[vpn-help] Problem establishing VPN
Freddy Turriaf
fturriaf at gmail.com
Thu Oct 31 00:43:26 CDT 2013
Hi there,
I am facing a weird problem: my VPN fail when using my home cable
connection but succeed when tethering from my mobile phone.
Here the logs:
Failing connection (Cable):
13/10/30 22:47:32 ii : ipc client process thread begin ...
13/10/30 22:47:32 <A : peer config add message
13/10/30 22:47:32 <A : proposal config message
13/10/30 22:47:32 <A : proposal config message
13/10/30 22:47:32 <A : client config message
13/10/30 22:47:32 <A : xauth username message
13/10/30 22:47:32 <A : xauth password message
13/10/30 22:47:32 <A : local id 'gatewaygroupid' message
13/10/30 22:47:32 <A : preshared key message
13/10/30 22:47:32 <A : peer tunnel enable message
13/10/30 22:47:32 ii : local supports XAUTH
13/10/30 22:47:32 ii : local supports nat-t ( draft v00 )
13/10/30 22:47:32 ii : local supports nat-t ( draft v01 )
13/10/30 22:47:32 ii : local supports nat-t ( draft v02 )
13/10/30 22:47:32 ii : local supports nat-t ( draft v03 )
13/10/30 22:47:32 ii : local supports nat-t ( rfc )
13/10/30 22:47:32 ii : local supports FRAGMENTATION
13/10/30 22:47:32 ii : local supports DPDv1
13/10/30 22:47:32 ii : local is SHREW SOFT compatible
13/10/30 22:47:32 ii : local is NETSCREEN compatible
13/10/30 22:47:32 ii : local is SIDEWINDER compatible
13/10/30 22:47:32 ii : local is CISCO UNITY compatible
13/10/30 22:47:32 >= : cookies 145a9efd828be9f6:0000000000000000
13/10/30 22:47:32 >= : message 00000000
13/10/30 22:47:32 ii : processing phase1 packet ( 448 bytes )
13/10/30 22:47:32 =< : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:47:32 =< : message 00000000
13/10/30 22:47:32 ii : matched isakmp proposal #1 transform #14
13/10/30 22:47:32 ii : - transform = ike
13/10/30 22:47:32 ii : - cipher type = 3des
13/10/30 22:47:32 ii : - key length = default
13/10/30 22:47:32 ii : - hash type = sha1
13/10/30 22:47:32 ii : - dh group = group2 ( modp-1024 )
13/10/30 22:47:32 ii : - auth type = xauth-initiator-psk
13/10/30 22:47:32 ii : - life seconds = 86400
13/10/30 22:47:32 ii : - life kbytes = 0
13/10/30 22:47:32 ii : phase1 id match ( natt prevents ip match )
13/10/30 22:47:32 ii : received = ipv4-host 135.244.31.254
13/10/30 22:47:32 ii : peer supports XAUTH
13/10/30 22:47:32 ii : peer supports nat-t ( rfc )
13/10/30 22:47:32 ii : peer supports nat-t ( draft v03 )
13/10/30 22:47:32 ii : peer supports nat-t ( draft v02 )
13/10/30 22:47:32 ii : nat discovery - local address is translated
13/10/30 22:47:32 ii : switching to src nat-t udp port 4500
13/10/30 22:47:32 ii : switching to dst nat-t udp port 4500
13/10/30 22:47:32 >= : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:47:32 >= : message 00000000
13/10/30 22:47:32 ii : phase1 sa established
13/10/30 22:47:32 ii : 135.244.31.254:4500 <-> 192.168.0.2:4500
13/10/30 22:47:32 ii : 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:47:32 ii : sending peer INITIAL-CONTACT notification
13/10/30 22:47:32 ii : - 192.168.0.2:4500 -> 135.244.31.254:4500
13/10/30 22:47:32 ii : - isakmp spi = 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:47:32 ii : - data size 0
13/10/30 22:47:32 >= : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:47:32 >= : message 7aba8358
13/10/30 22:47:32 ii : processing config packet ( 76 bytes )
13/10/30 22:47:32 =< : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:47:32 =< : message 226e4d0b
13/10/30 22:47:32 ii : - xauth authentication type
13/10/30 22:47:32 ii : - xauth username
13/10/30 22:47:32 ii : - xauth password
13/10/30 22:47:32 ii : received basic xauth request -
13/10/30 22:47:32 ii : - standard xauth username
13/10/30 22:47:32 ii : - standard xauth password
13/10/30 22:47:32 ii : sending xauth response for fturriaf
13/10/30 22:47:32 >= : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:47:32 >= : message 226e4d0b
13/10/30 22:47:32 ii : processing config packet ( 124 bytes )
13/10/30 22:47:32 =< : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:47:32 =< : message 6abe826a
13/10/30 22:47:32 ii : received xauth result -
13/10/30 22:47:32 ii : user fturriaf authentication succeeded
13/10/30 22:47:32 ii : sending xauth acknowledge
13/10/30 22:47:32 >= : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:47:32 >= : message 6abe826a
13/10/30 22:47:32 ii : building config attribute list
13/10/30 22:47:32 ii : sending config pull request
13/10/30 22:47:32 >= : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:47:32 >= : message 040536aa
13/10/30 22:47:32 ii : processing config packet ( 132 bytes )
13/10/30 22:47:32 =< : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:47:32 =< : message 040536aa
13/10/30 22:47:32 ii : received config pull response
13/10/30 22:47:32 ii : adapter ROOT\VNET\0000 unavailable, retrying ...
13/10/30 22:47:33 ii : creating NONE INBOUND policy ANY:135.244.31.254:* ->
ANY:192.168.0.2:*
13/10/30 22:47:33 ii : creating NONE OUTBOUND policy ANY:192.168.0.2:* ->
ANY:135.244.31.254:*
13/10/30 22:47:33 ii : created NONE policy route for 135.244.31.254/32
13/10/30 22:47:33 ii : creating NONE INBOUND policy ANY:192.168.0.1:* ->
ANY:135.244.0.223:*
13/10/30 22:47:33 ii : creating NONE OUTBOUND policy ANY:135.244.0.223:* ->
ANY:192.168.0.1:*
13/10/30 22:47:33 ii : creating IPSEC INBOUND policy ANY:0.0.0.0/0:* ->
ANY:135.244.0.223:*
13/10/30 22:47:33 ii : creating IPSEC OUTBOUND policy ANY:135.244.0.223:*
-> ANY:0.0.0.0/0:*
13/10/30 22:47:33 ii : created IPSEC policy route for 0.0.0.0
13/10/30 22:47:33 ii : split DNS is disabled
13/10/30 22:47:37 >= : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:47:37 >= : message e5010065
13/10/30 22:47:42 -> : resend 1 phase2 packet(s) [0/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:47:47 -> : resend 1 phase2 packet(s) [1/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:47:52 -> : resend 1 phase2 packet(s) [2/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:47:53 >= : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:47:53 >= : message e32a121d
13/10/30 22:47:57 ii : resend limit exceeded for phase2 exchange
13/10/30 22:47:57 ii : phase2 removal before expire time
13/10/30 22:47:58 -> : resend 1 phase2 packet(s) [0/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:48:03 -> : resend 1 phase2 packet(s) [1/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:48:08 -> : resend 1 phase2 packet(s) [2/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:48:09 >= : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:48:09 >= : message c5ce4a49
13/10/30 22:48:13 ii : resend limit exceeded for phase2 exchange
13/10/30 22:48:13 ii : phase2 removal before expire time
13/10/30 22:48:14 -> : resend 1 phase2 packet(s) [0/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:48:19 -> : resend 1 phase2 packet(s) [1/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:48:24 -> : resend 1 phase2 packet(s) [2/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:48:25 >= : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:48:25 >= : message 86f99b76
13/10/30 22:48:29 ii : resend limit exceeded for phase2 exchange
13/10/30 22:48:29 ii : phase2 removal before expire time
13/10/30 22:48:30 -> : resend 1 phase2 packet(s) [0/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:48:35 -> : resend 1 phase2 packet(s) [1/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:48:40 -> : resend 1 phase2 packet(s) [2/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:48:41 >= : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:48:41 >= : message 09019ef0
13/10/30 22:48:45 ii : resend limit exceeded for phase2 exchange
13/10/30 22:48:45 ii : phase2 removal before expire time
13/10/30 22:48:46 -> : resend 1 phase2 packet(s) [0/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:48:51 -> : resend 1 phase2 packet(s) [1/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:48:56 -> : resend 1 phase2 packet(s) [2/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:48:57 >= : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:48:57 >= : message 08f0ec83
13/10/30 22:49:01 ii : resend limit exceeded for phase2 exchange
13/10/30 22:49:01 ii : phase2 removal before expire time
13/10/30 22:49:02 -> : resend 1 phase2 packet(s) [0/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:49:07 -> : resend 1 phase2 packet(s) [1/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:49:12 -> : resend 1 phase2 packet(s) [2/2] 192.168.0.2:4500 ->
135.244.31.254:4500
13/10/30 22:49:13 <A : peer tunnel disable message
13/10/30 22:49:13 ii : removing IPSEC INBOUND policy ANY:0.0.0.0/0:* ->
ANY:135.244.0.223:*
13/10/30 22:49:13 ii : removing IPSEC OUTBOUND policy ANY:135.244.0.223:*
-> ANY:0.0.0.0/0:*
13/10/30 22:49:13 ii : removed IPSEC policy route for ANY:0.0.0.0/0:*
13/10/30 22:49:13 ii : removing NONE INBOUND policy ANY:192.168.0.1:* ->
ANY:135.244.0.223:*
13/10/30 22:49:13 ii : removing NONE OUTBOUND policy ANY:135.244.0.223:* ->
ANY:192.168.0.1:*
13/10/30 22:49:13 ii : removing NONE INBOUND policy ANY:135.244.31.254:* ->
ANY:192.168.0.2:*
13/10/30 22:49:13 ii : removing NONE OUTBOUND policy ANY:192.168.0.2:* ->
ANY:135.244.31.254:*
13/10/30 22:49:13 ii : removed NONE policy route for ANY:135.244.31.254:*
13/10/30 22:49:13 DB : removing tunnel config references
13/10/30 22:49:13 DB : removing tunnel phase2 references
13/10/30 22:49:13 ii : phase2 removal before expire time
13/10/30 22:49:13 DB : removing tunnel phase1 references
13/10/30 22:49:13 ii : sending peer DELETE message
13/10/30 22:49:13 ii : - 192.168.0.2:4500 -> 135.244.31.254:4500
13/10/30 22:49:13 ii : - isakmp spi = 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:49:13 ii : - data size 0
13/10/30 22:49:13 >= : cookies 145a9efd828be9f6:9dfba21e6da431fa
13/10/30 22:49:13 >= : message 33a9d62d
13/10/30 22:49:13 ii : phase1 removal before expire time
13/10/30 22:49:13 DB : removing all peer tunnel references
13/10/30 22:49:13 ii : ipc client process thread exit ...
Now using my 4G tethering (successful)
13/10/30 22:53:07 ii : ipc client process thread begin ...
13/10/30 22:53:07 <A : peer config add message
13/10/30 22:53:07 <A : proposal config message
13/10/30 22:53:07 <A : proposal config message
13/10/30 22:53:07 <A : client config message
13/10/30 22:53:07 <A : xauth username message
13/10/30 22:53:07 <A : xauth password message
13/10/30 22:53:07 <A : local id 'gatewaygroupid' message
13/10/30 22:53:07 <A : preshared key message
13/10/30 22:53:07 <A : peer tunnel enable message
13/10/30 22:53:07 ii : local supports XAUTH
13/10/30 22:53:07 ii : local supports nat-t ( draft v00 )
13/10/30 22:53:07 ii : local supports nat-t ( draft v01 )
13/10/30 22:53:07 ii : local supports nat-t ( draft v02 )
13/10/30 22:53:07 ii : local supports nat-t ( draft v03 )
13/10/30 22:53:07 ii : local supports nat-t ( rfc )
13/10/30 22:53:07 ii : local supports FRAGMENTATION
13/10/30 22:53:07 ii : local supports DPDv1
13/10/30 22:53:07 ii : local is SHREW SOFT compatible
13/10/30 22:53:07 ii : local is NETSCREEN compatible
13/10/30 22:53:07 ii : local is SIDEWINDER compatible
13/10/30 22:53:07 ii : local is CISCO UNITY compatible
13/10/30 22:53:07 >= : cookies 594fc69bad4dd2e4:0000000000000000
13/10/30 22:53:07 >= : message 00000000
13/10/30 22:53:07 ii : processing phase1 packet ( 448 bytes )
13/10/30 22:53:07 =< : cookies 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:07 =< : message 00000000
13/10/30 22:53:07 ii : matched isakmp proposal #1 transform #14
13/10/30 22:53:07 ii : - transform = ike
13/10/30 22:53:07 ii : - cipher type = 3des
13/10/30 22:53:07 ii : - key length = default
13/10/30 22:53:07 ii : - hash type = sha1
13/10/30 22:53:07 ii : - dh group = group2 ( modp-1024 )
13/10/30 22:53:07 ii : - auth type = xauth-initiator-psk
13/10/30 22:53:07 ii : - life seconds = 86400
13/10/30 22:53:07 ii : - life kbytes = 0
13/10/30 22:53:07 ii : phase1 id match ( natt prevents ip match )
13/10/30 22:53:07 ii : received = ipv4-host 135.244.31.254
13/10/30 22:53:07 ii : peer supports XAUTH
13/10/30 22:53:07 ii : peer supports nat-t ( rfc )
13/10/30 22:53:07 ii : peer supports nat-t ( draft v03 )
13/10/30 22:53:07 ii : peer supports nat-t ( draft v02 )
13/10/30 22:53:07 ii : nat discovery - local address is translated
13/10/30 22:53:07 ii : switching to src nat-t udp port 4500
13/10/30 22:53:07 ii : switching to dst nat-t udp port 4500
13/10/30 22:53:07 >= : cookies 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:07 >= : message 00000000
13/10/30 22:53:07 ii : phase1 sa established
13/10/30 22:53:07 ii : 135.244.31.254:4500 <-> 172.20.10.2:4500
13/10/30 22:53:07 ii : 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:07 ii : sending peer INITIAL-CONTACT notification
13/10/30 22:53:07 ii : - 172.20.10.2:4500 -> 135.244.31.254:4500
13/10/30 22:53:07 ii : - isakmp spi = 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:07 ii : - data size 0
13/10/30 22:53:07 >= : cookies 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:07 >= : message 02bc50a7
13/10/30 22:53:07 ii : processing config packet ( 76 bytes )
13/10/30 22:53:07 =< : cookies 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:07 =< : message 5f250043
13/10/30 22:53:07 ii : - xauth authentication type
13/10/30 22:53:07 ii : - xauth username
13/10/30 22:53:07 ii : - xauth password
13/10/30 22:53:07 ii : received basic xauth request -
13/10/30 22:53:07 ii : - standard xauth username
13/10/30 22:53:07 ii : - standard xauth password
13/10/30 22:53:07 ii : sending xauth response for fturriaf
13/10/30 22:53:07 >= : cookies 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:07 >= : message 5f250043
13/10/30 22:53:08 ii : processing config packet ( 124 bytes )
13/10/30 22:53:08 =< : cookies 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:08 =< : message 2863c6e3
13/10/30 22:53:08 ii : received xauth result -
13/10/30 22:53:08 ii : user fturriaf authentication succeeded
13/10/30 22:53:08 ii : sending xauth acknowledge
13/10/30 22:53:08 >= : cookies 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:08 >= : message 2863c6e3
13/10/30 22:53:08 ii : building config attribute list
13/10/30 22:53:08 ii : sending config pull request
13/10/30 22:53:08 >= : cookies 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:08 >= : message 80c3987e
13/10/30 22:53:08 ii : processing config packet ( 132 bytes )
13/10/30 22:53:08 =< : cookies 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:08 =< : message 80c3987e
13/10/30 22:53:08 ii : received config pull response
13/10/30 22:53:08 ii : adapter ROOT\VNET\0000 unavailable, retrying ...
13/10/30 22:53:09 ii : creating NONE INBOUND policy ANY:135.244.31.254:* ->
ANY:172.20.10.2:*
13/10/30 22:53:09 ii : creating NONE OUTBOUND policy ANY:172.20.10.2:* ->
ANY:135.244.31.254:*
13/10/30 22:53:09 ii : created NONE policy route for 135.244.31.254/32
13/10/30 22:53:09 ii : creating NONE INBOUND policy ANY:172.20.10.1:* ->
ANY:135.244.1.243:*
13/10/30 22:53:09 ii : creating NONE OUTBOUND policy ANY:135.244.1.243:* ->
ANY:172.20.10.1:*
13/10/30 22:53:09 ii : creating IPSEC INBOUND policy ANY:0.0.0.0/0:* ->
ANY:135.244.1.243:*
13/10/30 22:53:09 ii : creating IPSEC OUTBOUND policy ANY:135.244.1.243:*
-> ANY:0.0.0.0/0:*
13/10/30 22:53:09 ii : created IPSEC policy route for 0.0.0.0
13/10/30 22:53:09 ii : split DNS is disabled
13/10/30 22:53:12 >= : cookies 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:12 >= : message d4143a8a
13/10/30 22:53:17 -> : resend 1 phase2 packet(s) [0/2] 172.20.10.2:4500 ->
135.244.31.254:4500
13/10/30 22:53:22 -> : resend 1 phase2 packet(s) [1/2] 172.20.10.2:4500 ->
135.244.31.254:4500
13/10/30 22:53:23 ii : processing phase2 packet ( 180 bytes )
13/10/30 22:53:23 =< : cookies 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:23 =< : message d4143a8a
13/10/30 22:53:23 ii : matched ipsec-esp proposal #1 transform #32
13/10/30 22:53:23 ii : - transform = esp-3des
13/10/30 22:53:23 ii : - key length = default
13/10/30 22:53:23 ii : - encap mode = udp-tunnel ( rfc )
13/10/30 22:53:23 ii : - msg auth = hmac-sha1
13/10/30 22:53:23 ii : - pfs dh group = none
13/10/30 22:53:23 ii : - life seconds = 3600
13/10/30 22:53:23 ii : - life kbytes = 0
13/10/30 22:53:23 ii : received peer RESPONDER-LIFETIME notification
13/10/30 22:53:23 ii : - 135.244.31.254:4500 -> 172.20.10.2:4500
13/10/30 22:53:23 ii : - ipsec-esp spi = 0x11134bca
13/10/30 22:53:23 ii : - data size 12
13/10/30 22:53:23 ii : phase2 ids accepted
13/10/30 22:53:23 ii : - loc ANY:135.244.1.243:* -> ANY:0.0.0.0/0:*
13/10/30 22:53:23 ii : - rmt ANY:0.0.0.0/0:* -> ANY:135.244.1.243:*
13/10/30 22:53:23 ii : phase2 sa established
13/10/30 22:53:23 ii : 172.20.10.2:4500 <-> 135.244.31.254:4500
13/10/30 22:53:23 >= : cookies 594fc69bad4dd2e4:98c94bc25b464bc5
13/10/30 22:53:23 >= : message d4143a8a
I tried disabling NAT-T or Policy Generation to "Unique" (from auto) but
continue failing:
13/10/30 23:34:06 ii : ipc client process thread begin ...
13/10/30 23:34:06 <A : peer config add message
13/10/30 23:34:06 <A : proposal config message
13/10/30 23:34:06 <A : proposal config message
13/10/30 23:34:06 <A : client config message
13/10/30 23:34:06 <A : xauth username message
13/10/30 23:34:06 <A : xauth password message
13/10/30 23:34:06 <A : local id 'gatewaygroupid' message
13/10/30 23:34:06 <A : preshared key message
13/10/30 23:34:06 <A : peer tunnel enable message
13/10/30 23:34:06 ii : local supports XAUTH
13/10/30 23:34:06 ii : local supports FRAGMENTATION
13/10/30 23:34:06 ii : local supports DPDv1
13/10/30 23:34:06 ii : local is SHREW SOFT compatible
13/10/30 23:34:06 ii : local is NETSCREEN compatible
13/10/30 23:34:06 ii : local is SIDEWINDER compatible
13/10/30 23:34:06 ii : local is CISCO UNITY compatible
13/10/30 23:34:06 >= : cookies b80be3b5dbceeb8b:0000000000000000
13/10/30 23:34:06 >= : message 00000000
13/10/30 23:34:06 ii : processing phase1 packet ( 400 bytes )
13/10/30 23:34:06 =< : cookies b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:06 =< : message 00000000
13/10/30 23:34:06 ii : matched isakmp proposal #1 transform #14
13/10/30 23:34:06 ii : - transform = ike
13/10/30 23:34:06 ii : - cipher type = 3des
13/10/30 23:34:06 ii : - key length = default
13/10/30 23:34:06 ii : - hash type = sha1
13/10/30 23:34:06 ii : - dh group = group2 ( modp-1024 )
13/10/30 23:34:06 ii : - auth type = xauth-initiator-psk
13/10/30 23:34:06 ii : - life seconds = 86400
13/10/30 23:34:06 ii : - life kbytes = 0
13/10/30 23:34:06 ii : phase1 id match
13/10/30 23:34:06 ii : received = ipv4-host 135.244.31.254
13/10/30 23:34:06 ii : peer supports XAUTH
13/10/30 23:34:06 ii : peer supports nat-t ( rfc )
13/10/30 23:34:06 ii : peer supports nat-t ( draft v03 )
13/10/30 23:34:06 ii : peer supports nat-t ( draft v02 )
13/10/30 23:34:06 ii : nat-t is disabled locally
13/10/30 23:34:06 >= : cookies b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:06 >= : message 00000000
13/10/30 23:34:06 ii : phase1 sa established
13/10/30 23:34:06 ii : 135.244.31.254:500 <-> 192.168.1.106:500
13/10/30 23:34:06 ii : b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:06 ii : sending peer INITIAL-CONTACT notification
13/10/30 23:34:06 ii : - 192.168.1.106:500 -> 135.244.31.254:500
13/10/30 23:34:06 ii : - isakmp spi = b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:06 ii : - data size 0
13/10/30 23:34:06 >= : cookies b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:06 >= : message a2bed34d
13/10/30 23:34:06 ii : processing config packet ( 76 bytes )
13/10/30 23:34:06 =< : cookies b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:06 =< : message a98ac015
13/10/30 23:34:06 ii : - xauth authentication type
13/10/30 23:34:06 ii : - xauth username
13/10/30 23:34:06 ii : - xauth password
13/10/30 23:34:06 ii : received basic xauth request -
13/10/30 23:34:06 ii : - standard xauth username
13/10/30 23:34:06 ii : - standard xauth password
13/10/30 23:34:06 ii : sending xauth response for fturriaf
13/10/30 23:34:06 >= : cookies b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:06 >= : message a98ac015
13/10/30 23:34:08 ii : processing config packet ( 124 bytes )
13/10/30 23:34:08 =< : cookies b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:08 =< : message 206fdd6a
13/10/30 23:34:08 ii : received xauth result -
13/10/30 23:34:08 ii : user fturriaf authentication succeeded
13/10/30 23:34:08 ii : sending xauth acknowledge
13/10/30 23:34:08 >= : cookies b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:08 >= : message 206fdd6a
13/10/30 23:34:08 ii : building config attribute list
13/10/30 23:34:08 ii : sending config pull request
13/10/30 23:34:08 >= : cookies b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:08 >= : message 8a960406
13/10/30 23:34:08 ii : processing config packet ( 132 bytes )
13/10/30 23:34:08 =< : cookies b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:08 =< : message 8a960406
13/10/30 23:34:08 ii : received config pull response
13/10/30 23:34:08 ii : creating NONE INBOUND policy ANY:135.244.31.254:* ->
ANY:192.168.1.106:*
13/10/30 23:34:08 ii : creating NONE OUTBOUND policy ANY:192.168.1.106:* ->
ANY:135.244.31.254:*
13/10/30 23:34:08 ii : created NONE policy route for 135.244.31.254/32
13/10/30 23:34:08 ii : creating NONE INBOUND policy ANY:192.168.1.1:* ->
ANY:135.244.2.74:*
13/10/30 23:34:08 ii : creating NONE OUTBOUND policy ANY:135.244.2.74:* ->
ANY:192.168.1.1:*
13/10/30 23:34:08 ii : creating IPSEC INBOUND policy ANY:0.0.0.0/0:* ->
ANY:135.244.2.74:*
13/10/30 23:34:08 ii : creating IPSEC OUTBOUND policy ANY:135.244.2.74:* ->
ANY:0.0.0.0/0:*
13/10/30 23:34:08 ii : created IPSEC policy route for 0.0.0.0
13/10/30 23:34:08 ii : split DNS is disabled
13/10/30 23:34:11 >= : cookies b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:11 >= : message 2758cac5
13/10/30 23:34:16 -> : resend 1 phase2 packet(s) [0/2] 192.168.1.106:500 ->
135.244.31.254:500
13/10/30 23:34:21 -> : resend 1 phase2 packet(s) [1/2] 192.168.1.106:500 ->
135.244.31.254:500
13/10/30 23:34:26 -> : resend 1 phase2 packet(s) [2/2] 192.168.1.106:500 ->
135.244.31.254:500
13/10/30 23:34:27 >= : cookies b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:27 >= : message 0d575009
13/10/30 23:34:31 ii : resend limit exceeded for phase2 exchange
13/10/30 23:34:31 ii : phase2 removal before expire time
13/10/30 23:34:32 -> : resend 1 phase2 packet(s) [0/2] 192.168.1.106:500 ->
135.244.31.254:500
13/10/30 23:34:37 -> : resend 1 phase2 packet(s) [1/2] 192.168.1.106:500 ->
135.244.31.254:500
13/10/30 23:34:42 -> : resend 1 phase2 packet(s) [2/2] 192.168.1.106:500 ->
135.244.31.254:500
13/10/30 23:34:43 >= : cookies b80be3b5dbceeb8b:ee028b0319409d9c
13/10/30 23:34:43 >= : message 077b253a
13/10/30 23:34:47 ii : resend limit exceeded for phase2 exchange
13/10/30 23:34:47 ii : phase2 removal before expire time
13/10/30 23:34:48 -> : resend 1 phase2 packet(s) [0/2] 192.168.1.106:500 ->
135.244.31.254:500
13/10/30 23:34:48 <A : peer tunnel disable message
13/10/30 23:34:48 ii : removing IPSEC INBOUND policy ANY:0.0.0.0/0:* ->
ANY:135.244.2.74:*
13/10/30 23:34:48 ii : removing IPSEC OUTBOUND policy ANY:135.244.2.74:* ->
ANY:0.0.0.0/0:*
13/10/30 23:34:48 ii : removed IPSEC policy route for ANY:0.0.0.0/0:*
13/10/30 23:34:48 ii : removing NONE INBOUND policy ANY:192.168.1.1:* ->
ANY:135.244.2.74:*
13/10/30 23:34:48 ii : removing NONE OUTBOUND policy ANY:135.244.2.74:* ->
ANY:192.168.1.1:*
13/10/30 23:34:48 ii : removing NONE INBOUND policy ANY:135.244.31.254:* ->
ANY:192.168.1.106:*
13/10/30 23:34:48 ii : removing NONE OUTBOUND policy ANY:192.168.1.106:* ->
ANY:135.244.31.254:*
13/10/30 23:34:48 ii : removed NONE policy route for ANY:135.244.31.254:*
13/10/30 23:34:49 DB : removing tunnel config references
13/10/30 23:34:49 DB : removing tunnel phase2 references
13/10/30 23:34:49 ii : phase2 removal before expire time
13/10/30 23:34:49 DB : removing tunnel phase1 references
13/10/30 23:34:49 ii : sending peer DELETE message
13/10/30 23:34:49 ii : - 192.168.1.106:500 -> 135.244.31.254:500
Any clue on what may wrong?
Thanks very much
-f
I am running 2.2.2 on Win 7
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20131030/13072111/attachment-0001.html>
More information about the vpn-help
mailing list