[vpn-help] Phase 2 Error cannot connect to VPN
Kevin VPN
kvpn at live.com
Mon Nov 25 20:57:23 CST 2013
On 11/22/2013 04:41 PM, Ankur Vyavaharkar wrote:
> Hi Kevin
>
> I am facing the same issues as experienced by Drew Majewski phase 1
> looks to be up but phase 2 isnt. Tried the client on different
> machines but the same results, Phase 2 proposals are the same . The
> reason you might be seeing NAT is to allow the user to browse the
> internet while on VPN. Policy option on the Shrew Soft client is set
> to Obtain Topology Automatically or tunnel all , also tried to
> include/ exclude different subnets but it still wont work. It worked
> for a while when tested from different machine it stopped and its not
> working now on the machine it was initially working. Any inputs would
> be appretiated.
>
Hi Ankur,
It looks like you've got a misconfiguration with your VPN gateway's
remote proxy-id setting. The message:
No policy exists for the proxy ID received: local ID
(<0.0.0.0>/<0.0.0.0>, <0>, <0>) remote ID
(<10.10.0.102>/<255.255.255.255>, <0>, <0>).
suggests to me that you've configured your proxy-id to expect to be
contacted only by IP address 10.10.0.102. From my understanding, the
remote ID is actually the IP address that will be "calling" the VPN
gateway. So I would expect that it should match 24.43.114.18, which
appears to be the public IP of your Shrew client.
Try changing the remote proxy-id to 24.43.114.18/32.
More information about the vpn-help
mailing list