[vpn-help] Regression in Linux shrew 2.1.7 -> OpenBSD 4.8+ roadwarrior VPN
Zak Elep
zak.elep at orangeandbronze.com
Wed Oct 12 11:56:32 CDT 2011
Hi! Sorry this took long, I had to find time to reconfigure the OpenBSD
gateway.
On Monday, September 12, 2011, Kevin VPN wrote:
>
> From the iked.log you provided, it seems that the gateway is not responding
> the the Shrew client's request. Is there any chance you can view the log on
> the OpenBSD gateway to see what it says about the incoming request?
>
> You could also run a packet capture on your Ubuntu box's outgoing interface
> to see if the request is even being sent out.
>
At the OpenBSD gateway, I get these logs from isakmpd:
Sep 10 15:07:09 XXXX isakmpd[15168]: transport_send_messages: giving up
on exchange peer-default, no response from peer xxx.xxx.xxx.xxx:60771
On a running attempt, these logs appear after every second resend attempt of
the phase1 negotiation per connection attempt.
Attached is the verbose isakmpd log from the gateway; I notice that the SA
payload gets dropped right after the phase1 negotiation.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20111013/955c284c/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: isakmpd.log
Type: text/x-log
Size: 15711 bytes
Desc: not available
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20111013/955c284c/attachment-0001.bin>
More information about the vpn-help
mailing list