Hallo,
ich suche eine anleitung für eine vpn-verbindung zwischen einem
lancom 1781a und einem
server mit ubuntu und openvpn.
Ziel ist es das internet netz das der lancom "hütet" mit dem server zu einem "Intranet" zu verbinden - eigentlich ja klar!
Der Server hat natürlich eine öffentliche IP und eine interne IP - wobei es da schon los geht weil ich nicht genau weiß ob diese interne IP für die vpn-verbindung überhaupt relevant ist oder ob man da z.B. auf irgendeine weise eine eigenes netzsegment definieren kann.
Hilfe erwünscht.
Danke
lancom 1781a vpn mit openvpn server
Moderator: Lancom-Systems Moderatoren
lancom 1781a vpn mit openvpn server
Gruß
Karl-Heinz
Karl-Heinz
Re: lancom 1781a vpn mit openvpn server
Hallo,
das wird schon daran scheitern, dass Lancom kein OPENVPN unterstützt/kann.
Grüße
Cpuprofi
das wird schon daran scheitern, dass Lancom kein OPENVPN unterstützt/kann.
Grüße
Cpuprofi
Re: lancom 1781a vpn mit openvpn server
Hi,
für ubuntu kannst du Strongswan verwenden.
http://www.lancom-forum.de/fragen-zum-t ... t7375.html
dazu haben ich ein paar Informationen in einem früheren Thread hinterlassen.
Gruß
für ubuntu kannst du Strongswan verwenden.
http://www.lancom-forum.de/fragen-zum-t ... t7375.html
dazu haben ich ein paar Informationen in einem früheren Thread hinterlassen.
Gruß
Erst wenn der letzte Baum gerodet, der letzte Fluss vergiftet, der letzte Fisch gefangen ist, werdet Ihr merken, dass man Geld nicht essen kann.
Ein Optimist, mit entäuschten Idealen, hat ein besseres Leben als ein Pessimist der sich bestätigt fühlt.
Ein Optimist, mit entäuschten Idealen, hat ein besseres Leben als ein Pessimist der sich bestätigt fühlt.
Re: lancom 1781a vpn mit openvpn server
Hi,
gut - bin auf strongswan gewechselt.
Ich bekomme immer die fehlermeldung im log:
meine ipsec.conf:
gut - bin auf strongswan gewechselt.
Ich bekomme immer die fehlermeldung im log:
Code: Alles auswählen
charon: 09[NET] error writing to socket: Invalid argumentCode: Alles auswählen
config setup
# strictcrlpolicy=yes
# uniqueids = no
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
mobike=no
charondebug="ike 1,ike 2, knl 3, cfg 0"
# Add connections here.
conn averlon
left=%any
leftsubnet=192.168.113.0/24
leftid=server.av.loc
leftfirewall=yes
right=alterschwede.dyndns.biz
rightsubnet=192.168.110.0/24
rightid=intranet.av.loc
rightfirewall=yes
auto=add
Gruß
Karl-Heinz
Karl-Heinz
Re: lancom 1781a vpn mit openvpn server
Hi,
Hast du mehr informationen aus dem Log? ab welchem Zeitpunkt der Fehler auftritt?
Passiert das wenn du den Tunnel aufbauen möchtest?
Bitte beschreib doch den Ablauf etwas genauer.
Gruß
Hast du mehr informationen aus dem Log? ab welchem Zeitpunkt der Fehler auftritt?
Passiert das wenn du den Tunnel aufbauen möchtest?
Bitte beschreib doch den Ablauf etwas genauer.
Gruß
Erst wenn der letzte Baum gerodet, der letzte Fluss vergiftet, der letzte Fisch gefangen ist, werdet Ihr merken, dass man Geld nicht essen kann.
Ein Optimist, mit entäuschten Idealen, hat ein besseres Leben als ein Pessimist der sich bestätigt fühlt.
Ein Optimist, mit entäuschten Idealen, hat ein besseres Leben als ein Pessimist der sich bestätigt fühlt.
Re: lancom 1781a vpn mit openvpn server
Hi,
der tunnel läuft mittlerweile.
Der fehler wurde wohl durch eine falsche config in ipsec.conf verursacht. Leider gab es die fehlermeldung nur bei einem ipsec restart.
Auch darf man in der ipsec.conf wohl keine "#" an der ersten stelle schreiben sondern nur direkt vor dem eintrag.
Nun gut.
Trotzdem funktioniert scheinbar das routing nicht.
Ich weiß nicht wirklich wie ich in ubuntu die routen propagieren muss.
Außerdem weiß ich noch nicht mit welcher ip mein server überhaupt arbeitet (im vpn-tunnel).
der tunnel läuft mittlerweile.
Der fehler wurde wohl durch eine falsche config in ipsec.conf verursacht. Leider gab es die fehlermeldung nur bei einem ipsec restart.
Auch darf man in der ipsec.conf wohl keine "#" an der ersten stelle schreiben sondern nur direkt vor dem eintrag.
Nun gut.
Trotzdem funktioniert scheinbar das routing nicht.
Ich weiß nicht wirklich wie ich in ubuntu die routen propagieren muss.
Außerdem weiß ich noch nicht mit welcher ip mein server überhaupt arbeitet (im vpn-tunnel).
Code: Alles auswählen
# ipsec.conf - strongSwan IPsec configuration file
# basic configuration
config setup
# strictcrlpolicy=yes
# uniqueids = no
charondebug="ike 3, knl 3, cfg 3"
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
mobike=no
# Add connections here.
conn averlon
authby=secret
keyexchange=ikev1
left=%any
leftsubnet=192.168.113.0/24
leftid=@server.av.loc
right="aoffice.dyndns.biz"
rightsubnet=192.168.110.0/24
rightid=@intranet.av.loc
rightallowany=yes
auto=addGruß
Karl-Heinz
Karl-Heinz
Re: lancom 1781a vpn mit openvpn server
Hi,
ich habe jetzt mal dem server eine zweite ip-adresse eingerichtet:
In der hoffnung, dass er unter der im tunnel dann erreichbar ist weil:
ich habe jetzt mal dem server eine zweite ip-adresse eingerichtet:
Code: Alles auswählen
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet dhcp
auto eth0:1
iface eth0:1 inet static
address 192.168.113.150
netmask 255.255.255.0Code: Alles auswählen
leftsubnet=192.168.113.0/24Gruß
Karl-Heinz
Karl-Heinz
Re: lancom 1781a vpn mit openvpn server
Hi,
probier mal
sudo ip xfrm state gibt linux SAs aus
sudo ip xfrm policy gibt linux ipsec policies
aus.
Damit solltest du weitere Informationen bekommen.
https://wiki.strongswan.org/projects/st ... secCommand
http://man7.org/linux/man-pages/man8/ip-xfrm.8.html
Ich habe die Routen damals selber in das normale Networkmanagment von Ubuntu eingerichtet.
Bist du sicher mit dem left=%any sicher?
Vielleicht findest du hier https://wiki.strongswan.org/projects/st ... onExamples
Ein passendes Beispiel das deinem Aufbau entspricht.
Gruß
probier mal
sudo ip xfrm state gibt linux SAs aus
sudo ip xfrm policy gibt linux ipsec policies
aus.
Damit solltest du weitere Informationen bekommen.
https://wiki.strongswan.org/projects/st ... secCommand
http://man7.org/linux/man-pages/man8/ip-xfrm.8.html
Ich habe die Routen damals selber in das normale Networkmanagment von Ubuntu eingerichtet.
Bist du sicher mit dem left=%any sicher?
Vielleicht findest du hier https://wiki.strongswan.org/projects/st ... onExamples
Ein passendes Beispiel das deinem Aufbau entspricht.
Gruß
Erst wenn der letzte Baum gerodet, der letzte Fluss vergiftet, der letzte Fisch gefangen ist, werdet Ihr merken, dass man Geld nicht essen kann.
Ein Optimist, mit entäuschten Idealen, hat ein besseres Leben als ein Pessimist der sich bestätigt fühlt.
Ein Optimist, mit entäuschten Idealen, hat ein besseres Leben als ein Pessimist der sich bestätigt fühlt.
Re: lancom 1781a vpn mit openvpn server
Code: Alles auswählen
ip xfrm state
src 172.29.52.61 dst 79.230.25.251
proto esp spi 0x90a8d45d reqid 2 mode tunnel
replay-window 32 flag af-unspec
auth-trunc hmac(sha1) 0x296d12b198858f8b3b21ceaf19076e6e82d79ded 96
enc cbc(des3_ede) 0xec34005efbb8318f2aad195065851eb0f80cf6aa30ae37c4
encap type espinudp sport 4500 dport 4500 addr 0.0.0.0
src 79.230.25.251 dst 172.29.52.61
proto esp spi 0xc45201ab reqid 2 mode tunnel
replay-window 32 flag af-unspec
auth-trunc hmac(sha1) 0x1563a9e18fdabe5f9657b47156d686b222f89dd1 96
enc cbc(des3_ede) 0xb7ada0ef3401165e39e2150f3069de5597990cba6e7183d0
encap type espinudp sport 4500 dport 4500 addr 0.0.0.0Code: Alles auswählen
ip xfrm policy
src 192.168.110.0/24 dst 192.168.113.0/24
dir fwd priority 1859
tmpl src 79.230.25.251 dst 172.29.52.61
proto esp reqid 2 mode tunnel
src 192.168.110.0/24 dst 192.168.113.0/24
dir in priority 1859
tmpl src 79.230.25.251 dst 172.29.52.61
proto esp reqid 2 mode tunnel
src 192.168.113.0/24 dst 192.168.110.0/24
dir out priority 1859
tmpl src 172.29.52.61 dst 79.230.25.251
proto esp reqid 2 mode tunnel
src 0.0.0.0/0 dst 0.0.0.0/0
socket in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
socket out priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
socket in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
socket out priority 0
src ::/0 dst ::/0
socket in priority 0
src ::/0 dst ::/0
socket out priority 0
src ::/0 dst ::/0
socket in priority 0
src ::/0 dst ::/0
socket out priority 0Gruß
Karl-Heinz
Karl-Heinz
Re: lancom 1781a vpn mit openvpn server
Hi,
falls jemand eine idee hat was das sein könnte im trace vom lancom:
und was sagt mir auf der strongswan-seite:
falls jemand eine idee hat was das sein könnte im trace vom lancom:
Code: Alles auswählen
[VPN-Status] 2015/02/13 15:46:24,147 Devicetime: 2015/02/13 15:46:26,183
IKE info: NOTIFY received of type INVALID_ID_INFORMATION for peer F42252SECode: Alles auswählen
04[IKE] no matching CHILD_SA config foundDu hast keine ausreichende Berechtigung, um die Dateianhänge dieses Beitrags anzusehen.
Gruß
Karl-Heinz
Karl-Heinz
Re: lancom 1781a vpn mit openvpn server
Hi,
so, der VPN-Tunnel steht und die Kommunikation mit dem Server funktioniert.
Allerdings geht über Nacht die Verbindung verloren und wird nicht wieder aufgebaut.
Der Lancom baut die Verbindung garnicht auf.
Der Server schon, aber nur nach einem Reboot oder wenn ipsec neu gestartet wird.
Gibt es irgendeinen Trick dem Server zu sagen, dass er die Verbindung in bestimmten Abständen prüfen soll und ggf. neu aufbauen soll?
habe ich in der ipsec.conf schon drin. Hilft aber scheinbar nicht.
so, der VPN-Tunnel steht und die Kommunikation mit dem Server funktioniert.
Allerdings geht über Nacht die Verbindung verloren und wird nicht wieder aufgebaut.
Der Lancom baut die Verbindung garnicht auf.
Der Server schon, aber nur nach einem Reboot oder wenn ipsec neu gestartet wird.
Gibt es irgendeinen Trick dem Server zu sagen, dass er die Verbindung in bestimmten Abständen prüfen soll und ggf. neu aufbauen soll?
Code: Alles auswählen
dpdaction=restartGruß
Karl-Heinz
Karl-Heinz
Re: lancom 1781a vpn mit openvpn server
Hi,
Warum baut das Lancom die Verbindung nicht auf?
An welcher Stelle scheitert es? Am Lancom oder am Server? Und an welcher Stelle der Verhandlung?
Gruß
Warum baut das Lancom die Verbindung nicht auf?
An welcher Stelle scheitert es? Am Lancom oder am Server? Und an welcher Stelle der Verhandlung?
Gruß
Erst wenn der letzte Baum gerodet, der letzte Fluss vergiftet, der letzte Fisch gefangen ist, werdet Ihr merken, dass man Geld nicht essen kann.
Ein Optimist, mit entäuschten Idealen, hat ein besseres Leben als ein Pessimist der sich bestätigt fühlt.
Ein Optimist, mit entäuschten Idealen, hat ein besseres Leben als ein Pessimist der sich bestätigt fühlt.
Re: lancom 1781a vpn mit openvpn server
Hallo,
für die antwort brauchte ich eine nacht weil das nur über nacht, vermutlich wegen dem verbindungsabbau dsl, passiert.
Ich habe mal einen trace gemacht.
Ob der was bringt - mal sehen - ich kann ihn nicht interpretieren - leider!
Die öffentliche IP des Rechners habe ich maskiert.
Port 500 und Port 1194 sind in der firewall eingehend freigeschaltet.
für die antwort brauchte ich eine nacht weil das nur über nacht, vermutlich wegen dem verbindungsabbau dsl, passiert.
Ich habe mal einen trace gemacht.
Ob der was bringt - mal sehen - ich kann ihn nicht interpretieren - leider!
Die öffentliche IP des Rechners habe ich maskiert.
Port 500 und Port 1194 sind in der firewall eingehend freigeschaltet.
Code: Alles auswählen
[VPN-Status] 2015/02/19 07:20:24,595 Devicetime: 2015/02/19 07:20:23,024
VPN: local reconnect lock active for F42252SE
[VPN-Status] 2015/02/19 07:20:25,080 Devicetime: 2015/02/19 07:20:23,524
VPN: WAN state changed to WanCall for F42252SE (xx.xxx.xxx.134), called by: 009c77d4
[VPN-Status] 2015/02/19 07:20:25,080 Devicetime: 2015/02/19 07:20:23,524
VPN: connecting to F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:25,080 Devicetime: 2015/02/19 07:20:23,525
vpn-maps[23], remote: F42252SE, nego, static-name, connected-by-name
[VPN-Status] 2015/02/19 07:20:25,080 Devicetime: 2015/02/19 07:20:23,525
vpn-maps[23], remote: F42252SE, nego, static-name, connected-by-name
[VPN-Status] 2015/02/19 07:20:25,081 Devicetime: 2015/02/19 07:20:23,525
VPN: set local server addresses for F42252SE (xx.xxx.xxx.134)
DNS: 192.168.110.1, 0.0.0.0
NBNS: 192.168.110.1, 0.0.0.0
[VPN-Status] 2015/02/19 07:20:25,081 Devicetime: 2015/02/19 07:20:23,525
VPN: start dynamic VPN negotiation for F42252SE (xx.xxx.xxx.134) via ICMP/UDP
[VPN-Status] 2015/02/19 07:20:25,081 Devicetime: 2015/02/19 07:20:23,525
VPN: create dynamic VPN V2 authentication packet for F42252SE (xx.xxx.xxx.134)
DNS: 192.168.110.1, 0.0.0.0
NBNS: 192.168.110.1, 0.0.0.0
polling address: 192.168.109.1
[VPN-Status] 2015/02/19 07:20:25,082 Devicetime: 2015/02/19 07:20:23,526
VPN: dynamic VPN V2 packet send to F42252SE (xx.xxx.xxx.134)
dynamic VPN V2 header:
Version: 2
HdrLen: 28
InfoLen: 40
MsgType: address info (1)
Flags: 0x0000
Responser: no
Challenge: 302528521
[VPN-Status] 2015/02/19 07:20:25,082 Devicetime: 2015/02/19 07:20:23,526
VPN: installing ruleset for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:25,082 Devicetime: 2015/02/19 07:20:23,526
vpn-maps[23], remote: F42252SE, nego, static-name, connected-by-name
[VPN-Status] 2015/02/19 07:20:25,082 Devicetime: 2015/02/19 07:20:23,526
VPN: start IKE negotiation for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:25,083 Devicetime: 2015/02/19 07:20:23,526
VPN: WAN state changed to WanProtocol for F42252SE (xx.xxx.xxx.134), called by: 009c77d4
[VPN-Status] 2015/02/19 07:20:25,083 Devicetime: 2015/02/19 07:20:23,527
IKE info: Phase-1 negotiation started for peer F42252SE rule isakmp-peer-F42252SE using MAIN mode
[VPN-IKE] 2015/02/19 07:20:25,083 Devicetime: 2015/02/19 07:20:23,544
Sending packet :
IKE 1.0 Header:
Source/Port : 79.230.10.214:500
Destination/Port : xx.xxx.xxx.134:500
| Initiator cookie : 02 59 E3 81 87 F4 97 BF
| Responder cookie : 00 00 00 00 00 00 00 00
| Next Payload : SA
| Version : 1.0
| Exchange type : ID_PROT
| Flags : 0x00
| Msg-ID : 0
| Length : 420 Bytes
SA Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 292 Bytes
| DOI : 1
| Situation : 1
| PROPOSAL Payload
| | Next Payload : NONE
| | Reserved : 0x00
| | Length : 280 Bytes
| | Proposal number : 1
| | Protocol ID : IPSEC_IKE
| | SPI size : 0
| | #Transforms : 7
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 0
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 256
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 1
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 2
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 3
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 3
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 4
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 3
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 36 Bytes
| | | Transform# : 5
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 5
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | TRANSFORM Payload
| | | Next Payload : NONE
| | | Reserved : 0x00
| | | Length : 36 Bytes
| | | Transform# : 6
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 5
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : EE EF A3 78 09 E3 2A D4 DE 4F 6B 01 0C 26 A6 40
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 7D 94 19 A6 53 10 CA 6F 2C 17 9D 92 15 52 9D 56
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 4A 13 1C 81 07 03 58 45 5C 57 28 F2 0E 95 45 2F
VENDOR Payload
| Next Payload : NONE
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : AF CA D7 13 68 A1 F1 C9 6B 86 96 FC 77 57 01 00
[VPN-Status] 2015/02/19 07:20:25,141 Devicetime: 2015/02/19 07:20:23,548
VPN: ruleset installed for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:25,141 Devicetime: 2015/02/19 07:20:23,548
VPN: rulesets installed
[VPN-Status] 2015/02/19 07:20:25,141 Devicetime: 2015/02/19 07:20:23,570
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:25,141 Devicetime: 2015/02/19 07:20:23,570
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:26,123 Devicetime: 2015/02/19 07:20:24,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:26,123 Devicetime: 2015/02/19 07:20:24,553
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:27,123 Devicetime: 2015/02/19 07:20:25,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:27,123 Devicetime: 2015/02/19 07:20:25,554
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:28,123 Devicetime: 2015/02/19 07:20:26,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:28,123 Devicetime: 2015/02/19 07:20:26,553
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:29,123 Devicetime: 2015/02/19 07:20:27,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:29,123 Devicetime: 2015/02/19 07:20:27,553
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:30,123 Devicetime: 2015/02/19 07:20:28,554
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:30,123 Devicetime: 2015/02/19 07:20:28,554
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
... andere vpn-verbindung
[VPN-Status] 2015/02/19 07:20:31,074 Devicetime: 2015/02/19 07:20:29,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:31,074 Devicetime: 2015/02/19 07:20:29,553
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-IKE] 2015/02/19 07:20:32,076 Devicetime: 2015/02/19 07:20:30,546
Sending packet :
IKE 1.0 Header:
Source/Port : 79.230.10.214:500
Destination/Port : xx.xxx.xxx.134:500
| Initiator cookie : 02 59 E3 81 87 F4 97 BF
| Responder cookie : 00 00 00 00 00 00 00 00
| Next Payload : SA
| Version : 1.0
| Exchange type : ID_PROT
| Flags : 0x00
| Msg-ID : 0
| Length : 420 Bytes
SA Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 292 Bytes
| DOI : 1
| Situation : 1
| PROPOSAL Payload
| | Next Payload : NONE
| | Reserved : 0x00
| | Length : 280 Bytes
| | Proposal number : 1
| | Protocol ID : IPSEC_IKE
| | SPI size : 0
| | #Transforms : 7
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 0
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 256
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 1
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 2
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 3
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 3
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 4
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 3
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 36 Bytes
| | | Transform# : 5
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 5
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | TRANSFORM Payload
| | | Next Payload : NONE
| | | Reserved : 0x00
| | | Length : 36 Bytes
| | | Transform# : 6
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 5
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : EE EF A3 78 09 E3 2A D4 DE 4F 6B 01 0C 26 A6 40
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 7D 94 19 A6 53 10 CA 6F 2C 17 9D 92 15 52 9D 56
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 4A 13 1C 81 07 03 58 45 5C 57 28 F2 0E 95 45 2F
VENDOR Payload
| Next Payload : NONE
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : AF CA D7 13 68 A1 F1 C9 6B 86 96 FC 77 57 01 00
[VPN-Status] 2015/02/19 07:20:32,124 Devicetime: 2015/02/19 07:20:30,565
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:32,124 Devicetime: 2015/02/19 07:20:30,565
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:33,122 Devicetime: 2015/02/19 07:20:31,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:33,122 Devicetime: 2015/02/19 07:20:31,553
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:34,123 Devicetime: 2015/02/19 07:20:32,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:34,123 Devicetime: 2015/02/19 07:20:32,553
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:35,124 Devicetime: 2015/02/19 07:20:33,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:35,124 Devicetime: 2015/02/19 07:20:33,553
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:36,123 Devicetime: 2015/02/19 07:20:34,554
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:36,123 Devicetime: 2015/02/19 07:20:34,554
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:37,124 Devicetime: 2015/02/19 07:20:35,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:37,124 Devicetime: 2015/02/19 07:20:35,553
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:38,123 Devicetime: 2015/02/19 07:20:36,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:38,123 Devicetime: 2015/02/19 07:20:36,553
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:39,125 Devicetime: 2015/02/19 07:20:37,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:39,125 Devicetime: 2015/02/19 07:20:37,553
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:40,124 Devicetime: 2015/02/19 07:20:38,554
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:40,124 Devicetime: 2015/02/19 07:20:38,554
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-IKE] 2015/02/19 07:20:41,078 Devicetime: 2015/02/19 07:20:39,546
Sending packet :
IKE 1.0 Header:
Source/Port : 79.230.10.214:500
Destination/Port : xx.xxx.xxx.134:500
| Initiator cookie : 02 59 E3 81 87 F4 97 BF
| Responder cookie : 00 00 00 00 00 00 00 00
| Next Payload : SA
| Version : 1.0
| Exchange type : ID_PROT
| Flags : 0x00
| Msg-ID : 0
| Length : 420 Bytes
SA Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 292 Bytes
| DOI : 1
| Situation : 1
| PROPOSAL Payload
| | Next Payload : NONE
| | Reserved : 0x00
| | Length : 280 Bytes
| | Proposal number : 1
| | Protocol ID : IPSEC_IKE
| | SPI size : 0
| | #Transforms : 7
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 0
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 256
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 1
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 2
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 3
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 3
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 4
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 3
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 36 Bytes
| | | Transform# : 5
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 5
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | TRANSFORM Payload
| | | Next Payload : NONE
| | | Reserved : 0x00
| | | Length : 36 Bytes
| | | Transform# : 6
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 5
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : EE EF A3 78 09 E3 2A D4 DE 4F 6B 01 0C 26 A6 40
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 7D 94 19 A6 53 10 CA 6F 2C 17 9D 92 15 52 9D 56
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 4A 13 1C 81 07 03 58 45 5C 57 28 F2 0E 95 45 2F
VENDOR Payload
| Next Payload : NONE
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : AF CA D7 13 68 A1 F1 C9 6B 86 96 FC 77 57 01 00
[VPN-Status] 2015/02/19 07:20:41,126 Devicetime: 2015/02/19 07:20:39,561
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:41,126 Devicetime: 2015/02/19 07:20:39,562
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:42,125 Devicetime: 2015/02/19 07:20:40,554
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:42,125 Devicetime: 2015/02/19 07:20:40,554
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:43,124 Devicetime: 2015/02/19 07:20:41,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:43,124 Devicetime: 2015/02/19 07:20:41,553
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:44,122 Devicetime: 2015/02/19 07:20:42,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:44,122 Devicetime: 2015/02/19 07:20:42,553
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:45,123 Devicetime: 2015/02/19 07:20:43,554
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:45,123 Devicetime: 2015/02/19 07:20:43,554
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:46,123 Devicetime: 2015/02/19 07:20:44,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:46,123 Devicetime: 2015/02/19 07:20:44,553
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:47,124 Devicetime: 2015/02/19 07:20:45,554
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:47,124 Devicetime: 2015/02/19 07:20:45,554
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:48,125 Devicetime: 2015/02/19 07:20:46,554
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:48,125 Devicetime: 2015/02/19 07:20:46,554
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:49,123 Devicetime: 2015/02/19 07:20:47,554
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:49,123 Devicetime: 2015/02/19 07:20:47,554
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:50,124 Devicetime: 2015/02/19 07:20:48,553
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:50,124 Devicetime: 2015/02/19 07:20:48,554
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:51,124 Devicetime: 2015/02/19 07:20:49,554
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:51,124 Devicetime: 2015/02/19 07:20:49,554
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-IKE] 2015/02/19 07:20:52,077 Devicetime: 2015/02/19 07:20:50,546
Sending packet :
IKE 1.0 Header:
Source/Port : 79.230.10.214:500
Destination/Port : xx.xxx.xxx.134:500
| Initiator cookie : 02 59 E3 81 87 F4 97 BF
| Responder cookie : 00 00 00 00 00 00 00 00
| Next Payload : SA
| Version : 1.0
| Exchange type : ID_PROT
| Flags : 0x00
| Msg-ID : 0
| Length : 420 Bytes
SA Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 292 Bytes
| DOI : 1
| Situation : 1
| PROPOSAL Payload
| | Next Payload : NONE
| | Reserved : 0x00
| | Length : 280 Bytes
| | Proposal number : 1
| | Protocol ID : IPSEC_IKE
| | SPI size : 0
| | #Transforms : 7
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 0
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 256
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 1
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 2
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 3
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 3
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 4
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 3
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 36 Bytes
| | | Transform# : 5
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 5
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | TRANSFORM Payload
| | | Next Payload : NONE
| | | Reserved : 0x00
| | | Length : 36 Bytes
| | | Transform# : 6
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 5
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : EE EF A3 78 09 E3 2A D4 DE 4F 6B 01 0C 26 A6 40
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 7D 94 19 A6 53 10 CA 6F 2C 17 9D 92 15 52 9D 56
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 4A 13 1C 81 07 03 58 45 5C 57 28 F2 0E 95 45 2F
VENDOR Payload
| Next Payload : NONE
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : AF CA D7 13 68 A1 F1 C9 6B 86 96 FC 77 57 01 00
[VPN-Status] 2015/02/19 07:20:52,125 Devicetime: 2015/02/19 07:20:50,561
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:52,125 Devicetime: 2015/02/19 07:20:50,561
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:53,124 Devicetime: 2015/02/19 07:20:51,554
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:53,124 Devicetime: 2015/02/19 07:20:51,554
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:54,125 Devicetime: 2015/02/19 07:20:52,554
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:54,125 Devicetime: 2015/02/19 07:20:52,554
PING_ECHO, AuthFlags: 1, LastConf: 128, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:55,132 Devicetime: 2015/02/19 07:20:53,548
VPN: connection for F42252SE (xx.xxx.xxx.134) timed out: no response
[VPN-Status] 2015/02/19 07:20:55,132 Devicetime: 2015/02/19 07:20:53,548
VPN: Error: IFC-I-Connection-timeout-IKE-IPSEC (0x1106) for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:55,132 Devicetime: 2015/02/19 07:20:53,548
VPN: disconnecting F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:55,132 Devicetime: 2015/02/19 07:20:53,548
VPN: Error: IFC-I-Connection-timeout-IKE-IPSEC (0x1106) for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:55,132 Devicetime: 2015/02/19 07:20:53,551
VPN: F42252SE (xx.xxx.xxx.134) disconnected
[VPN-Status] 2015/02/19 07:20:55,132 Devicetime: 2015/02/19 07:20:53,551
vpn-maps[23], remote: F42252SE, idle, static-name
[VPN-Status] 2015/02/19 07:20:55,132 Devicetime: 2015/02/19 07:20:53,551
selecting next remote gateway using strategy eFirst for F42252SE
=> no remote gateway selected
[VPN-Status] 2015/02/19 07:20:55,132 Devicetime: 2015/02/19 07:20:53,552
selecting first remote gateway using strategy eFirst for F42252SE
=> CurrIdx=0, IpStr=>xx.xxx.xxx.134<, IpAddr=xx.xxx.xxx.134, IpTtl=0s
[VPN-Status] 2015/02/19 07:20:55,132 Devicetime: 2015/02/19 07:20:53,552
VPN: installing ruleset for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:55,132 Devicetime: 2015/02/19 07:20:53,552
VPN: WAN state changed to WanDisconnect for F42252SE (xx.xxx.xxx.134), called by: 009c77d4
[VPN-Status] 2015/02/19 07:20:55,132 Devicetime: 2015/02/19 07:20:53,552
VPN: WAN state changed to WanIdle for F42252SE (xx.xxx.xxx.134), called by: 009c77d4
[VPN-Status] 2015/02/19 07:20:55,132 Devicetime: 2015/02/19 07:20:53,562
VPN: rulesets installed
[VPN-Status] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,552
VPN: WAN state changed to WanCall for F42252SE (xx.xxx.xxx.134), called by: 009c77d4
[VPN-Status] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,552
VPN: connecting to F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,552
vpn-maps[23], remote: F42252SE, nego, static-name, connected-by-name
[VPN-Status] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,553
vpn-maps[23], remote: F42252SE, nego, static-name, connected-by-name
[VPN-Status] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,553
VPN: set local server addresses for F42252SE (xx.xxx.xxx.134)
DNS: 192.168.110.1, 0.0.0.0
NBNS: 192.168.110.1, 0.0.0.0
[VPN-Status] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,553
VPN: start dynamic VPN negotiation for F42252SE (xx.xxx.xxx.134) via ICMP/UDP
[VPN-Status] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,553
VPN: create dynamic VPN V2 authentication packet for F42252SE (xx.xxx.xxx.134)
DNS: 192.168.110.1, 0.0.0.0
NBNS: 192.168.110.1, 0.0.0.0
polling address: 192.168.109.1
[VPN-Status] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,553
VPN: dynamic VPN V2 packet send to F42252SE (xx.xxx.xxx.134)
dynamic VPN V2 header:
Version: 2
HdrLen: 28
InfoLen: 40
MsgType: address info (1)
Flags: 0x0000
Responser: no
Challenge: 4046393540
[VPN-Status] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,554
VPN: installing ruleset for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,554
vpn-maps[23], remote: F42252SE, nego, static-name, connected-by-name
[VPN-Status] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,554
VPN: start IKE negotiation for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,554
VPN: WAN state changed to WanProtocol for F42252SE (xx.xxx.xxx.134), called by: 009c77d4
[VPN-Status] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,555
IKE info: Phase-1 negotiation started for peer F42252SE rule isakmp-peer-F42252SE using MAIN mode
[VPN-IKE] 2015/02/19 07:20:56,102 Devicetime: 2015/02/19 07:20:54,569
Sending packet :
IKE 1.0 Header:
Source/Port : 79.230.10.214:500
Destination/Port : xx.xxx.xxx.134:500
| Initiator cookie : 85 5D D0 2F 84 3C 91 12
| Responder cookie : 00 00 00 00 00 00 00 00
| Next Payload : SA
| Version : 1.0
| Exchange type : ID_PROT
| Flags : 0x00
| Msg-ID : 0
| Length : 420 Bytes
SA Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 292 Bytes
| DOI : 1
| Situation : 1
| PROPOSAL Payload
| | Next Payload : NONE
| | Reserved : 0x00
| | Length : 280 Bytes
| | Proposal number : 1
| | Protocol ID : IPSEC_IKE
| | SPI size : 0
| | #Transforms : 7
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 0
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 256
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 1
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 2
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 7
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 3
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 3
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 40 Bytes
| | | Transform# : 4
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 3
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | | Attribute 6
| | | | Type : Basic, KEY_LENGTH
| | | | Value : 128
| | TRANSFORM Payload
| | | Next Payload : TRANSFORM
| | | Reserved : 0x00
| | | Length : 36 Bytes
| | | Transform# : 5
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 5
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 2
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
| | TRANSFORM Payload
| | | Next Payload : NONE
| | | Reserved : 0x00
| | | Length : 36 Bytes
| | | Transform# : 6
| | | Transform ID : KEY_IKE
| | | Reserved2 : 0x0000
| | | Attribute 0
| | | | Type : Basic, ENCRYPTION_ALGORITHM
| | | | Value : 5
| | | Attribute 1
| | | | Type : Basic, HASH_ALGORITHM
| | | | Value : 1
| | | Attribute 2
| | | | Type : Basic, AUTHENTICATION_METHOD
| | | | Value : 1
| | | Attribute 3
| | | | Type : Basic, GROUP_DESCRIPTION
| | | | Value : 2
| | | Attribute 4
| | | | Type : Basic, LIFE_TYPE
| | | | Value : 1
| | | Attribute 5
| | | | Type : Variable, LIFE_DURATION
| | | | Length : 4
| | | | Value : 00 01 A5 E0
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : EE EF A3 78 09 E3 2A D4 DE 4F 6B 01 0C 26 A6 40
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 7D 94 19 A6 53 10 CA 6F 2C 17 9D 92 15 52 9D 56
VENDOR Payload
| Next Payload : VENDOR
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : 4A 13 1C 81 07 03 58 45 5C 57 28 F2 0E 95 45 2F
VENDOR Payload
| Next Payload : NONE
| Reserved : 0x00
| Length : 20 Bytes
| Vendor ID : AF CA D7 13 68 A1 F1 C9 6B 86 96 FC 77 57 01 00
[VPN-Status] 2015/02/19 07:20:56,103 Devicetime: 2015/02/19 07:20:54,572
VPN: ruleset installed for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:56,103 Devicetime: 2015/02/19 07:20:54,573
VPN: rulesets installed
[VPN-Status] 2015/02/19 07:20:56,103 Devicetime: 2015/02/19 07:20:54,593
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:56,103 Devicetime: 2015/02/19 07:20:54,593
PING_ECHO, AuthFlags: 1, LastConf: 8320, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:57,151 Devicetime: 2015/02/19 07:20:55,582
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:57,151 Devicetime: 2015/02/19 07:20:55,582
PING_ECHO, AuthFlags: 1, LastConf: 8320, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:58,151 Devicetime: 2015/02/19 07:20:56,581
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:58,151 Devicetime: 2015/02/19 07:20:56,581
PING_ECHO, AuthFlags: 1, LastConf: 8320, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:20:59,150 Devicetime: 2015/02/19 07:20:57,581
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:20:59,150 Devicetime: 2015/02/19 07:20:57,581
PING_ECHO, AuthFlags: 1, LastConf: 8320, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:21:00,151 Devicetime: 2015/02/19 07:20:58,581
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:21:00,151 Devicetime: 2015/02/19 07:20:58,581
PING_ECHO, AuthFlags: 1, LastConf: 8320, DynVpnMode: 0, StTunnel: 1
...andere vpn-verbindung
[VPN-Status] 2015/02/19 07:21:01,124 Devicetime: 2015/02/19 07:20:59,581
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:21:01,124 Devicetime: 2015/02/19 07:20:59,581
PING_ECHO, AuthFlags: 1, LastConf: 8320, DynVpnMode: 0, StTunnel: 1
[VPN-Status] 2015/02/19 07:21:02,151 Devicetime: 2015/02/19 07:21:00,581
icmp/upd reply for F42252SE (xx.xxx.xxx.134)
[VPN-Status] 2015/02/19 07:21:02,151 Devicetime: 2015/02/19 07:21:00,581
PING_ECHO, AuthFlags: 1, LastConf: 8320, DynVpnMode: 0, StTunnel: 1
Gruß
Karl-Heinz
Karl-Heinz
Re: lancom 1781a vpn mit openvpn server
Hi,
Du kannst auch manuell versuchen eine VPN Verbindung aufzubauen.
Auf der Konsole
Da du Dynamic vpn verwendest schätze ich das die IP des Lancoms sich dauernt ändert.
Auch scheint der Server nicht auf die Pakete zu antworten.
Du kannst ja mal schauen ob die Pakete auf dem Server in einem Wireshark trace auftauchen.
Und dort auch beanwortet werden.
Meist findet man Problemstellen am besten wenn man sauber die Kette an traces durchgeht.
Gruß
Du kannst auch manuell versuchen eine VPN Verbindung aufzubauen.
Auf der Konsole
Code: Alles auswählen
do /Other/manuall/Connect *NamederVPNVerbindung*Auch scheint der Server nicht auf die Pakete zu antworten.
Du kannst ja mal schauen ob die Pakete auf dem Server in einem Wireshark trace auftauchen.
Und dort auch beanwortet werden.
Meist findet man Problemstellen am besten wenn man sauber die Kette an traces durchgeht.
Gruß
Erst wenn der letzte Baum gerodet, der letzte Fluss vergiftet, der letzte Fisch gefangen ist, werdet Ihr merken, dass man Geld nicht essen kann.
Ein Optimist, mit entäuschten Idealen, hat ein besseres Leben als ein Pessimist der sich bestätigt fühlt.
Ein Optimist, mit entäuschten Idealen, hat ein besseres Leben als ein Pessimist der sich bestätigt fühlt.
Re: lancom 1781a vpn mit openvpn server
Hi,
klar, die IP des Lancom ändert sich in der regel 1x in der nacht - DSL Trennung.
Ich vermute, dass genau da das problem auftritt.
Ping geht auf den Server durch.
Auch kann ja der Server die Verbindung aufbauen, was er aber trotz "dpdaction=restart" nicht mehr macht nach dem abbruch in der nacht.
klar, die IP des Lancom ändert sich in der regel 1x in der nacht - DSL Trennung.
Ich vermute, dass genau da das problem auftritt.
Ping geht auf den Server durch.
Auch kann ja der Server die Verbindung aufbauen, was er aber trotz "dpdaction=restart" nicht mehr macht nach dem abbruch in der nacht.
Gruß
Karl-Heinz
Karl-Heinz