[vpn-help] Another user with Phase2 problems?

Marc Cohen office at nccs.biz
Tue Dec 16 16:41:31 CST 2014


I'm having trouble connecting to a remote network using the Shrew Soft 
VPN Client for Windows. I am trying to connect directly to the Cisco 
gateway. I have a feeling my immediate problem is with my Phase 2 
connection. The ultimate goal is to access a share on a computer on the 
remote network (i.e. map a letter to the share).

Right now I get to the "tunnel enabled" but cannot access anything on 
the remote network. Looking at the log file it appears that something 
isn't right but I have no idea what.

Thanks for your help,
Marc

VPN Client Version = Standard Edition 2.2.2
Windows OS Version = Windows 7 Pro - SP1
Gateway Make/Model = Cisco RVS4000
Gateway OS Version = v2.0.2.7

IP Addressing---------------------
Remote Lan: 192.168.1.0/24
-Cisco RVS4000 is 192.168.1.1 and is the DHCP server

Local Computer IP can change depending upon what it's connected to - 
right now it is in the same IP subnet as the remote.

Assigned IP address to VPN Client: 192.168.2.10


Cisco RVS4000 Gateway---------------
IPSec: IKE with Preshared Key

Phase1
Encryption          : 3des
Authentication      : SHA1
Group               : 1024-bit
Key LifeTime        : 28800 sec

Phase2
Encryption          : 3des
Authentication      : SHA1
Perfect Forward     : Enable
Group               : 1024-bit
Key LifeTime        : 3600 sec

Shrew Soft VPN Client---------------
Phase1

Exchange Type       : aggressive
DH Exchange         : group 2
Cipher Algorithm    : 3des
Hash Algorithm      : SHA1
Key LifeTime        : 28800 sec
Key Data limit      : 0 Kbytes

Phase2
Transform Algorithm : esp-3des
HMAC Algorithm      : SHA1
PFS Exchange        : group 2
Compress Algorithm  : disabled
Key LifeTime        : 3600 sec
Key Data limit      : 0 Kbytes
-------------- next part --------------
14/12/16 16:30:44 ## : IKE Daemon, ver 2.2.2
14/12/16 16:30:44 ## : Copyright 2013 Shrew Soft Inc.
14/12/16 16:30:44 ## : This product linked OpenSSL 1.0.1c 10 May 2012
14/12/16 16:30:44 ii : opened 'C:\Program Files\ShrewSoft\VPN Client\debug\iked.log'
14/12/16 16:30:44 ii : opened 'C:\Program Files\ShrewSoft\VPN Client/debug/dump-ike-decrypt.cap'
14/12/16 16:30:44 ii : rebuilding vnet device list ...
14/12/16 16:30:44 ii : device ROOT\VNET\0000 disabled
14/12/16 16:30:44 ii : network process thread begin ...
14/12/16 16:30:44 ii : pfkey process thread begin ...
14/12/16 16:30:44 ii : ipc server process thread begin ...
14/12/16 16:30:55 ii : ipc client process thread begin ...
14/12/16 16:30:55 <A : peer config add message
14/12/16 16:30:55 <A : proposal config message
14/12/16 16:30:55 <A : proposal config message
14/12/16 16:30:55 <A : client config message
14/12/16 16:30:55 <A : local id '10.13.0.1' message
14/12/16 16:30:55 <A : preshared key message
14/12/16 16:30:55 <A : remote resource message
14/12/16 16:30:55 <A : peer tunnel enable message
14/12/16 16:30:55 DB : peer added ( obj count = 1 )
14/12/16 16:30:55 ii : local address 192.168.1.32 selected for peer
14/12/16 16:30:55 DB : tunnel added ( obj count = 1 )
14/12/16 16:30:55 DB : new phase1 ( ISAKMP initiator )
14/12/16 16:30:55 DB : exchange type is aggressive
14/12/16 16:30:55 DB : 192.168.1.32:500 <-> xxx.xxx.xxx.xxx:500
14/12/16 16:30:55 DB : 4c60378f060b05ee:0000000000000000
14/12/16 16:30:55 DB : phase1 added ( obj count = 1 )
14/12/16 16:30:55 >> : security association payload
14/12/16 16:30:55 >> : - proposal #1 payload 
14/12/16 16:30:55 >> : -- transform #1 payload 
14/12/16 16:30:55 >> : key exchange payload
14/12/16 16:30:55 >> : nonce payload
14/12/16 16:30:55 >> : identification payload
14/12/16 16:30:55 >> : vendor id payload
14/12/16 16:30:55 ii : local supports nat-t ( draft v00 )
14/12/16 16:30:55 >> : vendor id payload
14/12/16 16:30:55 ii : local supports nat-t ( draft v01 )
14/12/16 16:30:55 >> : vendor id payload
14/12/16 16:30:55 ii : local supports nat-t ( draft v02 )
14/12/16 16:30:55 >> : vendor id payload
14/12/16 16:30:55 ii : local supports nat-t ( draft v03 )
14/12/16 16:30:55 >> : vendor id payload
14/12/16 16:30:55 ii : local supports nat-t ( rfc )
14/12/16 16:30:55 >> : vendor id payload
14/12/16 16:30:55 >> : vendor id payload
14/12/16 16:30:55 ii : local supports DPDv1
14/12/16 16:30:55 >> : vendor id payload
14/12/16 16:30:55 ii : local is SHREW SOFT compatible
14/12/16 16:30:55 >> : vendor id payload
14/12/16 16:30:55 ii : local is NETSCREEN compatible
14/12/16 16:30:55 >> : vendor id payload
14/12/16 16:30:55 ii : local is SIDEWINDER compatible
14/12/16 16:30:55 >> : vendor id payload
14/12/16 16:30:55 ii : local is CISCO UNITY compatible
14/12/16 16:30:55 >= : cookies 4c60378f060b05ee:0000000000000000
14/12/16 16:30:55 >= : message 00000000
14/12/16 16:30:55 -> : send IKE packet 192.168.1.32:500 -> xxx.xxx.xxx.xxx:500 ( 504 bytes )
14/12/16 16:30:55 DB : phase1 resend event scheduled ( ref count = 2 )
14/12/16 16:30:55 <- : recv IKE packet xxx.xxx.xxx.xxx:500 -> 192.168.1.32:500 ( 292 bytes )
14/12/16 16:30:55 DB : phase1 found
14/12/16 16:30:55 ii : processing phase1 packet ( 292 bytes )
14/12/16 16:30:55 =< : cookies 4c60378f060b05ee:eb55d98471e61cc4
14/12/16 16:30:55 =< : message 00000000
14/12/16 16:30:55 << : security association payload
14/12/16 16:30:55 << : - propsal #1 payload 
14/12/16 16:30:55 << : -- transform #1 payload 
14/12/16 16:30:55 ii : matched isakmp proposal #1 transform #1
14/12/16 16:30:55 ii : - transform    = ike
14/12/16 16:30:55 ii : - cipher type  = 3des
14/12/16 16:30:55 ii : - key length   = default
14/12/16 16:30:55 ii : - hash type    = sha1
14/12/16 16:30:55 ii : - dh group     = group2 ( modp-1024 )
14/12/16 16:30:55 ii : - auth type    = psk
14/12/16 16:30:55 ii : - life seconds = 28800
14/12/16 16:30:55 ii : - life kbytes  = 0
14/12/16 16:30:55 << : key exchange payload
14/12/16 16:30:55 << : nonce payload
14/12/16 16:30:55 << : identification payload
14/12/16 16:30:55 ii : phase1 id match ( natt prevents ip match )
14/12/16 16:30:55 ii : received = ipv4-host xxx.xxx.xxx.xxx
14/12/16 16:30:55 << : hash payload
14/12/16 16:30:55 << : vendor id payload
14/12/16 16:30:55 ii : peer supports DPDv1
14/12/16 16:30:55 ii : nat-t is unsupported by remote peer
14/12/16 16:30:55 == : DH shared secret ( 128 bytes )
14/12/16 16:30:55 == : SETKEYID ( 20 bytes )
14/12/16 16:30:55 == : SETKEYID_d ( 20 bytes )
14/12/16 16:30:55 == : SETKEYID_a ( 20 bytes )
14/12/16 16:30:55 == : SETKEYID_e ( 20 bytes )
14/12/16 16:30:55 == : cipher key ( 40 bytes )
14/12/16 16:30:55 == : cipher iv ( 8 bytes )
14/12/16 16:30:55 == : phase1 hash_i ( computed ) ( 20 bytes )
14/12/16 16:30:55 >> : hash payload
14/12/16 16:30:55 >= : cookies 4c60378f060b05ee:eb55d98471e61cc4
14/12/16 16:30:55 >= : message 00000000
14/12/16 16:30:55 >= : encrypt iv ( 8 bytes )
14/12/16 16:30:55 == : encrypt packet ( 52 bytes )
14/12/16 16:30:55 == : stored iv ( 8 bytes )
14/12/16 16:30:55 DB : phase1 resend event canceled ( ref count = 1 )
14/12/16 16:30:55 -> : send IKE packet 192.168.1.32:500 -> xxx.xxx.xxx.xxx:500 ( 80 bytes )
14/12/16 16:30:55 == : phase1 hash_r ( computed ) ( 20 bytes )
14/12/16 16:30:55 == : phase1 hash_r ( received ) ( 20 bytes )
14/12/16 16:30:55 ii : phase1 sa established
14/12/16 16:30:55 ii : xxx.xxx.xxx.xxx:500 <-> 192.168.1.32:500
14/12/16 16:30:55 ii : 4c60378f60b05ee:eb55d98471e61cc4
14/12/16 16:30:55 ii : sending peer INITIAL-CONTACT notification
14/12/16 16:30:55 ii : - 192.168.1.32:500 -> xxx.xxx.xxx.xxx:500
14/12/16 16:30:55 ii : - isakmp spi = 4c60378f060b05ee:eb55d98471e61cc4
14/12/16 16:30:55 ii : - data size 0
14/12/16 16:30:55 >> : hash payload
14/12/16 16:30:55 >> : notification payload
14/12/16 16:30:55 == : new informational hash ( 20 bytes )
14/12/16 16:30:55 == : new informational iv ( 8 bytes )
14/12/16 16:30:55 >= : cookies 4c60378f060b05ee:eb55d98471e61cc4
14/12/16 16:30:55 >= : message 98f4addc
14/12/16 16:30:55 >= : encrypt iv ( 8 bytes )
14/12/16 16:30:55 == : encrypt packet ( 80 bytes )
14/12/16 16:30:55 == : stored iv ( 8 bytes )
14/12/16 16:30:55 -> : send IKE packet 192.168.1.32:500 -> xxx.xxx.xxx.xxx:500 ( 112 bytes )
14/12/16 16:30:55 DB : config added ( obj count = 1 )
14/12/16 16:30:55 ii : building config attribute list
14/12/16 16:30:55 ii : config pull is not required
14/12/16 16:30:55 DB : phase2 not found
14/12/16 16:30:55 ii : enabled adapter ROOT\VNET\0000 
14/12/16 16:30:55 ii : apapter ROOT\VNET\0000 MTU is 1380
14/12/16 16:30:55 ii : generating IPSEC security policies at UNIQUE level
14/12/16 16:30:55 ii : creating NONE INBOUND policy ANY:xxx.xxx.xxx.xxx:* -> ANY:192.168.1.32:*
14/12/16 16:30:55 DB : policy added ( obj count = 1 )
14/12/16 16:30:55 K> : send pfkey X_SPDADD UNSPEC message
14/12/16 16:30:55 K< : recv pfkey X_SPDADD UNSPEC message
14/12/16 16:30:55 DB : policy found
14/12/16 16:30:55 ii : creating NONE OUTBOUND policy ANY:192.168.1.32:* -> ANY:xxx.xxx.xxx.xxx:*
14/12/16 16:30:55 ii : created NONE policy route for xxx.xxx.xxx.xxx/32
14/12/16 16:30:55 DB : policy added ( obj count = 2 )
14/12/16 16:30:55 K> : send pfkey X_SPDADD UNSPEC message
14/12/16 16:30:55 K< : recv pfkey X_SPDADD UNSPEC message
14/12/16 16:30:55 DB : policy found
14/12/16 16:30:55 ii : creating NONE INBOUND policy ANY:192.168.1.2:* -> ANY:192.168.2.10:*
14/12/16 16:30:55 DB : policy added ( obj count = 3 )
14/12/16 16:30:55 K> : send pfkey X_SPDADD UNSPEC message
14/12/16 16:30:55 K< : recv pfkey X_SPDADD UNSPEC message
14/12/16 16:30:55 DB : policy found
14/12/16 16:30:55 ii : creating NONE OUTBOUND policy ANY:192.168.2.10:* -> ANY:192.168.1.2:*
14/12/16 16:30:55 DB : policy added ( obj count = 4 )
14/12/16 16:30:55 K> : send pfkey X_SPDADD UNSPEC message
14/12/16 16:30:55 K< : recv pfkey X_SPDADD UNSPEC message
14/12/16 16:30:55 DB : policy found
14/12/16 16:30:55 ii : creating IPSEC INBOUND policy ANY:192.168.1.0/24:* -> ANY:192.168.2.10:*
14/12/16 16:30:55 DB : policy added ( obj count = 5 )
14/12/16 16:30:55 K> : send pfkey X_SPDADD UNSPEC message
14/12/16 16:30:55 K< : recv pfkey X_SPDADD UNSPEC message
14/12/16 16:30:55 DB : policy found
14/12/16 16:30:55 ii : creating IPSEC OUTBOUND policy ANY:192.168.2.10:* -> ANY:192.168.1.0/24:*
14/12/16 16:30:55 ii : created IPSEC policy route for 192.168.1.0/24
14/12/16 16:30:55 DB : policy added ( obj count = 6 )
14/12/16 16:30:55 K> : send pfkey X_SPDADD UNSPEC message
14/12/16 16:30:55 K< : recv pfkey X_SPDADD UNSPEC message
14/12/16 16:30:55 DB : policy found
14/12/16 16:30:55 ii : split DNS is disabled
14/12/16 16:31:03 <A : peer tunnel disable message
14/12/16 16:31:03 DB : policy found
14/12/16 16:31:03 ii : removing IPSEC INBOUND policy ANY:192.168.1.0/24:* -> ANY:192.168.2.10:*
14/12/16 16:31:03 K> : send pfkey X_SPDDELETE2 UNSPEC message
14/12/16 16:31:03 DB : policy found
14/12/16 16:31:03 ii : removing IPSEC OUTBOUND policy ANY:192.168.2.10:* -> ANY:192.168.1.0/24:*
14/12/16 16:31:03 K> : send pfkey X_SPDDELETE2 UNSPEC message
14/12/16 16:31:03 K< : recv pfkey X_SPDDELETE2 UNSPEC message
14/12/16 16:31:03 ii : removed IPSEC policy route for ANY:192.168.1.0/24:*
14/12/16 16:31:03 DB : policy found
14/12/16 16:31:03 ii : removing NONE INBOUND policy ANY:192.168.1.2:* -> ANY:192.168.2.10:*
14/12/16 16:31:03 K> : send pfkey X_SPDDELETE2 UNSPEC message
14/12/16 16:31:03 DB : policy found
14/12/16 16:31:03 ii : removing NONE OUTBOUND policy ANY:192.168.2.10:* -> ANY:192.168.1.2:*
14/12/16 16:31:03 K> : send pfkey X_SPDDELETE2 UNSPEC message
14/12/16 16:31:03 DB : policy found
14/12/16 16:31:03 ii : removing NONE INBOUND policy ANY:xxx.xxx.xxx.xxx:* -> ANY:192.168.1.32:*
14/12/16 16:31:03 K> : send pfkey X_SPDDELETE2 UNSPEC message
14/12/16 16:31:03 DB : policy found
14/12/16 16:31:03 ii : removing NONE OUTBOUND policy ANY:192.168.1.32:* -> ANY:xxx.xxx.xxx.xxx:*
14/12/16 16:31:03 K> : send pfkey X_SPDDELETE2 UNSPEC message
14/12/16 16:31:03 ii : removed NONE policy route for ANY:xxx.xxx.xxx.xxx:*
14/12/16 16:31:03 DB : policy found
14/12/16 16:31:03 DB : policy deleted ( obj count = 5 )
14/12/16 16:31:03 K< : recv pfkey X_SPDDELETE2 UNSPEC message
14/12/16 16:31:03 DB : policy found
14/12/16 16:31:03 DB : policy deleted ( obj count = 4 )
14/12/16 16:31:03 K< : recv pfkey X_SPDDELETE2 UNSPEC message
14/12/16 16:31:03 DB : policy found
14/12/16 16:31:03 DB : policy deleted ( obj count = 3 )
14/12/16 16:31:03 K< : recv pfkey X_SPDDELETE2 UNSPEC message
14/12/16 16:31:03 DB : policy found
14/12/16 16:31:03 DB : policy deleted ( obj count = 2 )
14/12/16 16:31:03 K< : recv pfkey X_SPDDELETE2 UNSPEC message
14/12/16 16:31:03 DB : policy found
14/12/16 16:31:03 DB : policy deleted ( obj count = 1 )
14/12/16 16:31:03 K< : recv pfkey X_SPDDELETE2 UNSPEC message
14/12/16 16:31:03 DB : policy found
14/12/16 16:31:03 DB : policy deleted ( obj count = 0 )
14/12/16 16:31:03 ii : disable adapter ROOT\VNET\0000
14/12/16 16:31:03 DB : tunnel dpd event canceled ( ref count = 4 )
14/12/16 16:31:03 DB : tunnel stats event canceled ( ref count = 3 )
14/12/16 16:31:03 DB : removing tunnel config references
14/12/16 16:31:03 DB : config deleted ( obj count = 0 )
14/12/16 16:31:03 DB : removing tunnel phase2 references
14/12/16 16:31:03 DB : removing tunnel phase1 references
14/12/16 16:31:03 DB : phase1 soft event canceled ( ref count = 3 )
14/12/16 16:31:03 DB : phase1 hard event canceled ( ref count = 2 )
14/12/16 16:31:03 DB : phase1 dead event canceled ( ref count = 1 )
14/12/16 16:31:03 ii : sending peer DELETE message
14/12/16 16:31:03 ii : - 192.168.1.32:500 -> xxx.xxx.xxx.xxx:500
14/12/16 16:31:03 ii : - isakmp spi = 4c60378f060b05ee:eb55d98471e61cc4
14/12/16 16:31:03 ii : - data size 0
14/12/16 16:31:03 >> : hash payload
14/12/16 16:31:03 >> : delete payload
14/12/16 16:31:03 == : new informational hash ( 20 bytes )
14/12/16 16:31:03 == : new informational iv ( 8 bytes )
14/12/16 16:31:03 >= : cookies 4c60378f060b05ee:eb55d98471e61cc4
14/12/16 16:31:03 >= : message 47fa77df
14/12/16 16:31:03 >= : encrypt iv ( 8 bytes )
14/12/16 16:31:03 == : encrypt packet ( 80 bytes )
14/12/16 16:31:03 == : stored iv ( 8 bytes )
14/12/16 16:31:03 -> : send IKE packet 192.168.1.32:500 -> xxx.xxx.xxx.xxx:500 ( 112 bytes )
14/12/16 16:31:03 ii : phase1 removal before expire time
14/12/16 16:31:03 DB : phase1 deleted ( obj count = 0 )
14/12/16 16:31:03 DB : tunnel deleted ( obj count = 0 )
14/12/16 16:31:03 DB : removing all peer tunnel references
14/12/16 16:31:03 DB : peer deleted ( obj count = 0 )
14/12/16 16:31:03 ii : ipc client process thread exit ...
14/12/16 16:31:26 ii : hard halt signal received, shutting down
14/12/16 16:31:26 ii : network process thread exit ...
14/12/16 16:31:26 ii : pfkey process thread exit ...
14/12/16 16:31:26 ii : ipc server process thread exit ...


More information about the vpn-help mailing list