1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

help vpn log

Discussion in 'General Discussion' started by alberteenyt2002, Nov 11, 2008.

  1. alberteenyt2002

    alberteenyt2002 Addicted to LI Member

    dear all,

    im trying to make vpn between fortigate60 & rv042 i did the configuration but i need help to know whats the problem, from vpn log im getting the following:
    Nov 11 12:49:43 2008 VPN Log Initiating Main Mode
    Nov 11 12:49:43 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
    Nov 11 12:49:43 2008 VPN Log Received Vendor ID payload Type = [Dead Peer Detection]
    Nov 11 12:49:43 2008 VPN Log Ignoring Vendor ID payload [afca071368a1f1c9...]
    Nov 11 12:49:43 2008 VPN Log Ignoring Vendor ID payload [5062b335bc20db32...]
    Nov 11 12:49:43 2008 VPN Log Ignoring Vendor ID payload [1d6e178f6c2c0be2...]
    Nov 11 12:49:43 2008 VPN Log Received Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-03]
    Nov 11 12:49:43 2008 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet
    Nov 11 12:49:43 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet
    Nov 11 12:49:43 2008 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet
    Nov 11 12:49:43 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet
    Nov 11 12:50:53 2008 VPN Log Initiating Main Mode to replace #1
    Nov 11 12:50:53 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
    Nov 11 12:50:53 2008 VPN Log Received Vendor ID payload Type = [Dead Peer Detection]
    Nov 11 12:50:53 2008 VPN Log Ignoring Vendor ID payload [afca071368a1f1c9...]
    Nov 11 12:50:53 2008 VPN Log Ignoring Vendor ID payload [5062b335bc20db32...]
    Nov 11 12:50:53 2008 VPN Log Ignoring Vendor ID payload [1d6e178f6c2c0be2...]
    Nov 11 12:50:53 2008 VPN Log Received Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-03]
    Nov 11 12:50:53 2008 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet
    Nov 11 12:50:53 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet
    Nov 11 12:50:53 2008 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet
    Nov 11 12:50:54 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet
    Nov 11 12:52:04 2008 VPN Log Initiating Main Mode to replace #2
    Nov 11 12:52:04 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
    Nov 11 12:52:04 2008 VPN Log Received Vendor ID payload Type = [Dead Peer Detection]
    Nov 11 12:52:04 2008 VPN Log Ignoring Vendor ID payload [afca071368a1f1c9...]
    Nov 11 12:52:04 2008 VPN Log Ignoring Vendor ID payload [5062b335bc20db32...]
    Nov 11 12:52:04 2008 VPN Log Ignoring Vendor ID payload [1d6e178f6c2c0be2...]
    Nov 11 12:52:04 2008 VPN Log Received Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-03]
    Nov 11 12:52:04 2008 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet
    Nov 11 12:52:04 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet
    Nov 11 12:52:04 2008 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet
    Nov 11 12:52:04 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet
    Nov 11 12:53:14 2008 VPN Log Initiating Main Mode to replace #3
    Nov 11 12:53:14 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
    Nov 11 12:53:14 2008 VPN Log Received Vendor ID payload Type = [Dead Peer Detection]
    Nov 11 12:53:14 2008 VPN Log Ignoring Vendor ID payload [afca071368a1f1c9...]
    Nov 11 12:53:14 2008 VPN Log Ignoring Vendor ID payload [5062b335bc20db32...]
    Nov 11 12:53:14 2008 VPN Log Ignoring Vendor ID payload [1d6e178f6c2c0be2...]
    Nov 11 12:53:14 2008 VPN Log Received Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-03]
    Nov 11 12:53:14 2008 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet
    Nov 11 12:53:14 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet
    Nov 11 12:53:14 2008 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet
    Nov 11 12:53:14 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet
    Nov 11 12:54:24 2008 VPN Log Initiating Main Mode to replace #4
    Nov 11 12:54:24 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
    Nov 11 12:54:24 2008 VPN Log Received Vendor ID payload Type = [Dead Peer Detection]
    Nov 11 12:54:24 2008 VPN Log Ignoring Vendor ID payload [afca071368a1f1c9...]
    Nov 11 12:54:24 2008 VPN Log Ignoring Vendor ID payload [5062b335bc20db32...]
    Nov 11 12:54:24 2008 VPN Log Ignoring Vendor ID payload [1d6e178f6c2c0be2...]
    Nov 11 12:54:24 2008 VPN Log Received Vendor ID payload Type = [draft-ietf-ipsec-nat-t-ike-03]
    Nov 11 12:54:24 2008 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet
    Nov 11 12:54:24 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet
    Nov 11 12:54:24 2008 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet
    Nov 11 12:54:25 2008 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet
     
  2. ifican

    ifican Network Guru Member

    It looks like phase 2 is failing but i cant be certain without a debug. Double check all settings across the board, is nat-t configured on both sides, shut off DPD for now as some devices have an issue with it.
     
  3. alberteenyt2002

    alberteenyt2002 Addicted to LI Member

    Printscreen for rv042

    dear ifican,
    i attached print screen for linksys configuration can you please check it for me


    Thanks alot
     

    Attached Files:

  4. alberteenyt2002

    alberteenyt2002 Addicted to LI Member

    fotinet screen shoot

    requested print screen
     

    Attached Files:

  5. ifican

    ifican Network Guru Member

    Ok first thing that is off is your phase 2 key life time is set to 1800 on the linksys and 3600 on fortigate, it doesnt matter what it is but it needs to be the same on both. Fix that then send me the logs.
     
  6. alberteenyt2002

    alberteenyt2002 Addicted to LI Member

    vpn monitor

    fortigate vpn monitor
     

    Attached Files:

Share This Page