Hi folks I wonder if you can help at all
we have setup a Netgear DG834Gv2 ADSL router to create an IP sec tunnel into the PIX
The ISAKMP and IPSEC tunnel comes up and works beautifully for about 45 to 60 seconds maybe more from time to time, then suddenly the tunnel drops and reconnects and works again for 60 seconds or so.
This is what I see in the Debug
crypto_isakmp_process_block:src:196.209.61.187, dest:196.216.18.2 spt:500 dpt:500
ISAKMP (0): processing NOTIFY payload 36136 protocol 1
spi 0, message ID = 1542308012
ISAMKP (0): received DPD_R_U_THERE from peer 196.209.61.187
ISAKMP (0): sending NOTIFY message 36137 protocol 1
return status is IKMP_NO_ERR_NO_TRANS
crypto_isakmp_process_block:src:196.209.61.187, dest:196.216.x.x spt:500 dpt:500
ISAKMP: error, msg not encrypted
crypto_isakmp_process_block:src:196.209.61.187, dest:196.216.18.2 spt:500 dpt:500
ISAKMP (0): processing NOTIFY payload 36136 protocol 1
spi 0, message ID = 1269308556
ISAMKP (0): received DPD_R_U_THERE from peer 196.209.61.187
ISAKMP (0): sending NOTIFY message 36137 protocol 1
return status is IKMP_NO_ERR_NO_TRANS
crypto_isakmp_process_block:src:196.209.61.187, dest:196.216.x.x spt:500 dpt:500
ISAKMP (0): processing DELETE payload. message ID = 1236352064, spi size = 4
VPN Peer: IPSEC: Peer ip:196.209.61.187/500 Decrementing Ref cnt to:3 Total VPN Peers:1
VPN Peer: IPSEC: Peer ip:196.209.61.187/500 Decrementing Ref cnt to:2 Total VPN Peers:1
return status is IKMP_NO_ERR_NO_TRANS
crypto_isakmp_process_block:src:196.209.61.187, dest:196.216.x.x spt:500 dpt:500
ISAKMP (0): processing DELETE payload. message ID = 2056310341, spi size = 16
ISAKMP (0): deleting SA: src 196.209.61.187, dst 196.216.18.2
return status is IKMP_NO_ERR_NO_TRANS
ISADB: reaper checking SA 0x13f646c, conn_id = 0 DELETE IT!
The Stand issue I see is "ISAKMP: error, msg not encrypted"
Its almost as if and maybe it is....
When the Netgear sends its "DPD_R_U_THERE" Im guessing the Firewall responds with "sending NOTIFY message 36137 protocol 1" but then you see "ISAKMP: error, msg not encrypted" soon afterwards like either the response from the PIX to the Netgear or from the Netgear to the PIX is not encrypted
I see the DPD_R_U_THERE about 5 or 6 times before it drops the tunnel and re-establishes the tunnel
Does anyone have any Ideas?
Thanks
we have setup a Netgear DG834Gv2 ADSL router to create an IP sec tunnel into the PIX
The ISAKMP and IPSEC tunnel comes up and works beautifully for about 45 to 60 seconds maybe more from time to time, then suddenly the tunnel drops and reconnects and works again for 60 seconds or so.
This is what I see in the Debug
crypto_isakmp_process_block:src:196.209.61.187, dest:196.216.18.2 spt:500 dpt:500
ISAKMP (0): processing NOTIFY payload 36136 protocol 1
spi 0, message ID = 1542308012
ISAMKP (0): received DPD_R_U_THERE from peer 196.209.61.187
ISAKMP (0): sending NOTIFY message 36137 protocol 1
return status is IKMP_NO_ERR_NO_TRANS
crypto_isakmp_process_block:src:196.209.61.187, dest:196.216.x.x spt:500 dpt:500
ISAKMP: error, msg not encrypted
crypto_isakmp_process_block:src:196.209.61.187, dest:196.216.18.2 spt:500 dpt:500
ISAKMP (0): processing NOTIFY payload 36136 protocol 1
spi 0, message ID = 1269308556
ISAMKP (0): received DPD_R_U_THERE from peer 196.209.61.187
ISAKMP (0): sending NOTIFY message 36137 protocol 1
return status is IKMP_NO_ERR_NO_TRANS
crypto_isakmp_process_block:src:196.209.61.187, dest:196.216.x.x spt:500 dpt:500
ISAKMP (0): processing DELETE payload. message ID = 1236352064, spi size = 4
VPN Peer: IPSEC: Peer ip:196.209.61.187/500 Decrementing Ref cnt to:3 Total VPN Peers:1
VPN Peer: IPSEC: Peer ip:196.209.61.187/500 Decrementing Ref cnt to:2 Total VPN Peers:1
return status is IKMP_NO_ERR_NO_TRANS
crypto_isakmp_process_block:src:196.209.61.187, dest:196.216.x.x spt:500 dpt:500
ISAKMP (0): processing DELETE payload. message ID = 2056310341, spi size = 16
ISAKMP (0): deleting SA: src 196.209.61.187, dst 196.216.18.2
return status is IKMP_NO_ERR_NO_TRANS
ISADB: reaper checking SA 0x13f646c, conn_id = 0 DELETE IT!
The Stand issue I see is "ISAKMP: error, msg not encrypted"
Its almost as if and maybe it is....
When the Netgear sends its "DPD_R_U_THERE" Im guessing the Firewall responds with "sending NOTIFY message 36137 protocol 1" but then you see "ISAKMP: error, msg not encrypted" soon afterwards like either the response from the PIX to the Netgear or from the Netgear to the PIX is not encrypted
I see the DPD_R_U_THERE about 5 or 6 times before it drops the tunnel and re-establishes the tunnel
Does anyone have any Ideas?
Thanks