RAS-VPN zwischen LANCOM <--> CISCO VPN Client

ecox · Beitrag von **ecox** » 17 Mär 2017, 15:08

Hallo zusammen,

der Support konnte mir auf die schnelle nicht helfen, jedoch eilt es sehr. Hat jemand schonmal mit dem Cisco VPN Client v5 eine Verbindung zum LANCOM hinbekommen, ich habe dazu im 1. Step die Anleitung genommen "VPN LANCOM <-> MacOSC", da ja MacOSX ansich auch nur den CiscoVPNClient nutzt, aber egal was ich einstelle und wie ich es drehe, es läuft immer auf einen Fehler hinaus

Ich denke ja, wie es schon gemeldet wird, das was mit dem Payload nicht stimmt, oder mit den Initator und Responder Cookies, das da einfach keine oder falsche vom VPN Client zurück kommen :/ wär cool wenn hier eine ne Anleituntg hat oder mir die korrekten Einstellungen nennen kann, vielen DANK!!

Code: Alles auswählen

[VPN-IKE] 2017/03/17 14:55:16,767
[<UNKNOWN>] Received packet:
IKE 1.0 Header:
Source/Port         : xxx.xxx.xxx.xxx:53449
Destination/Port    : xxx.xxx.xxx.xxx:500
VLAN-ID             : 0
HW switch port      : 0
Routing-tag         : 0
Com-channel         : 1
Loopback            : NO
| Initiator cookie  : 88 98 E6 E1 13 04 18 94
| Responder cookie  : 00 00 00 00 00 00 00 00
| Next Payload      : SA
| Version           : 1.0
| Exchange type     : AGGRESSIVE
| Flags             : 0x00   
| Msg-ID            : 0
| Length            : 853 Bytes
SA Payload
| Next Payload      : KEY_EXCH
| Reserved          : 0x00
| Length            : 556 Bytes
| DOI               : 1
| Situation         : 1
| PROPOSAL Payload
| | Next Payload    : NONE
| | Reserved        : 0x00
| | Length          : 544 Bytes
| | Proposal number : 1
| | Protocol ID     : IPSEC_IKE
| | SPI size        : 0
| | #Transforms     : 14
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 1
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 2
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 256
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 2
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 256
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 3
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 2
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 256
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 4
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 256
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 5
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 2
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 128
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 6
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 128
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 7
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 2
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 128
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 8
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 128
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 36 Bytes
| | | Transform#    : 9
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 5
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 2
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 36 Bytes
| | | Transform#    : 10
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 5
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 36 Bytes
| | | Transform#    : 11
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 5
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 2
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 36 Bytes
| | | Transform#    : 12
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 5
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 36 Bytes
| | | Transform#    : 13
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 1
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | TRANSFORM Payload
| | | Next Payload  : NONE
| | | Reserved      : 0x00
| | | Length        : 36 Bytes
| | | Transform#    : 14
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 1
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
KEY_EXCH Payload
| Next Payload      : NONCE
| Reserved          : 0x00
| Length            : 132 Bytes
| DH-Key(1024 bits) : B6 24 B8 D0 56 AE 0C A9 07 68 07 86 CC 66 35 05
|                     3E 10 A4 AB E7 45 9D C1 55 C8 4D F7 43 B9 C7 3D
|                     BD ED 81 37 48 52 5F 1B D1 4F DE 57 97 91 4C DC
|                     3C 6B 8B 3F C3 B7 D4 C5 EC 3B E7 B2 1F D1 58 12
|                     96 97 FF 71 E3 54 CB B6 1D BB DB 81 A4 FC 2C 56
|                     79 75 0A D3 E2 FF B8 7C B4 C9 F3 66 30 D2 28 84
|                     22 44 1B 1D 15 42 51 5C 08 F2 AE B7 48 37 16 34
|                     91 57 E4 B1 37 08 E0 14 36 A4 AC 6D 6E B9 29 56
NONCE Payload
| Next Payload      : ID
| Reserved          : 0x00
| Length            : 24 Bytes
| Nonce(160 bits)   : 3B 1E CE 87 AB 83 99 90 EA 03 B7 98 47 B5 47 7C
|                     47 FE 2E C4
ID Payload
| Next Payload      : VENDOR
| Reserved          : 0x00
| Length            : 17 Bytes
| ID type           : KEY_ID
| Protocol ID       : 17
| Port              : 500
| ID                : 63 69 73 63 6F 5F 76 70 6E
VENDOR Payload
| Next Payload      : VENDOR
| Reserved          : 0x00
| Length            : 12 Bytes
| Vendor ID         : 09 00 26 89 DF D6 B7 12
VENDOR Payload
| Next Payload      : VENDOR
| Reserved          : 0x00
| Length            : 20 Bytes
| Vendor ID         : AF CA D7 13 68 A1 F1 C9 6B 86 96 FC 77 57 01 00
<Unknown 43> Payload
| Next Payload      : VENDOR
| CRITICAL          : NO
| Reserved          : 0x00
| Length            : 24 Bytes
| Vendor ID         : 40 48 B7 D5 6E BC E8 85 25 E7 DE 7F 00 D6 C2 D3
|                     80 00 00 00
VENDOR Payload
| Next Payload      : VENDOR
| Reserved          : 0x00
| Length            : 20 Bytes
| Vendor ID         : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F
VENDOR Payload
| Next Payload      : NONE
| Reserved          : 0x00
| Length            : 20 Bytes
| Vendor ID         : 12 F5 F2 8C 45 71 68 A9 70 2D 9F E2 74 CC 01 00

[VPN-IKE] 2017/03/17 14:55:16,775
[<UNKNOWN>] Sending packet:
IKE 1.0 Header:
Source/Port         : xxx.xxx.xxx.xxx:500
Destination/Port    : xxx.xxx.xxx.xxx:53449
VLAN-ID             : 0
HW switch port      : 0
Routing-tag         : 0
Com-channel         : 1
Loopback            : NO
| Initiator cookie  : 66 B2 52 E5 24 F0 13 75
| Responder cookie  : 00 00 00 00 00 00 00 00
| Next Payload      : NOTIFY
| Version           : 1.0
| Exchange type     : INFO
| Flags             : 0x00   
| Msg-ID            : 0
| Length            : 40 Bytes
NOTIFY Payload
| Next Payload      : NONE
| Reserved          : 0x00
| Length            : 12 Bytes
| DOI               : <Unknown 0>
| Protocol ID       : IPSEC_IKE
| SPI size          : 0
| Message type      : UNEQUAL_PAYLOAD_LENGTHS

[VPN-Debug] 2017/03/17 14:55:16,776
Peer <UNKNOWN>: Sending MSG-ID 0x00000000 cookies 0x66B252E524F013750000000000000000 on:
hTxChan 0, RtgTag 0, next-hop-address 0.0.0.0, VLAN-Type 0, VLAN-Network 0

Code: Alles auswählen

[VPN-Status] 2017/03/17 14:57:38,551
IKE log: 145738.551172 Default message_recv: bad message length[869]

[VPN-Status] 2017/03/17 14:57:38,551
IKE log: 145738.551241 Default dropped message from 11.22.33.44 port 50104 due to notification type UNEQUAL_PAYLOAD_LENGTHS

Und noch der Debug und IKE Trace

Code: Alles auswählen

[VPN-IKE] 2017/03/17 14:55:16,767
[<UNKNOWN>] Received packet:
IKE 1.0 Header:
Source/Port         : xxx.xxx.xxx.xxx:53449
Destination/Port    : xxx.xxx.xxx.xxx:500
VLAN-ID             : 0
HW switch port      : 0
Routing-tag         : 0
Com-channel         : 1
Loopback            : NO
| Initiator cookie  : 88 98 E6 E1 13 04 18 94
| Responder cookie  : 00 00 00 00 00 00 00 00
| Next Payload      : SA
| Version           : 1.0
| Exchange type     : AGGRESSIVE
| Flags             : 0x00   
| Msg-ID            : 0
| Length            : 853 Bytes
SA Payload
| Next Payload      : KEY_EXCH
| Reserved          : 0x00
| Length            : 556 Bytes
| DOI               : 1
| Situation         : 1
| PROPOSAL Payload
| | Next Payload    : NONE
| | Reserved        : 0x00
| | Length          : 544 Bytes
| | Proposal number : 1
| | Protocol ID     : IPSEC_IKE
| | SPI size        : 0
| | #Transforms     : 14
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 1
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 2
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 256
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 2
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 256
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 3
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 2
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 256
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 4
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 256
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 5
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 2
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 128
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 6
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 128
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 7
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 2
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 128
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 40 Bytes
| | | Transform#    : 8
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 7
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | | Attribute 6
| | | | Type        : Basic, KEY_LENGTH
| | | | Value       : 128
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 36 Bytes
| | | Transform#    : 9
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 5
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 2
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 36 Bytes
| | | Transform#    : 10
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 5
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 36 Bytes
| | | Transform#    : 11
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 5
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 2
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 36 Bytes
| | | Transform#    : 12
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 5
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | TRANSFORM Payload
| | | Next Payload  : TRANSFORM
| | | Reserved      : 0x00
| | | Length        : 36 Bytes
| | | Transform#    : 13
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 1
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 65001
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
| | TRANSFORM Payload
| | | Next Payload  : NONE
| | | Reserved      : 0x00
| | | Length        : 36 Bytes
| | | Transform#    : 14
| | | Transform ID  : KEY_IKE
| | | Reserved2     : 0x0000
| | | Attribute 0
| | | | Type        : Basic, ENCRYPTION_ALGORITHM
| | | | Value       : 1
| | | Attribute 1
| | | | Type        : Basic, HASH_ALGORITHM
| | | | Value       : 1
| | | Attribute 2
| | | | Type        : Basic, GROUP_DESCRIPTION
| | | | Value       : 2
| | | Attribute 3
| | | | Type        : Basic, AUTHENTICATION_METHOD
| | | | Value       : 1
| | | Attribute 4
| | | | Type        : Basic, LIFE_TYPE
| | | | Value       : 1
| | | Attribute 5
| | | | Type        : Variable, LIFE_DURATION
| | | | Length      : 4
| | | | Value       : 00 20 C4 9B
KEY_EXCH Payload
| Next Payload      : NONCE
| Reserved          : 0x00
| Length            : 132 Bytes
| DH-Key(1024 bits) : B6 24 B8 D0 56 AE 0C A9 07 68 07 86 CC 66 35 05
|                     3E 10 A4 AB E7 45 9D C1 55 C8 4D F7 43 B9 C7 3D
|                     BD ED 81 37 48 52 5F 1B D1 4F DE 57 97 91 4C DC
|                     3C 6B 8B 3F C3 B7 D4 C5 EC 3B E7 B2 1F D1 58 12
|                     96 97 FF 71 E3 54 CB B6 1D BB DB 81 A4 FC 2C 56
|                     79 75 0A D3 E2 FF B8 7C B4 C9 F3 66 30 D2 28 84
|                     22 44 1B 1D 15 42 51 5C 08 F2 AE B7 48 37 16 34
|                     91 57 E4 B1 37 08 E0 14 36 A4 AC 6D 6E B9 29 56
NONCE Payload
| Next Payload      : ID
| Reserved          : 0x00
| Length            : 24 Bytes
| Nonce(160 bits)   : 3B 1E CE 87 AB 83 99 90 EA 03 B7 98 47 B5 47 7C
|                     47 FE 2E C4
ID Payload
| Next Payload      : VENDOR
| Reserved          : 0x00
| Length            : 17 Bytes
| ID type           : KEY_ID
| Protocol ID       : 17
| Port              : 500
| ID                : 63 69 73 63 6F 5F 76 70 6E
VENDOR Payload
| Next Payload      : VENDOR
| Reserved          : 0x00
| Length            : 12 Bytes
| Vendor ID         : 09 00 26 89 DF D6 B7 12
VENDOR Payload
| Next Payload      : VENDOR
| Reserved          : 0x00
| Length            : 20 Bytes
| Vendor ID         : AF CA D7 13 68 A1 F1 C9 6B 86 96 FC 77 57 01 00
<Unknown 43> Payload
| Next Payload      : VENDOR
| CRITICAL          : NO
| Reserved          : 0x00
| Length            : 24 Bytes
| Vendor ID         : 40 48 B7 D5 6E BC E8 85 25 E7 DE 7F 00 D6 C2 D3
|                     80 00 00 00
VENDOR Payload
| Next Payload      : VENDOR
| Reserved          : 0x00
| Length            : 20 Bytes
| Vendor ID         : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F
VENDOR Payload
| Next Payload      : NONE
| Reserved          : 0x00
| Length            : 20 Bytes
| Vendor ID         : 12 F5 F2 8C 45 71 68 A9 70 2D 9F E2 74 CC 01 00

[VPN-IKE] 2017/03/17 14:55:16,775
[<UNKNOWN>] Sending packet:
IKE 1.0 Header:
Source/Port         : xxx.xxx.xxx.xxx:500
Destination/Port    : xxx.xxx.xxx.xxx:53449
VLAN-ID             : 0
HW switch port      : 0
Routing-tag         : 0
Com-channel         : 1
Loopback            : NO
| Initiator cookie  : 66 B2 52 E5 24 F0 13 75
| Responder cookie  : 00 00 00 00 00 00 00 00
| Next Payload      : NOTIFY
| Version           : 1.0
| Exchange type     : INFO
| Flags             : 0x00   
| Msg-ID            : 0
| Length            : 40 Bytes
NOTIFY Payload
| Next Payload      : NONE
| Reserved          : 0x00
| Length            : 12 Bytes
| DOI               : <Unknown 0>
| Protocol ID       : IPSEC_IKE
| SPI size          : 0
| Message type      : UNEQUAL_PAYLOAD_LENGTHS

[VPN-Debug] 2017/03/17 14:55:16,776
Peer <UNKNOWN>: Sending MSG-ID 0x00000000 cookies 0x66B252E524F013750000000000000000 on:
hTxChan 0, RtgTag 0, next-hop-address 0.0.0.0, VLAN-Type 0, VLAN-Network 0

MariusP · Beitrag von **MariusP** » 17 Mär 2017, 15:28

Hi,

Code: Alles auswählen

[VPN-Status] 2017/03/17 14:57:38,551
IKE log: 145738.551172 Default message_recv: bad message length[869]

Der Fehler kommt, wenn der Length : 853 Bytes nicht der Größe des "wirklichen" Buffers entspricht.

Es ist quasi einer der Checks die am Anfang einer erhaltenen Message überprüft werden.

Vorschlag: schau dir das Packet im Wireshark an, vielleicht findest du dort am besten warum das Packet die falsche Länge hat oder die falsche Länge eingetragen wurde.
Gruß

LANCOM-Forum.de

RAS-VPN zwischen LANCOM <--> CISCO VPN Client

RAS-VPN zwischen LANCOM <--> CISCO VPN Client

Re: RAS-VPN zwischen LANCOM <--> CISCO VPN Client