<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.18876">
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2>Hi,</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>You cann't have the same subnets local and
remote:</FONT></DIV>
<DIV>10/04/13 16:16:20 ii : - loc ANY:192.168.0.240:* ->
ANY:192.168.0.0/24:*<BR>10/04/13 16:16:20 ii : - rmt ANY:192.168.0.0/24:* ->
ANY:192.168.0.240:*<BR></DIV>
<DIV><FONT size=2>In such situation you must enable ModeConfig in Netgear or
change your local addresation to be different of 192.168.0.x</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>Regards,</FONT></DIV>
<DIV><FONT size=2> Michal Wegrzyn</FONT></DIV>
<BLOCKQUOTE
style="BORDER-LEFT: #000000 2px solid; PADDING-LEFT: 5px; PADDING-RIGHT: 0px; MARGIN-LEFT: 5px; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="FONT: 10pt arial; BACKGROUND: #e4e4e4; font-color: black"><B>From:</B>
<A title=ggwin@cafesoft.com href="mailto:ggwin@cafesoft.com">Gary Gwin</A>
</DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=vpn-help@lists.shrew.net
href="mailto:vpn-help@lists.shrew.net">vpn-help@lists.shrew.net</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Wednesday, April 14, 2010 1:19
AM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> [vpn-help] DNS Issues</DIV>
<DIV><BR></DIV>Hi,<BR><BR>I'm able to connect and get the "tunnel enabled"
message using Shrew <BR>2.1.5 with:<BR><BR>Windows 7 Home Premium 64
bit<BR>NETGEAR ProSafe VPN Firewall FVS338 firmware: 3.0.5-24<BR><BR>I've
configured using the Netgear router example. However, there's no <BR>network
after connecting. I get this error message in the DNS trace
log:<BR><BR>10/04/13 16:24:50 !! : get_fwd - failed to obtain local
interface<BR>10/04/13 16:24:50 !! : no arp entry for dst :
192.168.0.1<BR><BR>Full trace logs are found below.<BR><BR>Any
thoughts?<BR><BR>Thanks,<BR><BR>Gary<BR><BR>DNS trace log:<BR><BR>10/04/13
16:13:14 ## : DNS Transparent Proxy Daemon, ver 2.1.5<BR>10/04/13 16:13:14 ##
: Copyright 2009 Shrew Soft Inc.<BR>10/04/13 16:13:14 ii : ipc server process
thread begin ...<BR>10/04/13 16:13:14 ii : network process thread begin
...<BR>10/04/13 16:13:14 ii : opened vflt device<BR>10/04/13 16:24:50 !! :
get_fwd - failed to obtain local interface<BR>10/04/13 16:24:50 !! : no arp
entry for dst : 192.168.0.1<BR><BR>IPSec trace log shows this
message:<BR><BR>10/04/13 16:24:54 ii : added sa divert rule for
45.56.209.106->192.168.1.104<BR><BR>IKE Service trace log;<BR><BR>10/04/13
16:13:14 ## : IKE Daemon, ver 2.1.5<BR>10/04/13 16:13:14 ## : Copyright 2009
Shrew Soft Inc.<BR>10/04/13 16:13:14 ## : This product linked OpenSSL 0.9.8h
28 May 2008<BR>10/04/13 16:13:14 ii : opened 'C:\Program Files\ShrewSoft\VPN
<BR>Client\debug\iked.log'<BR>10/04/13 16:13:14 ii : opened 'C:\Program
Files\ShrewSoft\VPN <BR>Client/debug/dump-ike-decrypt.cap'<BR>10/04/13
16:13:14 ii : rebuilding vnet device list ...<BR>10/04/13 16:13:14 ii : device
ROOT\VNET\0000 disabled<BR>10/04/13 16:13:14 ii : device ROOT\VNET\0001
disabled<BR>10/04/13 16:13:14 ii : pfkey process thread begin ...<BR>10/04/13
16:13:14 !! : unable to connect to pfkey interface<BR>10/04/13 16:13:14 ii :
network process thread begin ...<BR>10/04/13 16:13:14 ii : ipc server process
thread begin ...<BR>10/04/13 16:16:11 ii : ipc client process thread begin
...<BR>10/04/13 16:16:11 <A : peer config add message<BR>10/04/13 16:16:11
<A : proposal config message<BR>10/04/13 16:16:11 <A : proposal config
message<BR>10/04/13 16:16:11 <A : client config message<BR>10/04/13
16:16:11 <A : xauth username message<BR>10/04/13 16:16:11 <A : xauth
password message<BR>10/04/13 16:16:11 <A : local id 'client.domain.com'
message<BR>10/04/13 16:16:11 <A : preshared key message<BR>10/04/13
16:16:11 <A : remote resource message<BR>10/04/13 16:16:11 <A : peer
tunnel enable message<BR>10/04/13 16:16:11 ii : local supports
XAUTH<BR>10/04/13 16:16:11 ii : local supports nat-t ( draft v00 )<BR>10/04/13
16:16:11 ii : local supports nat-t ( draft v01 )<BR>10/04/13 16:16:11 ii :
local supports nat-t ( draft v02 )<BR>10/04/13 16:16:11 ii : local supports
nat-t ( draft v03 )<BR>10/04/13 16:16:11 ii : local supports nat-t ( rfc
)<BR>10/04/13 16:16:11 ii : local supports FRAGMENTATION<BR>10/04/13 16:16:11
ii : local is SHREW SOFT compatible<BR>10/04/13 16:16:11 ii : local is
NETSCREEN compatible<BR>10/04/13 16:16:11 ii : local is SIDEWINDER
compatible<BR>10/04/13 16:16:11 ii : local is CISCO UNITY
compatible<BR>10/04/13 16:16:11 >= : cookies
2f08528a54fb6d8c:0000000000000000<BR>10/04/13 16:16:11 >= : message
00000000<BR>10/04/13 16:16:12 ii : processing phase1 packet ( 420 bytes
)<BR>10/04/13 16:16:12 =< : cookies
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:12 =< : message
00000000<BR>10/04/13 16:16:12 ii : matched isakmp proposal #1 transform
#14<BR>10/04/13 16:16:12 ii : - transform = ike<BR>10/04/13
16:16:12 ii : - cipher type = 3des<BR>10/04/13 16:16:12 ii : - key
length = default<BR>10/04/13 16:16:12 ii : - hash
type = sha1<BR>10/04/13 16:16:12 ii : - dh
group = modp-1024<BR>10/04/13 16:16:12 ii : - auth
type = xauth-initiator-psk<BR>10/04/13 16:16:12 ii : - life
seconds = 86400<BR>10/04/13 16:16:12 ii : - life kbytes = 0<BR>10/04/13
16:16:12 ii : phase1 id match ( natt prevents ip match )<BR>10/04/13 16:16:12
ii : received = ipv4-host 45.56.209.106<BR>10/04/13 16:16:12 ii : peer is
CISCO UNITY compatible<BR>10/04/13 16:16:12 ii : peer is IPSEC-TOOLS
compatible<BR>10/04/13 16:16:12 ii : peer supports nat-t ( draft v02
)<BR>10/04/13 16:16:12 ii : nat discovery - local address is
translated<BR>10/04/13 16:16:12 ii : switching to src nat-t udp port
4500<BR>10/04/13 16:16:12 ii : switching to dst nat-t udp port
4500<BR>10/04/13 16:16:12 >= : cookies
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:12 >= : message
00000000<BR>10/04/13 16:16:12 ii : phase1 sa established<BR>10/04/13 16:16:12
ii : 45.56.209.106:4500 <-> 192.168.1.104:4500<BR>10/04/13 16:16:12 ii :
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:12 ii : sending peer
INITIAL-CONTACT notification<BR>10/04/13 16:16:12 ii : - 192.168.1.104:4500
-> 45.56.209.106:4500<BR>10/04/13 16:16:12 ii : - isakmp spi =
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:12 ii : - data size
0<BR>10/04/13 16:16:12 >= : cookies
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:12 >= : message
a13bd21c<BR>10/04/13 16:16:13 ii : processing config packet ( 76 bytes
)<BR>10/04/13 16:16:13 =< : cookies
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:13 =< : message
b00fd17c<BR>10/04/13 16:16:13 ii : - xauth authentication type<BR>10/04/13
16:16:13 ii : - xauth username<BR>10/04/13 16:16:13 ii : - xauth
password<BR>10/04/13 16:16:13 ii : received basic xauth request -<BR>10/04/13
16:16:13 ii : - standard xauth username<BR>10/04/13 16:16:13 ii : - standard
xauth password<BR>10/04/13 16:16:13 ii : sending xauth response for
gary<BR>10/04/13 16:16:13 >= : cookies
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:13 >= : message
b00fd17c<BR>10/04/13 16:16:13 ii : processing config packet ( 68 bytes
)<BR>10/04/13 16:16:13 =< : cookies
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:13 =< : message
da7182bd<BR>10/04/13 16:16:13 ii : received xauth result -<BR>10/04/13
16:16:13 ii : user gary authentication succeeded<BR>10/04/13 16:16:13 ii :
sending xauth acknowledge<BR>10/04/13 16:16:13 >= : cookies
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:13 >= : message
da7182bd<BR>10/04/13 16:16:13 ii : building config attribute list<BR>10/04/13
16:16:13 ii : sending config pull request<BR>10/04/13 16:16:13 >= : cookies
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:13 >= : message
21ed5828<BR>10/04/13 16:16:13 ii : processing config packet ( 84 bytes
)<BR>10/04/13 16:16:13 =< : cookies
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:13 =< : message
21ed5828<BR>10/04/13 16:16:13 ii : received config pull response<BR>10/04/13
16:16:13 !! : invalid private netmask, defaulting to class c<BR>10/04/13
16:16:13 ii : waiting for vnet to arrive ...<BR>10/04/13 16:16:14 !! : VNET
adapter MTU defaulted to 1500.<BR>10/04/13 16:16:14 ii : creating IPSEC
INBOUND policy <BR>ANY:192.168.0.0/24:* -> ANY:192.168.0.240:*<BR>10/04/13
16:16:14 ii : creating IPSEC OUTBOUND policy <BR>ANY:192.168.0.240:* ->
ANY:192.168.0.0/24:*<BR>10/04/13 16:16:19 !! : failed to create IPSEC policy
route for <BR>192.168.0.0/24<BR>10/04/13 16:16:19 ii : split DNS bypassed ( no
split domains defined )<BR>10/04/13 16:16:19 >= : cookies
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:19 >= : message
cc444724<BR>10/04/13 16:16:20 ii : processing phase2 packet ( 156 bytes
)<BR>10/04/13 16:16:20 =< : cookies
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:20 =< : message
cc444724<BR>10/04/13 16:16:20 ii : matched ipsec-esp proposal #1 transform
#2<BR>10/04/13 16:16:20 ii : - transform =
esp-3des<BR>10/04/13 16:16:20 ii : - key length =
default<BR>10/04/13 16:16:20 ii : - encap mode = udp-tunnel (
draft )<BR>10/04/13 16:16:20 ii : - msg auth =
hmac-sha<BR>10/04/13 16:16:20 ii : - pfs dh group = none<BR>10/04/13 16:16:20
ii : - life seconds = 3600<BR>10/04/13 16:16:20 ii : - life kbytes =
0<BR>10/04/13 16:16:20 ii : phase2 ids accepted<BR>10/04/13 16:16:20 ii : -
loc ANY:192.168.0.240:* -> ANY:192.168.0.0/24:*<BR>10/04/13 16:16:20 ii : -
rmt ANY:192.168.0.0/24:* -> ANY:192.168.0.240:*<BR>10/04/13 16:16:20 ii :
phase2 sa established<BR>10/04/13 16:16:20 ii : 192.168.1.104:4500 <->
45.56.209.106:4500<BR>10/04/13 16:16:20 >= : cookies
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:16:20 >= : message
cc444724<BR>10/04/13 16:17:03 <A : peer tunnel disable message<BR>10/04/13
16:17:03 ii : removing IPSEC INBOUND policy <BR>ANY:192.168.0.0/24:* ->
ANY:192.168.0.240:*<BR>10/04/13 16:17:03 ii : removing IPSEC OUTBOUND policy
<BR>ANY:192.168.0.240:* -> ANY:192.168.0.0/24:*<BR>10/04/13 16:17:04 DB :
removing tunnel config references<BR>10/04/13 16:17:04 DB : removing tunnel
phase2 references<BR>10/04/13 16:17:04 ii : sending peer DELETE
message<BR>10/04/13 16:17:04 ii : - 192.168.1.104:4500 ->
45.56.209.106:4500<BR>10/04/13 16:17:04 ii : - ipsec-esp spi =
0x85091999<BR>10/04/13 16:17:04 ii : - data size 0<BR>10/04/13 16:17:04 >=
: cookies 2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:17:04 >= :
message 024c0707<BR>10/04/13 16:17:04 ii : phase2 removal before expire
time<BR>10/04/13 16:17:04 DB : removing tunnel phase1 references<BR>10/04/13
16:17:04 ii : sending peer DELETE message<BR>10/04/13 16:17:04 ii : -
192.168.1.104:4500 -> 45.56.209.106:4500<BR>10/04/13 16:17:04 ii : - isakmp
spi = 2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:17:04 ii : - data size
0<BR>10/04/13 16:17:04 >= : cookies
2f08528a54fb6d8c:a1763b865f848422<BR>10/04/13 16:17:04 >= : message
02e71f4e<BR>10/04/13 16:17:04 ii : phase1 removal before expire
time<BR>10/04/13 16:17:04 DB : removing all peer tunnel refrences<BR>10/04/13
16:17:04 ii : ipc client process thread exit ...<BR>10/04/13 16:24:47 ii : ipc
client process thread begin ...<BR>10/04/13 16:24:47 <A : peer config add
message<BR>10/04/13 16:24:48 <A : proposal config message<BR>10/04/13
16:24:48 <A : proposal config message<BR>10/04/13 16:24:48 <A : client
config message<BR>10/04/13 16:24:48 <A : xauth username message<BR>10/04/13
16:24:48 <A : xauth password message<BR>10/04/13 16:24:48 <A : local id
'client.domain.com' message<BR>10/04/13 16:24:48 <A : preshared key
message<BR>10/04/13 16:24:48 <A : remote resource message<BR>10/04/13
16:24:48 <A : peer tunnel enable message<BR>10/04/13 16:24:48 ii : local
supports XAUTH<BR>10/04/13 16:24:48 ii : local supports nat-t ( draft v00
)<BR>10/04/13 16:24:48 ii : local supports nat-t ( draft v01 )<BR>10/04/13
16:24:48 ii : local supports nat-t ( draft v02 )<BR>10/04/13 16:24:48 ii :
local supports nat-t ( draft v03 )<BR>10/04/13 16:24:48 ii : local supports
nat-t ( rfc )<BR>10/04/13 16:24:48 ii : local supports
FRAGMENTATION<BR>10/04/13 16:24:48 ii : local is SHREW SOFT
compatible<BR>10/04/13 16:24:48 ii : local is NETSCREEN compatible<BR>10/04/13
16:24:48 ii : local is SIDEWINDER compatible<BR>10/04/13 16:24:48 ii : local
is CISCO UNITY compatible<BR>10/04/13 16:24:48 >= : cookies
bf9da4033774838a:0000000000000000<BR>10/04/13 16:24:48 >= : message
00000000<BR>10/04/13 16:24:49 ii : processing phase1 packet ( 420 bytes
)<BR>10/04/13 16:24:49 =< : cookies
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:49 =< : message
00000000<BR>10/04/13 16:24:49 ii : matched isakmp proposal #1 transform
#14<BR>10/04/13 16:24:49 ii : - transform = ike<BR>10/04/13
16:24:49 ii : - cipher type = 3des<BR>10/04/13 16:24:49 ii : - key
length = default<BR>10/04/13 16:24:49 ii : - hash
type = sha1<BR>10/04/13 16:24:49 ii : - dh
group = modp-1024<BR>10/04/13 16:24:49 ii : - auth
type = xauth-initiator-psk<BR>10/04/13 16:24:49 ii : - life
seconds = 86400<BR>10/04/13 16:24:49 ii : - life kbytes = 0<BR>10/04/13
16:24:49 ii : phase1 id match ( natt prevents ip match )<BR>10/04/13 16:24:49
ii : received = ipv4-host 45.56.209.106<BR>10/04/13 16:24:49 ii : peer is
CISCO UNITY compatible<BR>10/04/13 16:24:49 ii : peer is IPSEC-TOOLS
compatible<BR>10/04/13 16:24:49 ii : peer supports nat-t ( draft v02
)<BR>10/04/13 16:24:49 ii : nat discovery - local address is
translated<BR>10/04/13 16:24:49 ii : switching to src nat-t udp port
4500<BR>10/04/13 16:24:49 ii : switching to dst nat-t udp port
4500<BR>10/04/13 16:24:49 >= : cookies
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:49 >= : message
00000000<BR>10/04/13 16:24:49 ii : phase1 sa established<BR>10/04/13 16:24:49
ii : 45.56.209.106:4500 <-> 192.168.1.104:4500<BR>10/04/13 16:24:49 ii :
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:49 ii : sending peer
INITIAL-CONTACT notification<BR>10/04/13 16:24:49 ii : - 192.168.1.104:4500
-> 45.56.209.106:4500<BR>10/04/13 16:24:49 ii : - isakmp spi =
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:49 ii : - data size
0<BR>10/04/13 16:24:49 >= : cookies
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:49 >= : message
ee492227<BR>10/04/13 16:24:50 ii : processing config packet ( 76 bytes
)<BR>10/04/13 16:24:50 =< : cookies
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:50 =< : message
c0d069ef<BR>10/04/13 16:24:50 ii : - xauth authentication type<BR>10/04/13
16:24:50 ii : - xauth username<BR>10/04/13 16:24:50 ii : - xauth
password<BR>10/04/13 16:24:50 ii : received basic xauth request -<BR>10/04/13
16:24:50 ii : - standard xauth username<BR>10/04/13 16:24:50 ii : - standard
xauth password<BR>10/04/13 16:24:50 ii : sending xauth response for
gary<BR>10/04/13 16:24:50 >= : cookies
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:50 >= : message
c0d069ef<BR>10/04/13 16:24:50 ii : processing config packet ( 68 bytes
)<BR>10/04/13 16:24:50 =< : cookies
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:50 =< : message
c861446b<BR>10/04/13 16:24:50 ii : received xauth result -<BR>10/04/13
16:24:50 ii : user gary authentication succeeded<BR>10/04/13 16:24:50 ii :
sending xauth acknowledge<BR>10/04/13 16:24:50 >= : cookies
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:50 >= : message
c861446b<BR>10/04/13 16:24:50 ii : building config attribute list<BR>10/04/13
16:24:50 ii : sending config pull request<BR>10/04/13 16:24:50 >= : cookies
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:50 >= : message
ed0485eb<BR>10/04/13 16:24:50 ii : processing config packet ( 84 bytes
)<BR>10/04/13 16:24:50 =< : cookies
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:50 =< : message
ed0485eb<BR>10/04/13 16:24:50 ii : received config pull response<BR>10/04/13
16:24:50 !! : invalid private netmask, defaulting to class c<BR>10/04/13
16:24:50 ii : creating IPSEC INBOUND policy <BR>ANY:192.168.0.0/24:* ->
ANY:192.168.0.240:*<BR>10/04/13 16:24:50 ii : creating IPSEC OUTBOUND policy
<BR>ANY:192.168.0.240:* -> ANY:192.168.0.0/24:*<BR>10/04/13 16:24:50 ii :
created IPSEC policy route for 192.168.0.0/24<BR>10/04/13 16:24:50 ii : split
DNS bypassed ( no split domains defined )<BR>10/04/13 16:24:50 >= : cookies
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:50 >= : message
5ae02808<BR>10/04/13 16:24:54 >= : cookies
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:54 >= : message
0eb44466<BR>10/04/13 16:24:54 ii : processing phase2 packet ( 292 bytes
)<BR>10/04/13 16:24:54 =< : cookies
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:54 =< : message
0eb44466<BR>10/04/13 16:24:54 ii : matched ipsec-esp proposal #1 transform
#1<BR>10/04/13 16:24:54 ii : - transform =
esp-3des<BR>10/04/13 16:24:54 ii : - key length =
default<BR>10/04/13 16:24:54 ii : - encap mode = udp-tunnel (
draft )<BR>10/04/13 16:24:54 ii : - msg auth =
hmac-sha<BR>10/04/13 16:24:54 ii : - pfs dh group = modp-1024<BR>10/04/13
16:24:54 ii : - life seconds = 3600<BR>10/04/13 16:24:54 ii : - life
kbytes = 0<BR>10/04/13 16:24:54 ii : phase2 ids accepted<BR>10/04/13
16:24:54 ii : - loc ANY:192.168.0.240:* -> ANY:192.168.0.0/24:*<BR>10/04/13
16:24:54 ii : - rmt ANY:192.168.0.0/24:* -> ANY:192.168.0.240:*<BR>10/04/13
16:24:54 ii : phase2 sa established<BR>10/04/13 16:24:54 ii :
192.168.1.104:4500 <-> 66.66.666.106:4500<BR>10/04/13 16:24:54 >= :
cookies bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:54 >= : message
0eb44466<BR>10/04/13 16:24:55 -> : resend 1 phase2 packet(s)
192.168.1.104:4500 -> <BR>66.66.666.106:4500<BR>10/04/13 16:24:56 ii :
processing phase2 packet ( 292 bytes )<BR>10/04/13 16:24:56 =< : cookies
bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:56 =< : message
5ae02808<BR>10/04/13 16:24:56 ii : matched ipsec-esp proposal #1 transform
#1<BR>10/04/13 16:24:56 ii : - transform =
esp-3des<BR>10/04/13 16:24:56 ii : - key length =
default<BR>10/04/13 16:24:56 ii : - encap mode = udp-tunnel (
draft )<BR>10/04/13 16:24:56 ii : - msg auth =
hmac-sha<BR>10/04/13 16:24:56 ii : - pfs dh group = modp-1024<BR>10/04/13
16:24:56 ii : - life seconds = 3600<BR>10/04/13 16:24:56 ii : - life
kbytes = 0<BR>10/04/13 16:24:56 ii : phase2 ids accepted<BR>10/04/13
16:24:56 ii : - loc ANY:192.168.0.240:* -> ANY:192.168.0.0/24:*<BR>10/04/13
16:24:56 ii : - rmt ANY:192.168.0.0/24:* -> ANY:192.168.0.240:*<BR>10/04/13
16:24:56 ii : phase2 sa established<BR>10/04/13 16:24:56 ii :
192.168.1.104:4500 <-> 66.66.666.106:4500<BR>10/04/13 16:24:56 >= :
cookies bf9da4033774838a:c17776b6f69438e9<BR>10/04/13 16:24:56 >= : message
5ae02808<BR><BR><BR>_______________________________________________<BR>vpn-help
mailing list<BR><A
href="mailto:vpn-help@lists.shrew.net">vpn-help@lists.shrew.net</A><BR><A
href="http://lists.shrew.net/mailman/listinfo/vpn-help">http://lists.shrew.net/mailman/listinfo/vpn-help</A></BLOCKQUOTE></BODY></HTML>