1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WRV54G and IPSecuritas Setup?

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by lcortex, Jun 21, 2007.

  1. lcortex

    lcortex LI Guru Member

    I'm trying to get a vpn tunnel from my WRV54G to my macbook pro via ipsecuritas, but I am getting some error messages. The log looks as follows:

    IPSecuritas 3.0 build 1693, Sun May 27 21:43:28 MVT 2007, nadig
    Darwin 8.9.1 Darwin Kernel Version 8.9.1: Thu Feb 22 20:55:00 PST 2007; root:xnu-792.18.15~1/RELEASE_I386 i386

    Jun 21, 13:03:42 Info APP IKE daemon started
    Jun 21, 13:03:42 Info APP IPSec started
    Jun 21, 13:03:42 Error IKE Foreground mode.
    Jun 21, 13:03:42 Info IKE @(#)ipsec-tools CVS (http://ipsec-tools.sourceforge.net)
    Jun 21, 13:03:42 Info IKE @(#)This product linked OpenSSL 0.9.7l 28 Sep 2006 (http://www.openssl.org/)
    Jun 21, 13:03:42 Info IKE Reading configuration from "/Library/Application Support/Lobotomo Software/IPSecuritas/racoon.conf"
    Jun 21, 13:03:42 Info IKE Resize address pool from 0 to 255
    Jun 21, 13:03:42 Info APP Initiated connection NCT
    Jun 21, 13:03:49 Info APP Initiated connection NCT
    Jun 21, 13:03:56 Info APP Initiated connection NCT
    Jun 21, 13:03:56 Error IKE inappropriate sadb acquire message passed.
    Jun 21, 13:03:58 Error IKE phase2 negotiation failed due to time up waiting for phase1. ESP 24.234.198.167[500]->10.51.21.30[500]
    Jun 21, 13:04:03 Info APP Initiated connection NCT
    Jun 21, 13:04:05 Error IKE phase2 negotiation failed due to time up waiting for phase1. ESP 24.234.198.167[500]->10.51.21.30[500]
    Jun 21, 13:04:10 Info APP Initiated connection NCT
    Jun 21, 13:04:12 Error IKE phase1 negotiation failed due to time up. 78f8c8ae9fb0c975:0000000000000000
    Jun 21, 13:04:12 Error IKE phase2 negotiation failed due to time up waiting for phase1. ESP 24.234.198.167[500]->10.51.21.30[500]
    Jun 21, 13:04:15 Warning APP Connection NCT timed out
    Jun 21, 13:04:15 Warning APP Giving up
    Jun 21, 13:04:19 Error IKE phase2 negotiation failed due to time up waiting for phase1. ESP 24.234.198.167[500]->10.51.21.30[500]
    Jun 21, 13:04:26 Error IKE phase2 negotiation failed due to time up waiting for phase1. ESP 24.234.198.167[500]->10.51.21.30[500]
    Jun 21, 13:04:27 Info APP IPSec stopping
    Jun 21, 13:04:28 Info APP IKE daemon terminated


    Any ideas on what to change to fix this?

    Thanks!
    --Ross

    rwilkinson@nctlv.org
     
  2. ifican

    ifican Network Guru Member

    what can you tell us about the devices on each side that this connection is trying to be terminated through?
     
  3. lcortex

    lcortex LI Guru Member

    End Points Setup

    My home setup is the WRV54G on a cable modem connection, and i'm trying to connect from work or out in the field from various locations that are behind different types of firewalls. My home subnet is 10.0.0.0/24 on the inside network. Please let me know if you need any other info.


    Thanks,


    --Ross
     
  4. ifican

    ifican Network Guru Member

    When you are connecting through unknown devices, i.e. hotels, wifi hotspots etc, once you get it working and it doesnt work from those spots its just not going to work as they do not have the necessary settings in place.

    Now what application are you using on your work machine (or any machine for that matter), also you will need to ask you network admins at work if they even allow this as it might be just a big waste of time trying from there. Your best bet it to get a friend or someone you trust and connect from their home. If you get down the road and still are having issues and want help you can PM me with the connection info and i will try for you if you like.

    Edit- my fault for not reading i see your using ipsecuritas on the mac, have you tried any other application?
     
  5. lcortex

    lcortex LI Guru Member

    Most of the time I'm just looking to connect from various small networks via WAP or through cable modem. From work I'm connecting through a complex network. I'm able to make PPTP and L2TP vpn connections work through the network, but the IPSEC connection to the Linksys keeps giving me troubles. I've not had a problem connecting via IPSEC to Cisco/Linux firewalls on the outside, so I know it's not an issue with ports being blocked, instead it seems to be an issue with the IKE process not handshaking properly. I've used the Cisco VPN client, IPSecuritas, and I'm about to give VPN Tracker a shot.


    Any other ideas that I may try?

    Thanks for the help.

    --Ross
     

Share This Page