[vpn-help] Tunnel not coming up ..Urgent ..

David A. Esquivel dae at qcapital.com
Fri Oct 12 05:48:46 CDT 2012 

Make sure that your pre shared key matches and that your auth type are the same. I.e. If you are using 3des on the firewall, make sure to use 3des on Shrew. Try not to use "auto" as some firewalls do not support this. 

**** Sent From Blackberry Wireless Handheld ****

________________________________

From: vpn-help-bounces at lists.shrew.net <vpn-help-bounces at lists.shrew.net> 
To: nikish bhat <nikishbhat at googlemail.com> 
Cc: vpn-help at lists.shrew.net <vpn-help at lists.shrew.net> 
Sent: Fri Oct 12 02:53:57 2012
Subject: Re: [vpn-help] Tunnel not coming up ..Urgent .. 


Hi Nikish,

12/10/02 18:56:11 ii : received peer NO-PROPOSAL-CHOSEN notification

Check your configuration (Parameter of Phase 1, it is not the same between the client and your vpn gateway  )

Regards,


On Tue, Oct 2, 2012 at 3:38 PM, nikish bhat <nikishbhat at googlemail.com> wrote:


	Hi Team,
	 
	I am using shrew client version 2.1.7 to connect to an SRX-100 VPN gateway with JUNOS 11.4 but I am getting the below mentioned error everytime.I am trying it from the past 3-4 days but still no luck.
	I am having WIN7 64-bit on my windows machine.
	 
	I am really struggling to get the tunnel enabled.
	Appreciate any help.
	 
	 
	12/10/02 18:56:01 ii : ipc client process thread begin ...

	12/10/02 18:56:01 <A : peer config add message

	12/10/02 18:56:01 DB : peer added ( obj count = 1 )

	12/10/02 18:56:01 ii : local address x.x.x.x selected for peer

	12/10/02 18:56:01 DB : tunnel added ( obj count = 1 )

	12/10/02 18:56:01 <A : proposal config message

	12/10/02 18:56:01 <A : proposal config message

	12/10/02 18:56:01 <A : client config message

	12/10/02 18:56:01 <A : xauth username message

	12/10/02 18:56:01 <A : xauth password message

	12/10/02 18:56:01 <A : local id 'remote at domian.com' message

	12/10/02 18:56:01 <A : preshared key message

	12/10/02 18:56:01 <A : peer tunnel enable message

	12/10/02 18:56:01 DB : new phase1 ( ISAKMP initiator )

	12/10/02 18:56:01 DB : exchange type is aggressive

	12/10/02 18:56:01 DB : x.x.x.x::500 <-> x.x.x.x:500

	12/10/02 18:56:01 DB : eba815e2952d5cf8:0000000000000000

	12/10/02 18:56:01 DB : phase1 added ( obj count = 1 )

	12/10/02 18:56:01 >> : security association payload

	12/10/02 18:56:01 >> : - proposal #1 payload 

	12/10/02 18:56:01 >> : -- transform #1 payload 

	12/10/02 18:56:01 >> : key exchange payload

	12/10/02 18:56:01 >> : nonce payload

	12/10/02 18:56:01 >> : identification payload

	12/10/02 18:56:01 >> : vendor id payload

	12/10/02 18:56:01 ii : local supports XAUTH

	12/10/02 18:56:01 >> : vendor id payload

	12/10/02 18:56:01 ii : local supports nat-t ( draft v00 )

	12/10/02 18:56:01 >> : vendor id payload

	12/10/02 18:56:01 ii : local supports nat-t ( draft v01 )

	12/10/02 18:56:01 >> : vendor id payload

	12/10/02 18:56:01 ii : local supports nat-t ( draft v02 )

	12/10/02 18:56:01 >> : vendor id payload

	12/10/02 18:56:01 ii : local supports nat-t ( draft v03 )

	12/10/02 18:56:01 >> : vendor id payload

	12/10/02 18:56:01 ii : local supports nat-t ( rfc )

	12/10/02 18:56:01 >> : vendor id payload

	12/10/02 18:56:01 ii : local supports FRAGMENTATION

	12/10/02 18:56:01 >> : vendor id payload

	12/10/02 18:56:01 ii : local supports DPDv1

	12/10/02 18:56:01 >> : vendor id payload

	12/10/02 18:56:01 ii : local is SHREW SOFT compatible

	12/10/02 18:56:01 >> : vendor id payload

	12/10/02 18:56:01 ii : local is NETSCREEN compatible

	12/10/02 18:56:01 >> : vendor id payload

	12/10/02 18:56:01 ii : local is SIDEWINDER compatible

	12/10/02 18:56:01 >> : vendor id payload

	12/10/02 18:56:01 ii : local is CISCO UNITY compatible

	12/10/02 18:56:01 >= : cookies eba815e2952d5cf8:0000000000000000

	12/10/02 18:56:01 >= : message 00000000

	12/10/02 18:56:01 -> : send IKE packet x.x.x.x:500 -> x.x.x.x:500 ( 533 bytes )

	12/10/02 18:56:01 DB : phase1 resend event scheduled ( ref count = 2 )

	12/10/02 18:56:01 <- : recv IKE packet x.x.x.x:500 -> x.x.x.x:500 ( 102 bytes )

	12/10/02 18:56:01 DB : phase1 found

	12/10/02 18:56:01 ii : processing informational packet ( 102 bytes )

	12/10/02 18:56:01 =< : cookies eba815e2952d5cf8:31e74a4caa00d17b

	12/10/02 18:56:01 =< : message 17405094

	12/10/02 18:56:01 << : notification payload

	12/10/02 18:56:01 ii : received peer NO-PROPOSAL-CHOSEN notification

	12/10/02 18:56:01 ii : - x.x.x.x:500 -> x.x.x.x:500

	12/10/02 18:56:01 ii : - isakmp spi = eba815e2952d5cf8:31e74a4caa00d17b

	12/10/02 18:56:01 ii : - data size 46

	12/10/02 18:56:06 -> : resend 1 phase1 packet(s) x.x.x.x:500 -> x.x.x.x:500

	12/10/02 18:56:11 -> : resend 1 phase1 packet(s) x.x.x.x:500 -> x.x.x.x:500

	12/10/02 18:56:11 <- : recv IKE packet x.x.x.x:500 -> x.x.x.x:500 ( 102 bytes )

	12/10/02 18:56:11 DB : phase1 found

	12/10/02 18:56:11 ii : processing informational packet ( 102 bytes )

	12/10/02 18:56:11 =< : cookies eba815e2952d5cf8:31e74a4caa00d17b

	12/10/02 18:56:11 =< : message 17405094

	12/10/02 18:56:11 << : notification payload

	12/10/02 18:56:11 ii : received peer NO-PROPOSAL-CHOSEN notification

	12/10/02 18:56:11 ii : - x.x.x.x:500 -> x.x.x.x:500

	12/10/02 18:56:11 ii : - isakmp spi = eba815e2952d5cf8:31e74a4caa00d17b

	12/10/02 18:56:11 ii : - data size 46

	12/10/02 18:56:16 -> : resend 1 phase1 packet(s) x.x.x.x -> x.x.x.x:500

	12/10/02 18:56:21 ii : resend limit exceeded for phase1 exchange

	12/10/02 18:56:21 ii : phase1 removal before expire time

	12/10/02 18:56:21 DB : phase1 deleted ( obj count = 0 )

	12/10/02 18:56:21 DB : policy not found

	12/10/02 18:56:21 DB : policy not found

	12/10/02 18:56:21 DB : tunnel stats event canceled ( ref count = 1 )

	12/10/02 18:56:21 DB : removing tunnel config references

	12/10/02 18:56:21 DB : removing tunnel phase2 references

	12/10/02 18:56:21 DB : removing tunnel phase1 references

	12/10/02 18:56:21 DB : tunnel deleted ( obj count = 0 )

	12/10/02 18:56:21 DB : removing all peer tunnel refrences

	12/10/02 18:56:21 DB : peer deleted ( obj count = 0 )

	12/10/02 18:56:21 ii : ipc client process thread exit ...

	 

	Regards,

	Nikish

	Mob - 91 9029331403


	_______________________________________________
	vpn-help mailing list
	vpn-help at lists.shrew.net
	http://lists.shrew.net/mailman/listinfo/vpn-help
	
	


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20121012/f98eda08/attachment-0002.html>

More information about the vpn-help mailing list