[vpn-help] Win7 x64 negotiation timeout - no packets sent

Greg King taintedmarmot at hotmail.com
Sun Oct 7 06:06:01 CDT 2012


Update:Wireshark shows an ARP request every time I click on 'Connect', and it shows the response come back from the router.
I'm not at all familiar with the way Windows Network Devices work, but does that mean the virtual network adapter is beginning the connection process (in finding the target IP), but not actually sending any IPSec packets through?
Would that suggest it's a bug in the virtual network adapter?
Greg
From: taintedmarmot at hotmail.com
To: vpn-help at lists.shrew.net
Date: Sun, 16 Sep 2012 19:41:43 +0000
Subject: [vpn-help] Win7 x64 negotiation timeout - no packets sent





Hi,
I'm using Shrew 2.2 beta2 to connect from Win7 x64 to a Netgear FVS318v3, but I'm getting a negotiation timeout.
The same machine (dual boot) under Ubuntu 12.04 connects fine with 2.2beta2 client.
What I've tried:I exported shrew configuration from working Ubuntu client and imported it into Win7 client, so shouldn't be any problem there.I've switched off both ZoneAlarm and Windows Firewall.  No joy.I've tried running VPN Access Manager as Administrator.  No joy.In case it's relevant: previously had openVPN and VirtualBox installed.  I uninstalled them, rebooted Windows, uninstalled Shrew, rebooted Windows, reinstalled Shrew, rebooted Windows.  Still no joy.Other information:Local Area Connection Properties dialog does have a 'Shrew Soft Lightweight Filter' in the Properties dialog, and the checkbox next to it is ticked.Task Manager lists the following related processes as running: ipseca.exe, ipsecc.exe, ipsect.exeWhen trying to connect, Wireshark (running on the same Win7 box) doesn't detect any UDP/TCP packets on port 500, nor any packets on isakmp filter (but does detect other packets e.g. web browsing).I do see isakmp packets on Ubuntu Wireshark when connecting from Ubuntu shrew client.The FVS318 and Win7 box are on different subnets, but the connection works under Ubuntu from same machine, so I doubt the router is the problem.
So it seems something under Win7 x64 is stopping the packets getting out onto the network, but I'm at a loss to explain it.
I've been Googling for hours, but can't find a solution.  Any help anyone could give would be gratefully received.
Greg
VPN Connect log:attached to key daemon ...peer configurediskamp proposal configuredesp proposal configuredclient configuredlocal id configuredremote id configuredpre-shared key configuredbringing up tunnel ...negotiation timout occurredtunnel disableddetached from key daemon
VPN Trace IKE Service log:12/09/16 20:09:09 ii : ipc client process thread begin ...12/09/16 20:09:09 <A : peer config add message12/09/16 20:09:09 <A : proposal config message12/09/16 20:09:09 <A : proposal config message12/09/16 20:09:09 <A : client config message12/09/16 20:09:09 <A : local id 'fvs_local_grg' message12/09/16 20:09:09 <A : preshared key message12/09/16 20:09:09 <A : remote resource message12/09/16 20:09:09 <A : remote resource message12/09/16 20:09:09 <A : remote resource message12/09/16 20:09:09 <A : peer tunnel enable message12/09/16 20:09:09 ii : local is SHREW SOFT compatible12/09/16 20:09:09 ii : local is NETSCREEN compatible12/09/16 20:09:09 ii : local is SIDEWINDER compatible12/09/16 20:09:09 ii : local is CISCO UNITY compatible12/09/16 20:09:09 >= : cookies 8219a4a29c1c6360:000000000000000012/09/16 20:09:09 >= : message 0000000012/09/16 20:09:14 -> : resend 1 phase1 packet(s) [0/2] 10.0.0.10:500 -> 192.168.0.100:50012/09/16 20:09:19 -> : resend 1 phase1 packet(s) [1/2] 10.0.0.10:500 -> 192.168.0.100:50012/09/16 20:09:24 -> : resend 1 phase1 packet(s) [2/2] 10.0.0.10:500 -> 192.168.0.100:50012/09/16 20:09:29 ii : resend limit exceeded for phase1 exchange12/09/16 20:09:29 ii : phase1 removal before expire time12/09/16 20:09:29 DB : removing tunnel config references12/09/16 20:09:29 DB : removing tunnel phase2 references12/09/16 20:09:29 DB : removing tunnel phase1 references12/09/16 20:09:29 DB : removing all peer tunnel refrences12/09/16 20:09:29 ii : ipc client process thread exit ...



 		 	   		  

_______________________________________________
vpn-help mailing list
vpn-help at lists.shrew.net
http://lists.shrew.net/mailman/listinfo/vpn-help 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20121007/30a88feb/attachment-0002.html>


More information about the vpn-help mailing list