[vpn-help] Win7 x64 negotiation timeout - no packets sent

Greg King taintedmarmot at hotmail.com
Fri Sep 28 16:20:11 CDT 2012 

Hi Alexis,
Thanks for the response - that won't help me though, because I'm not seeing any packets coming out of my windows client box.Under Windows, nothing reaches the network at all, but under Ubuntu on same machine it works perfectly.
Greg

Date: Fri, 28 Sep 2012 20:07:39 +0200
From: alexis.lagoutte at gmail.com
To: terry at onixnet.com
CC: vpn-help at lists.shrew.net
Subject: Re: [vpn-help] Win7 x64 negotiation timeout - no packets sent

Hi Terry,

Check your VPN Gateway logs.
The packet is send from Shrew and no response from your VPN Gateway.

Regards,

On Fri, Sep 28, 2012 at 7:25 PM, Terry Chambers <terry at onixnet.com> wrote:

I ran the Trace Utility as recommended in an earlier thread:
12/09/28 13:19:45 ## : IKE Daemon, ver 2.1.7
12/09/28 13:19:45 ## : Copyright 2010 Shrew Soft Inc.12/09/28 13:19:45 ## : This product linked OpenSSL 0.9.8h 28 May 2008

12/09/28 13:19:45 ii : opened 'C:\Program Files\ShrewSoft\VPN Client\debug\iked.log'12/09/28 13:19:45 ii : rebuilding vnet device list ...12/09/28 13:19:45 ii : device ROOT\VNET\0000 disabled


12/09/28 13:19:45 ii : device ROOT\VNET\0001 disabled12/09/28 13:19:45 ii : network process thread begin ...12/09/28 13:19:45 ii : pfkey process thread begin ...12/09/28 13:19:45 ii : ipc server process thread begin ...


12/09/28 13:20:03 ii : ipc client process thread begin ...12/09/28 13:20:03 <A : peer config add message12/09/28 13:20:03 <A : proposal config message12/09/28 13:20:03 <A : proposal config message


12/09/28 13:20:03 <A : client config message12/09/28 13:20:03 <A : xauth username message12/09/28 13:20:03 <A : xauth password message12/09/28 13:20:03 <A : local id 'vpn_client at onixnet.com' message


12/09/28 13:20:03 <A : remote id 'vpngw at onixnet.com' message12/09/28 13:20:03 <A : preshared key message12/09/28 13:20:03 <A : remote resource message


12/09/28 13:20:03 <A : peer tunnel enable message12/09/28 13:20:03 ii : local supports XAUTH12/09/28 13:20:03 ii : local supports nat-t ( draft v00 )12/09/28 13:20:03 ii : local supports nat-t ( draft v01 )


12/09/28 13:20:03 ii : local supports nat-t ( draft v02 )12/09/28 13:20:03 ii : local supports nat-t ( draft v03 )12/09/28 13:20:03 ii : local supports nat-t ( rfc )12/09/28 13:20:03 ii : local supports FRAGMENTATION


12/09/28 13:20:03 ii : local supports DPDv112/09/28 13:20:03 ii : local is SHREW SOFT compatible12/09/28 13:20:03 ii : local is NETSCREEN compatible12/09/28 13:20:03 ii : local is SIDEWINDER compatible


12/09/28 13:20:03 ii : local is CISCO UNITY compatible12/09/28 13:20:03 >= : cookies 7897ffb99c264abe:000000000000000012/09/28 13:20:03 >= : message 0000000012/09/28 13:20:08 -> : resend 1 phase1 packet(s) 10.0.1.32:500 -> 68.109.xxx.xx:500


12/09/28 13:20:13 -> : resend 1 phase1 packet(s) 10.0.1.32:500 -> 68.109.xxx.xx:50012/09/28 13:20:18 -> : resend 1 phase1 packet(s) 10.0.1.32:500 -> 68.109.xxx.xx:500


12/09/28 13:20:23 ii : resend limit exceeded for phase1 exchange12/09/28 13:20:23 ii : phase1 removal before expire time12/09/28 13:20:23 DB : removing tunnel config references12/09/28 13:20:23 DB : removing tunnel phase2 references


12/09/28 13:20:23 DB : removing tunnel phase1 references12/09/28 13:20:23 DB : removing all peer tunnel refrences12/09/28 13:20:23 ii : ipc client process thread exit ...12/09/28 13:20:27 ii : halt signal received, shutting down


12/09/28 13:20:27 ii : ipc server process thread exit ...12/09/28 13:20:27 ii : pfkey process thread exit ...
Any thoughts?Terry




On Fri, Sep 28, 2012 at 1:11 PM, Terry Chambers <terry at onixnet.com> wrote:



I have the exact same situation with the negotiation timeout.  Just started in the last week or so.








Message: 1

Date: Fri, 28 Sep 2012 16:06:21 +0000

From: Greg King <taintedmarmot at hotmail.com>

Subject: [vpn-help] Win7 x64 negotiation timeout - no packets sent

To: <vpn-help at lists.shrew.net>

Message-ID: <BAY146-W49A7E7E6F8BD2698EB1DECA0820 at phx.gbl>

Content-Type: text/plain; charset="iso-8859-1"





Hi,

I'm using Shrew 2.2 beta2 to connect from Win7 x64 to a Netgear FVS318v3, but I'm getting a negotiation timeout.

The same machine (dual boot) under Ubuntu 12.04 connects fine with 2.2beta2 client.

What I've tried:I exported shrew configuration from working Ubuntu client and imported it into Win7 client, so shouldn't be any problem there.I've switched off both ZoneAlarm and Windows Firewall.  No joy.I've tried running VPN Access Manager as Administrator.  No joy.In case it's relevant: previously had openVPN and VirtualBox installed.  I uninstalled them, rebooted Windows, uninstalled Shrew, rebooted Windows, reinstalled Shrew, rebooted Windows.  Still no joy.Other information:Local Area Connection Properties dialog does have a 'Shrew Soft Lightweight Filter' in the Properties dialog, and the checkbox next to it is ticked.Task Manager lists the following related processes as running: ipseca.exe, ipsecc.exe, ipsect.exeWhen trying to connect, Wireshark (running on the same Win7 box) doesn't detect any UDP/TCP packets on port 500, nor any packets on isakmp filter (but does detect other packets e.g. web browsing).I do see isakmp packets on Ubuntu Wireshark when connecting fr!





 om Ubuntu shrew client.The FVS318 and Win7 box are on different subnets, but the connection works under Ubuntu from same machine, so I doubt the router is the problem.

So it seems something under Win7 x64 is stopping the packets getting out onto the network, but I'm at a loss to explain it.

I've been Googling for hours, but can't find a solution.  Any help anyone could give would be gratefully received.

Greg

VPN Connect log:attached to key daemon ...peer configurediskamp proposal configuredesp proposal configuredclient configuredlocal id configuredremote id configuredpre-shared key configuredbringing up tunnel ...negotiation timout occurredtunnel disableddetached from key daemon





VPN Trace IKE Service log:12/09/16 20:09:09 ii : ipc client process thread begin ...12/09/16 20:09:09 <A : peer config add message12/09/16 20:09:09 <A : proposal config message12/09/16 20:09:09 <A : proposal config message12/09/16 20:09:09 <A : client config message12/09/16 20:09:09 <A : local id 'fvs_local_grg' message12/09/16 20:09:09 <A : preshared key message12/09/16 20:09:09 <A : remote resource message12/09/16 20:09:09 <A : remote resource message12/09/16 20:09:09 <A : remote resource message12/09/16 20:09:09 <A : peer tunnel enable message12/09/16 20:09:09 ii : local is SHREW SOFT compatible12/09/16 20:09:09 ii : local is NETSCREEN compatible12/09/16 20:09:09 ii : local is SIDEWINDER compatible12/09/16 20:09:09 ii : local is CISCO UNITY compatible12/09/16 20:09:09 >= : cookies 8219a4a29c1c6360:000000000000000012/09/16 20:09:09 >= : message 0000000012/09/16 20:09:14 -> : resend 1 phase1 packet(s) [0/2] 10.0.0.10:500 -> 192.168.0.100:50012/09/16 20:09:19 -> : resend 1 p!





 hase1 packet(s) [1/2] 10.0.0.10:500 -> 192.168.0.100:50012/09/16 20:09:24 -> : resend 1 phase1 packet(s) [2/2] 10.0.0.10:500 -> 192.168.0.100:50012/09/16 20:09:29 ii : resend limit exceeded for phase1 exchange12/09/16 20:09:29 ii : phase1 removal before expire time12/09/16 20:09:29 DB : removing tunnel config references12/09/16 20:09:29 DB : removing tunnel phase2 references12/09/16 20:09:29 DB : removing tunnel phase1 references12/09/16 20:09:29 DB : removing all peer tunnel refrences12/09/16 20:09:29 ii : ipc client process thread exit ...













-------------- next part --------------

An HTML attachment was scrubbed...

URL: <http://lists.shrew.net/pipermail/vpn-help/attachments/20120928/a6abf84a/attachment-0001.html>







------------------------------



_______________________________________________

vpn-help mailing list

vpn-help at lists.shrew.net

http://lists.shrew.net/mailman/listinfo/vpn-help





End of vpn-help Digest, Vol 72, Issue 6

***************************************






_______________________________________________

vpn-help mailing list

vpn-help at lists.shrew.net

http://lists.shrew.net/mailman/listinfo/vpn-help





_______________________________________________
vpn-help mailing list
vpn-help at lists.shrew.net
http://lists.shrew.net/mailman/listinfo/vpn-help 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20120928/ca84c19e/attachment-0002.html>

More information about the vpn-help mailing list