Forums before death by AOL, social media and spammers... "We can't have nice things"
| comp.dcom.vpn | VPN protocols, clients, awesomeness | 2,348 messages |
[ << oldest | < older | list | newer > | newest >> ]
| Message 1,359 of 2,348 |
| Patrick Foure to All |
| ike problem building a vpn between cisco |
| 23 Nov 04 19:32:09 |
From: patrick.foure@free.fr Hi , I am trying to connect a cisco 3600 and a solaris machine using ipsec-ike and pre-shared keys . First tests between 2 suns were ok , but when cisco now is trying to establish the connnection , there is an error during ike phase 2 quick mode negociation . I don't know why .... Can anyone have an idea about the possible reason ? Has anyone tried successfully do do this type of tunnel ? Thanks by advance here is an extract of logs : Tue Nov 23 19:01:14 2004: /usr/lib/inet/in.iked: construct_local_id Tue Nov 23 19:01:14 2004: /usr/lib/inet/in.iked: construct_local_id: ipv4(any:0,[0..4]=$SUN_IP) Tue Nov 23 19:01:14 2004: /usr/lib/inet/in.iked: xchg_type=2, 1 xforms. Tue Nov 23 19:01:14 2004: /usr/lib/inet/in.iked: In ssh_policy_isakmp_request_vendor_ids pm_info == ed138. Tue Nov 23 19:01:14 2004: /usr/lib/inet/in.iked: Non-NULL new negotiation! Get back to work! Tue Nov 23 19:01:14 2004: /usr/lib/inet/in.iked: Waiting for IKE results. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: In ssh_policy_isakmp_vendor_id. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: In ssh_policy_isakmp_nonce_data_len. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: In ssh_policy_isakmp_vendor_id. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: In ssh_policy_isakmp_vendor_id. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: In ssh_policy_isakmp_vendor_id. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: In ssh_policy_isakmp_vendor_id. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: In ssh_policy_find_pre_shared_key. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: In ssh_policy_isakmp_vendor_id. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: In Phase 1 notify! Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: alloc_spi: invoked for f0ca0 Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: pfkey_request: queueing seq 43 type 1/GETSPI satype 3/ESP Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: tx_req: posting seq 43 type 1/GETSPI satype 3/ESP Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: pf_key_handler: got pid 24018 seq 43 type 1/GETSPI sa 3/ESP errno 0 diag 0 Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: handle_reply: got seq 43 type 1/GETSPI satype 3/ESP Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: alloc_spi: invoked for f0ca0 Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: alloc_spi: getspi 0th prot, 0th prop, 0th SA Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: In ssh_policy_qm_nonce_data_len. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: In ssh_policy_phase_ii_sa_freed. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: local_ip = $SUN_IP, remote_ip = $CISCO_IP, Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: Quick Mode negotiation failed: Aborted notification. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: local_ip = $SUN_IP, remote_ip = $CISCO_IP, Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: local_i_id = ipv4_subnet(ipip:0,[0..8]=0.0.0.0/0), local_r_id = No Id, Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: remote_i_id = ipv4_subnet(ipip:0,[0..8]=0.0.0.0/0), remote_r_id = No Id, Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: Phase 2 error: Aborted notification. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: In ssh_policy_qm_sa_freed. Tue Nov 23 19:01:15 2004: /usr/lib/inet/in.iked: In ssh_policy_isakmp_sa_freed. Clobbering phase1 instance Tue Nov 23 19:01:37 2004: /usr/lib/inet/in.iked: In delete_ike_server() --- SoupGate-Win32 v1.05 * Origin: you cannot sedate... all the things you hate (1:229/2) |
(c) 1994, bbs@darkrealms.ca