[vpn-help] WG: Negotiation timeout - win7 - 64bit

Tobias Pirzer tobias.pirzer at initpro.de
Thu Oct 11 06:01:11 CDT 2012 

Hi all,

I've got a problem to connect to a Netgear VPN. I've got 2 Notebooks both
Windows 7 - One is connecting with Shrew Client 2.1.0. since years - On the
new Notebook (Lenovo T430) I tried without success (Versions 2.1.7 und 2.2
beta) - I imported the settings from the working Notebook. Both connections
are wireless.
The not working one shows a 1x1 11b/g/n Wireless LAN PCI Express Adapter and
a Microsoft Virtual WiFi Miniport Adapter under Network Connections. (Shrew
Soft Lightweight Filter shows up after right click Properties).

Windows Firewall shows State: off
I removed Virus Protection from Computer

Screen shows the following messages: 

attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
remote id configured
pre-shared key configured
bringing up tunnel ...
negotiation timout occurred
tunnel disabled
detached from key daemon ...

Tracing logs the following messages:

--------------------------------------------------------------------
-- Trace from not working machine
--------------------------------------------------------------------
12/10/11 11:31:20 ## : IKE Daemon, ver 2.1.7
12/10/11 11:31:20 ## : Copyright 2010 Shrew Soft Inc.
12/10/11 11:31:20 ## : This product linked OpenSSL 0.9.8h 28 May 2008
12/10/11 11:31:20 ii : opened 'C:\Program Files\ShrewSoft\VPN
Client\debug\iked.log'
12/10/11 11:31:20 ii : rebuilding vnet device list ...
12/10/11 11:31:20 ii : device ROOT\VNET\0000 disabled
12/10/11 11:31:20 ii : network process thread begin ...
12/10/11 11:31:20 ii : pfkey process thread begin ...
12/10/11 11:31:20 ii : ipc server process thread begin ...
12/10/11 11:31:57 ii : ipc client process thread begin ...
12/10/11 11:31:57 <A : peer config add message
12/10/11 11:31:57 <A : proposal config message
12/10/11 11:31:57 <A : proposal config message
12/10/11 11:31:57 <A : client config message
12/10/11 11:31:57 <A : local id 'initPRO_remote' message
12/10/11 11:31:57 <A : remote id 'initPRO_local' message
12/10/11 11:31:57 <A : preshared key message
12/10/11 11:31:57 <A : remote resource message
12/10/11 11:31:57 <A : peer tunnel enable message
12/10/11 11:31:57 ii : local supports nat-t ( draft v00 )
12/10/11 11:31:57 ii : local supports nat-t ( draft v01 )
12/10/11 11:31:57 ii : local supports nat-t ( draft v02 )
12/10/11 11:31:57 ii : local supports nat-t ( draft v03 )
12/10/11 11:31:57 ii : local supports nat-t ( rfc )
12/10/11 11:31:57 ii : local supports FRAGMENTATION
12/10/11 11:31:57 ii : local is SHREW SOFT compatible
12/10/11 11:31:57 ii : local is NETSCREEN compatible
12/10/11 11:31:57 ii : local is SIDEWINDER compatible
12/10/11 11:31:57 ii : local is CISCO UNITY compatible
12/10/11 11:31:57 ii : local is CHECKPOINT compatible
12/10/11 11:31:57 >= : cookies 959ba9cd8889aa44:0000000000000000
12/10/11 11:31:57 >= : message 00000000
12/10/11 11:32:02 -> : resend 1 phase1 packet(s) 192.168.2.124:500 ->
194.95.197.86:500
12/10/11 11:32:07 -> : resend 1 phase1 packet(s) 192.168.2.124:500 ->
194.95.197.86:500
12/10/11 11:32:12 -> : resend 1 phase1 packet(s) 192.168.2.124:500 ->
194.95.197.86:500
12/10/11 11:32:17 ii : resend limit exceeded for phase1 exchange
12/10/11 11:32:17 ii : phase1 removal before expire time
12/10/11 11:32:17 DB : removing tunnel config references
12/10/11 11:32:17 DB : removing tunnel phase2 references
12/10/11 11:32:17 DB : removing tunnel phase1 references
12/10/11 11:32:17 DB : removing all peer tunnel refrences
12/10/11 11:32:17 ii : ipc client process thread exit ...


--------------------------------------------------------------------
-- Trace from working machine
--------------------------------------------------------------------
12/10/11 11:28:40 ## : IKE Daemon, ver 2.1.0
12/10/11 11:28:40 ## : Copyright 2008 Shrew Soft Inc.
12/10/11 11:28:40 ## : This product linked OpenSSL 0.9.8h 28 May 2008
12/10/11 11:28:40 ii : opened 'C:\Program Files\ShrewSoft\VPN
Client\debug\iked.log'
12/10/11 11:28:40 ii : rebuilding vnet device list ...
12/10/11 11:28:40 ii : device ROOT\VNET\0000 disabled
12/10/11 11:28:40 ii : network process thread begin ...
12/10/11 11:28:40 ii : pfkey process thread begin ...
12/10/11 11:28:40 ii : ipc server process thread begin ...
12/10/11 11:28:44 ii : ipc client process thread begin ...
12/10/11 11:28:44 <A : peer config add message
12/10/11 11:28:44 <A : proposal config message
12/10/11 11:28:44 <A : proposal config message
12/10/11 11:28:44 <A : client config message
12/10/11 11:28:44 <A : local id 'initPRO_remote' message
12/10/11 11:28:44 <A : remote id 'initPRO_local' message
12/10/11 11:28:44 <A : preshared key message
12/10/11 11:28:44 <A : remote resource message
12/10/11 11:28:44 <A : peer tunnel enable message
12/10/11 11:28:44 ii : local supports nat-t ( draft v00 )
12/10/11 11:28:44 ii : local supports nat-t ( draft v01 )
12/10/11 11:28:44 ii : local supports nat-t ( draft v02 )
12/10/11 11:28:44 ii : local supports nat-t ( draft v03 )
12/10/11 11:28:44 ii : local supports nat-t ( rfc )
12/10/11 11:28:44 ii : local supports FRAGMENTATION
12/10/11 11:28:44 ii : local is SHREW SOFT compatible
12/10/11 11:28:44 ii : local is NETSCREEN compatible
12/10/11 11:28:44 ii : local is SIDEWINDER compatible
12/10/11 11:28:44 ii : local is CISCO UNITY compatible
12/10/11 11:28:44 ii : local is CHECKPOINT compatible
12/10/11 11:28:44 >= : cookies 1af64c6cb8fc8555:0000000000000000
12/10/11 11:28:44 >= : message 00000000
12/10/11 11:28:45 ii : processing phase1 packet ( 409 bytes )
12/10/11 11:28:45 =< : cookies 1af64c6cb8fc8555:436337fd21d68033
12/10/11 11:28:45 =< : message 00000000
12/10/11 11:28:45 ii : matched isakmp proposal #1 transform #1
12/10/11 11:28:45 ii : - transform    = ike
12/10/11 11:28:45 ii : - cipher type  = 3des
12/10/11 11:28:45 ii : - key length   = default
12/10/11 11:28:45 ii : - hash type    = sha1
12/10/11 11:28:45 ii : - dh group     = modp-1024
12/10/11 11:28:45 ii : - auth type    = psk
12/10/11 11:28:45 ii : - life seconds = 28800
12/10/11 11:28:45 ii : - life kbytes  = 0
12/10/11 11:28:45 ii : phase1 id match
12/10/11 11:28:45 ii : received = fqdn initPRO_local
12/10/11 11:28:45 ii : peer is CISCO UNITY compatible
12/10/11 11:28:45 ii : peer is IPSEC-TOOLS compatible
12/10/11 11:28:45 ii : peer supports nat-t ( draft v02 )
12/10/11 11:28:45 ii : nat discovery - local address is translated
12/10/11 11:28:45 ii : nat discovery - remote address is translated
12/10/11 11:28:45 ii : switching to src nat-t udp port 4500
12/10/11 11:28:45 ii : switching to dst nat-t udp port 4500
12/10/11 11:28:45 >= : cookies 1af64c6cb8fc8555:436337fd21d68033
12/10/11 11:28:45 >= : message 00000000
12/10/11 11:28:45 ii : phase1 sa established
12/10/11 11:28:45 ii : 194.95.197.86:4500 <-> 192.168.2.115:4500
12/10/11 11:28:45 ii : 1af64c6cb8fc8555:436337fd21d68033
12/10/11 11:28:45 ii : sending peer INITIAL-CONTACT notification
12/10/11 11:28:45 ii : - 192.168.2.115:4500 -> 194.95.197.86:4500
12/10/11 11:28:45 ii : - isakmp spi = 1af64c6cb8fc8555:436337fd21d68033
12/10/11 11:28:45 ii : - data size 0
12/10/11 11:28:45 >= : cookies 1af64c6cb8fc8555:436337fd21d68033
12/10/11 11:28:45 >= : message 4c35b8f6
12/10/11 11:28:45 ii : building config attribute list
12/10/11 11:28:45 ii : config pull is not required
12/10/11 11:28:45 ii : creating IPSEC INBOUND policy ANY:192.168.11.0/24:*
-> ANY:192.168.2.115:*
12/10/11 11:28:45 ii : creating IPSEC OUTBOUND policy ANY:192.168.2.115:* ->
ANY:192.168.11.0/24:*
12/10/11 11:28:45 ii : created IPSEC policy route for 192.168.11.0/24
12/10/11 11:28:45 ii : split DNS is disabled
12/10/11 11:28:45 >= : cookies 1af64c6cb8fc8555:436337fd21d68033
12/10/11 11:28:45 >= : message fffd687f
12/10/11 11:28:45 ii : processing informational packet ( 84 bytes )
12/10/11 11:28:45 =< : cookies 1af64c6cb8fc8555:436337fd21d68033
12/10/11 11:28:45 =< : message e1fd9d50
12/10/11 11:28:45 ii : received peer INITIAL-CONTACT notification
12/10/11 11:28:45 ii : - 194.95.197.86:4500 -> 192.168.2.115:4500
12/10/11 11:28:45 ii : - isakmp spi = 1af64c6cb8fc8555:436337fd21d68033
12/10/11 11:28:45 ii : - data size 0
12/10/11 11:28:46 ii : processing phase2 packet ( 156 bytes )
12/10/11 11:28:46 =< : cookies 1af64c6cb8fc8555:436337fd21d68033
12/10/11 11:28:46 =< : message fffd687f
12/10/11 11:28:46 ii : matched ipsec-esp proposal #1 transform #14
12/10/11 11:28:46 ii : - transform    = esp-3des
12/10/11 11:28:46 ii : - key length   = default
12/10/11 11:28:46 ii : - encap mode   = udp-tunnel ( draft )
12/10/11 11:28:46 ii : - msg auth     = hmac-sha
12/10/11 11:28:46 ii : - pfs dh group = none
12/10/11 11:28:46 ii : - life seconds = 3600
12/10/11 11:28:46 ii : - life kbytes  = 0
12/10/11 11:28:46 ii : phase2 ids accepted
12/10/11 11:28:46 ii : - loc ANY:192.168.2.115:* -> ANY:192.168.11.0/24:*
12/10/11 11:28:46 ii : - rmt ANY:192.168.11.0/24:* -> ANY:192.168.2.115:*
12/10/11 11:28:46 ii : phase2 sa established
12/10/11 11:28:46 ii : 192.168.2.115:4500 <-> 194.95.197.86:4500
12/10/11 11:28:46 >= : cookies 1af64c6cb8fc8555:436337fd21d68033
12/10/11 11:28:46 >= : message fffd687f

----------------------------------------------------------------------
-- In Eventlog I fould the following Entry in Windows Logs / System
----------------------------------------------------------------------

Log Name:      Application
Source:        Application Error
Date:          11.10.2012 11:31:20
Event ID:      1000
Task Category: (100)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      PirzerTo-THINK
Description:
Faulting application name: iked.exe, version: 0.0.0.0, time stamp:
0x4c9fc835 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec4aa8e Exception code: 0xc0000374 Fault offset:
0x00000000000c40f2 Faulting process id: 0x20bc Faulting application start
time: 0x01cda790e7ba0af0 Faulting application path: C:\Program
Files\ShrewSoft\VPN Client\iked.exe Faulting module path:
C:\Windows\SYSTEM32\ntdll.dll Report Id:
69c7c1af-1386-11e2-9dee-e006e6bc938b
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Application Error" />
    <EventID Qualifiers="0">1000</EventID>
    <Level>2</Level>
    <Task>100</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2012-10-11T09:31:20.000000000Z" />
    <EventRecordID>5936</EventRecordID>
    <Channel>Application</Channel>
    <Computer>PirzerTo-THINK</Computer>
    <Security />
  </System>
  <EventData>
    <Data>iked.exe</Data>
    <Data>0.0.0.0</Data>
    <Data>4c9fc835</Data>
    <Data>ntdll.dll</Data>
    <Data>6.1.7601.17725</Data>
    <Data>4ec4aa8e</Data>
    <Data>c0000374</Data>
    <Data>00000000000c40f2</Data>
    <Data>20bc</Data>
    <Data>01cda790e7ba0af0</Data>
    <Data>C:\Program Files\ShrewSoft\VPN Client\iked.exe</Data>
    <Data>C:\Windows\SYSTEM32\ntdll.dll</Data>
    <Data>69c7c1af-1386-11e2-9dee-e006e6bc938b</Data>
  </EventData>
</Event>


It would be great if someone could help me out.

Regards Tobi

More information about the vpn-help mailing list