2 c013adbc 76e2825c 0d20598a de720000 00470430
40312930 27060355
11/05/20 15:31:34 0x : 04031320 57617463 68477561 72642043 65727469 66696361
74652041 7574686f
11/05/20 15:31:34 0x : 72697479 31133011 06035504 0a130a57 61746368 47756172
64
11/05/20 15:31:34 DB : phase1 found
11/05/20 15:31:34 DB : phase1 ref increment ( ref count = 2, obj count = 1 )
11/05/20 15:31:34 ii : processing phase1 packet ( 1497 bytes )
11/05/20 15:31:34 =< : cookies d63ec93ab2932115:0902fa6107abdafc
11/05/20 15:31:34 =< : message 00000000
11/05/20 15:31:34 << : security association payload
11/05/20 15:31:34 << : - propsal #1 payload
11/05/20 15:31:34 << : -- transform #1 payload
11/05/20 15:31:34 ii : matched isakmp proposal #1 transform #1
11/05/20 15:31:34 ii : - transform    = ike
11/05/20 15:31:34 ii : - cipher type  = 3des
11/05/20 15:31:34 ii : - key length   = default
11/05/20 15:31:34 ii : - hash type    = sha1
11/05/20 15:31:34 ii : - dh group     = modp-768
11/05/20 15:31:34 ii : - auth type    = xauth-initiator-rsa
11/05/20 15:31:34 ii : - life seconds = 86400
11/05/20 15:31:34 ii : - life kbytes  = 0
11/05/20 15:31:34 << : certificate payload
11/05/20 15:31:34 << : key exchange payload
11/05/20 15:31:34 << : nonce payload
11/05/20 15:31:34 << : identification payload
*11/05/20 15:31:34 !! : phase1 id mismatch *
*11/05/20 15:31:34 !! : received = fqdn 4.4.4.5*
*11/05/20 15:31:34 !! : expected = fqdn 4.4.4.5*
11/05/20 15:31:34 DB : phase1 resend event canceled ( ref count = 1 )
11/05/20 15:31:34 ii : phase1 removal before expire time
11/05/20 15:31:34 DB : phase1 deleted ( obj count = 0 )
11/05/20 15:31:34 DB : tunnel ref decrement ( ref count = 2, obj count = 1 )
11/05/20 15:31:34 DB : policy not found
11/05/20 15:31:34 DB : policy not found
11/05/20 15:31:34 DB : policy not found
11/05/20 15:31:34 DB : policy not found
11/05/20 15:31:34 DB : policy not found
11/05/20 15:31:34 DB : policy not found
11/05/20 15:31:34 DB : tunnel stats event canceled ( ref count = 1 )
11/05/20 15:31:34 DB : removing tunnel config references
11/05/20 15:31:34 DB : removing tunnel phase2 references
11/05/20 15:31:34 DB : removing tunnel phase1 references
11/05/20 15:31:34 DB : tunnel deleted ( obj count = 0 )
11/05/20 15:31:34 DB : peer ref decrement ( ref count = 1, obj count = 1 )
11/05/20 15:31:34 DB : removing all peer tunnel refrences
11/05/20 15:31:34 DB : peer deleted ( obj count = 0 )
11/05/20 15:31:34 ii : ipc client process thread exit ...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20110520/16cfcffc/attachment-0001.html>


More information about the vpn-help mailing list