[vpn-help] Win7 x64 negotiation timeout - no packets sent

bestellungen at thielheim.com bestellungen at thielheim.com
Mon Oct 1 00:52:49 CDT 2012 

  

Hi Greg, 

pls. can you check in the Win7 Device Manager if the VPN
virtual network adapter gets activated while trying to establish a
connection? I have the same issue where no packets are going out anyway.
In the past i had only one Win7 / 64 bit machine where it works fine and
there the shrew adapter gets activated just in the moment when i start
the connection. The two different machines after this one i wasn't able
to get it working anymore with the same issue / cannot find why... 


Regards, 

David 

On Fri, 28 Sep 2012 21:20:11 +0000, Greg King
wrote: 

> Hi Alexis, 
> Thanks for the response - that won't help me
though, because I'm not seeing any packets coming out of my windows
client box. 
> Under Windows, nothing reaches the network at all, but
under Ubuntu on same machine it works perfectly. 
> Greg
> 
>
-------------------------
> Date: Fri, 28 Sep 2012 20:07:39 +0200
>
From: alexis.lagoutte at gmail.com
> To: terry at onixnet.com
> CC:
vpn-help at lists.shrew.net
> Subject: Re: [vpn-help] Win7 x64 negotiation
timeout - no packets sent
> 
> Hi Terry,
> 
> Check your VPN Gateway
logs.
> The packet is send from Shrew and no response from your VPN
Gateway.
> 
> Regards,
> 
> On Fri, Sep 28, 2012 at 7:25 PM, Terry
Chambers wrote:
> 
>> I ran the Trace Utility as recommended in an
earlier thread: 
>> 
>> 12/09/28 13:19:45 ## : IKE Daemon, ver 2.1.7 
>>
12/09/28 13:19:45 ## : Copyright 2010 Shrew Soft Inc. 
>> 12/09/28
13:19:45 ## : This product linked OpenSSL 0.9.8h 28 May 2008 
>>
12/09/28 13:19:45 ii : opened 'C:Program FilesShrewSoftVPN
Clientdebugiked.log' 
>> 12/09/28 13:19:45 ii : rebuilding vnet device
list ... 
>> 12/09/28 13:19:45 ii : device ROOTVNET000 disabled 
>>
12/09/28 13:19:45 ii : device ROOTVNET001 disabled 
>> 12/09/28 13:19:45
ii : network process thread begin ... 
>> 12/09/28 13:19:45 ii : pfkey
process thread begin ... 
>> 12/09/28 13:19:45 ii : ipc server process
thread begin ... 
>> 12/09/28 13:20:03 ii : ipc client process thread
begin ... 
>> 12/09/28 13:20:03 
>> 12/09/28 13:20:03 
>> 12/09/28
13:20:03 
>> 12/09/28 13:20:03 
>> 12/09/28 13:20:03 
>> 12/09/28
13:20:03 
>> 12/09/28 13:20:03 
>> 12/09/28 13:20:03 
>> 12/09/28
13:20:03 
>> 12/09/28 13:20:03 
>> 12/09/28 13:20:03 
>> 12/09/28
13:20:03 ii : local supports XAUTH 
>> 12/09/28 13:20:03 ii : local
supports nat-t ( draft v00 ) 
>> 12/09/28 13:20:03 ii : local supports
nat-t ( draft v01 ) 
>> 12/09/28 13:20:03 ii : local supports nat-t (
draft v02 ) 
>> 12/09/28 13:20:03 ii : local supports nat-t ( draft v03
) 
>> 12/09/28 13:20:03 ii : local supports nat-t ( rfc ) 
>> 12/09/28
13:20:03 ii : local supports FRAGMENTATION 
>> 12/09/28 13:20:03 ii :
local supports DPDv1 
>> 12/09/28 13:20:03 ii : local is SHREW SOFT
compatible 
>> 12/09/28 13:20:03 ii : local is NETSCREEN compatible 
>>
12/09/28 13:20:03 ii : local is SIDEWINDER compatible 
>> 12/09/28
13:20:03 ii : local is CISCO UNITY compatible 
>> 12/09/28 13:20:03 >= :
cookies 7897ffb99c264abe:0000000000000000 
>> 12/09/28 13:20:03 >= :
message 00000000 
>> 12/09/28 13:20:08 -> : resend 1 phase1 packet(s)
10.0.1.32:500 [12] -> 68.109.xxx.xx:500 
>> 12/09/28 13:20:13 -> :
resend 1 phase1 packet(s) 10.0.1.32:500 [13] -> 68.109.xxx.xx:500 
>>
12/09/28 13:20:18 -> : resend 1 phase1 packet(s) 10.0.1.32:500 [14] ->
68.109.xxx.xx:500 
>> 12/09/28 13:20:23 ii : resend limit exceeded for
phase1 exchange 
>> 12/09/28 13:20:23 ii : phase1 removal before expire
time 
>> 12/09/28 13:20:23 DB : removing tunnel config references 
>>
12/09/28 13:20:23 DB : removing tunnel phase2 references 
>> 12/09/28
13:20:23 DB : removing tunnel phase1 references 
>> 12/09/28 13:20:23 DB
: removing all peer tunnel refrences 
>> 12/09/28 13:20:23 ii : ipc
client process thread exit ... 
>> 12/09/28 13:20:27 ii : halt signal
received, shutting down 
>> 12/09/28 13:20:27 ii : ipc server process
thread exit ... 
>> 12/09/28 13:20:27 ii : pfkey process thread exit ...

>> Any thoughts? 
>> Terry 
>> 
>> On Fri, Sep 28, 2012 at 1:11 PM,
Terry Chambers wrote:
>> 
>>> I have the exact same situation with the
negotiation timeout. Just started in the last week or so. 
>>> 
>>>>
Message: 1
>>>> Date: Fri, 28 Sep 2012 16:06:21 +0000
>>>> From: Greg
King 
>>>> Subject: [vpn-help] Win7 x64 negotiation timeout - no packets
sent
>>>> To: 
>>>> Message-ID: 
>>>> Content-Type: text/plain;
charset="iso-8859-1"
>>>> 
>>>> Hi,
>>>> I'm using Shrew 2.2 beta2 to
connect from Win7 x64 to a Netgear FVS318v3, but I'm getting a
negotiation timeout.
>>>> The same machine (dual boot) under Ubuntu
12.04 connects fine with 2.2beta2 client.
>>>> What I've tried:I
exported shrew configuration from working Ubuntu client and imported it
into Win7 client, so shouldn't be any problem there.I've switched off
both ZoneAlarm and Windows Firewall. No joy.I've tried running VPN
Access Manager as Administrator. No joy.In case it's relevant:
previously had openVPN and VirtualBox installed. I uninstalled them,
rebooted Windows, uninstalled Shrew, rebooted Windows, reinstalled
Shrew, rebooted Windows. Still no joy.Other information:Local Area
Connection Properties dialog does have a 'Shrew Soft Lightweight Filter'
in the Properties dialog, and the checkbox next to it is ticked.Task
Manager lists the following related processes as running: ipseca.exe,
ipsecc.exe, ipsect.exeWhen trying to connect, Wireshark (running on the
same Win7 box) doesn't detect any UDP/TCP packets on port 500, nor any
packets on isakmp filter (but does detect other packets e.g. web
browsing).I do see isakmp packets on Ubuntu Wireshark when connecting
fr!
>>>> om Ubuntu shrew client.The FVS318 and Win7 box are on different
subnets, but the connection works under Ubuntu from same machine, so I
doubt the router is the problem.
>>>> So it seems something under Win7
x64 is stopping the packets getting out onto the network, but I'm at a
loss to explain it.
>>>> I've been Googling for hours, but can't find a
solution. Any help anyone could give would be gratefully received.
>>>>
Greg
>>>> VPN Connect log:attached to key daemon ...peer
configurediskamp proposal configuredesp proposal configuredclient
configuredlocal id configuredremote id configuredpre-shared key
configuredbringing up tunnel ...negotiation timout occurredtunnel
disableddetached from key daemon
>>>> VPN Trace IKE Service log:12/09/16
20:09:09 ii : ipc client process thread begin ...12/09/16 20:09:09 = :
cookies 8219a4a29c1c6360:000000000000000012/09/16 20:09:09 >= : message
0000000012/09/16 20:09:14 -> : resend 1 phase1 packet(s) [0/2]
10.0.0.10:500 [3] -> 192.168.0.100:50012/09/16 [4] 20:09:19 -> : resend
1 p!
>>>> hase1 packet(s) [1/2] 10.0.0.10:500 [5] ->
192.168.0.100:50012/09/16 [6] 20:09:24 -> : resend 1 phase1 packet(s)
[2/2] 10.0.0.10:500 [7] -> 192.168.0.100:50012/09/16 [8] 20:09:29 ii :
resend limit exceeded for phase1 exchange12/09/16 20:09:29 ii : phase1
removal before expire time12/09/16 20:09:29 DB : removing tunnel config
references12/09/16 20:09:29 DB : removing tunnel phase2
references12/09/16 20:09:29 DB : removing tunnel phase1
references12/09/16 20:09:29 DB : removing all peer tunnel
refrences12/09/16 20:09:29 ii : ipc client process thread exit ...
>>>>

>>>> -------------- next part --------------
>>>> An HTML attachment
was scrubbed...
>>>> URL: 
>>>> 
>>>>
------------------------------
>>>> 
>>>>
_______________________________________________
>>>> vpn-help mailing
list
>>>> vpn-help at lists.shrew.net [10]
>>>>
http://lists.shrew.net/mailman/listinfo/vpn-help [11]
>>>> 
>>>> End of
vpn-help Digest, Vol 72, Issue 6
>>>>
***************************************
>> 
>>
_______________________________________________
>> vpn-help mailing
list
>> vpn-help at lists.shrew.net [16]
>>
http://lists.shrew.net/mailman/listinfo/vpn-help [17]
> 
>
_______________________________________________ vpn-help mailing list
vpn-help at lists.shrew.net
http://lists.shrew.net/mailman/listinfo/vpn-help

  

Links:
------
[1]
mailto:taintedmarmot at hotmail.com
[2] mailto:vpn-help at lists.shrew.net
[3]
http://10.0.0.10:500
[4] http://192.168.0.100:50012/09/16
[5]
http://10.0.0.10:500
[6] http://192.168.0.100:50012/09/16
[7]
http://10.0.0.10:500
[8] http://192.168.0.100:50012/09/16
[9]
http://lists.shrew.net/pipermail/vpn-help/attachments/20120928/a6abf84a/attachment-0001.html
[10]
mailto:vpn-help at lists.shrew.net
[11]
http://lists.shrew.net/mailman/listinfo/vpn-help
[12]
http://10.0.1.32:500
[13] http://10.0.1.32:500
[14]
http://10.0.1.32:500
[15] mailto:terry at onixnet.com
[16]
mailto:vpn-help at lists.shrew.net
[17]
http://lists.shrew.net/mailman/listinfo/vpn-help
[18]
mailto:terry at onixnet.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20121001/4e0f674d/attachment-0001.html>

More information about the vpn-help mailing list