wanaBateki
Programmer
Hi,
This post continues a thead I started on Monday, but I still have a problem. The original thread was titled:
"cannot respond to IPSec request because no connection"
Thanks guys for all your suggestions and advice.
In summary:
1. I can connect to our office VPN router (fvs318) using a dialup internet connection
2. Phase 2 IKE fails when I connect using my dg814 (ADSL)
I have copied and pasted two sections of the server side vpn logs below. One for the successful dialup and the same section of the log for the failed adsl connection. Does this shed any light on the matter?
1. Why/what does "IPsec:New State index:1, sno:5" mean compared to "IPsec:New State index:1, sno:3"?
2. It seems to fail to get the ipsec_spi over adsl?
3. I think I'll get hold of another adsl client device to enable me to eliminate the dg814 from the equation...
I hope you can assist me further on this. Logs follow.
Thanks again everyone.
Jago
Dialup (phase 2 IKE success):
...
IPsec:STATE_MAIN_R3: sent MR3, ISAKMP SA established
IPsec:Receive Packet address:0x1397478 from 62.137.86.xxx
IPsec:New State index:1, sno:5
IKE:[JagoVPN_tmp2] RX << QM_I1 : 62.137.86.xxx
IPsec:in get_ipsec_spi() spi=e4db4a9d
:[ESP_3DES/AUTH_ALGORITHM_HMAC_SHA1/In SPI:e4db4a9d,Out SPI:11fc9f7a]
IPsec:responding to Quick Mode
IPsec: ESP(3DES-CBC SHA-1)
IKE:[JagoVPN_tmp2] TX >> QM_R1 : 62.137.86.xxx
IPsec:inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #5
IPsec:Receive Packet address:0x1397478 from 62.137.86.xxx
IKE:[JagoVPN_tmp2] RX << QM_I2 : 62.137.86.xxx
IPsec: ESP(3DES-CBC SHA-1)
IKE:[JagoVPN_tmp2] established with 62.137.86.xxx successfully
IPsec:inserting event EVENT_SA_EXPIRE, timeout in 28980 seconds for #5
IPsec:STATE_QUICK_R2: IPsec SA established
__________________________________________
ADSL (phase 2 IKE failed)
...
IPsec:STATE_MAIN_R3: sent MR3, ISAKMP SA established
IPsec:Receive Packet address:0x1397478 from 212.84.127.xxx
IPsec:New State index:1, sno:3
IKE:[JagoVPN_tmp1] RX << QM_I1 : 212.84.127.xxx
IPsec:cannot respond to IPsec SA request because no connection is known for 192.168.0.0/255.255.255.0-212.84.114.xxx=====212.84.127.xxx-19
IPsec:Receive Packet address:0x1397478 from 212.84.127.xxx
IPsec:loglog[3] *#hahaha.... next payload type of ISAKMP Hash Payload has an unknown value: 208
IPsec:malformed payload in packet
This post continues a thead I started on Monday, but I still have a problem. The original thread was titled:
"cannot respond to IPSec request because no connection"
Thanks guys for all your suggestions and advice.
In summary:
1. I can connect to our office VPN router (fvs318) using a dialup internet connection
2. Phase 2 IKE fails when I connect using my dg814 (ADSL)
I have copied and pasted two sections of the server side vpn logs below. One for the successful dialup and the same section of the log for the failed adsl connection. Does this shed any light on the matter?
1. Why/what does "IPsec:New State index:1, sno:5" mean compared to "IPsec:New State index:1, sno:3"?
2. It seems to fail to get the ipsec_spi over adsl?
3. I think I'll get hold of another adsl client device to enable me to eliminate the dg814 from the equation...
I hope you can assist me further on this. Logs follow.
Thanks again everyone.
Jago
Dialup (phase 2 IKE success):
...
IPsec:STATE_MAIN_R3: sent MR3, ISAKMP SA established
IPsec:Receive Packet address:0x1397478 from 62.137.86.xxx
IPsec:New State index:1, sno:5
IKE:[JagoVPN_tmp2] RX << QM_I1 : 62.137.86.xxx
IPsec:in get_ipsec_spi() spi=e4db4a9d
:[ESP_3DES/AUTH_ALGORITHM_HMAC_SHA1/In SPI:e4db4a9d,Out SPI:11fc9f7a]
IPsec:responding to Quick Mode
IPsec: ESP(3DES-CBC SHA-1)
IKE:[JagoVPN_tmp2] TX >> QM_R1 : 62.137.86.xxx
IPsec:inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #5
IPsec:Receive Packet address:0x1397478 from 62.137.86.xxx
IKE:[JagoVPN_tmp2] RX << QM_I2 : 62.137.86.xxx
IPsec: ESP(3DES-CBC SHA-1)
IKE:[JagoVPN_tmp2] established with 62.137.86.xxx successfully
IPsec:inserting event EVENT_SA_EXPIRE, timeout in 28980 seconds for #5
IPsec:STATE_QUICK_R2: IPsec SA established
__________________________________________
ADSL (phase 2 IKE failed)
...
IPsec:STATE_MAIN_R3: sent MR3, ISAKMP SA established
IPsec:Receive Packet address:0x1397478 from 212.84.127.xxx
IPsec:New State index:1, sno:3
IKE:[JagoVPN_tmp1] RX << QM_I1 : 212.84.127.xxx
IPsec:cannot respond to IPsec SA request because no connection is known for 192.168.0.0/255.255.255.0-212.84.114.xxx=====212.84.127.xxx-19
IPsec:Receive Packet address:0x1397478 from 212.84.127.xxx
IPsec:loglog[3] *#hahaha.... next payload type of ISAKMP Hash Payload has an unknown value: 208
IPsec:malformed payload in packet