Upgrade to RV082 VPN BEFVP

I encountered some problems while trying to upgrade a virtual private network that was previously using two BEFVPs successfully.

The tunnel type is Gateway - gateway. It seems that the RV082 no longer has the ability to accept "Any" remote gateway connection requests.

Always an IP address.

Is there a solution for this?

This is necessary because the sole purpose of this VPN has a static IP address, the other is dynamic and is not registered with any provider of DynDNS.

I'll keep the other issues for later. This is the main.

Since no one else has, I'll answer my own question.

The user guide is not too clear about that, but the router has the ability to accept connections from a dynamic ("any") ip.

The type of remote connection "Dynamic IP + E-mailAddr [USER FQDN] authentication" does not require the FQDN of the USER to save. It is only required that she listed in the router.

Message edited by 50BMG on 15/01/2008 03:29

Tags: Linksys Routers

Similar Questions

  • Topology for the beginning RV082 VPN connection

    I have 4 RV082 routers, 1 at HQ and 1 in each of the 3 branches. (See attachment Diag.pdf Net). I have set up the VPN to each of the branches at HQ and I can access the subnet of HQ. However, I have to access from one branch to another.

    Is there a way to define a static route on router HQ or do I need to set up a private network virtual from one branch to another branch, as a mesh topology?

    Thank you

    Hi David, additional VPN tunnels will do, as a mesh. The configuration of the VPN tunnel is logical, you specify the subnets that are specifically on the creation of each tunnel.

    -Tom
    Please mark replied messages useful

  • RV082 VPN gateway to gateway does not solve remote gateway DynDns

    I have two RV082 is connected. Each has a dynamic IP address (generally changes every few weeks). I have configured tunnels on both ends with a local and remote "Remote/Local Security Gateway Type" of "+ IP dynamic authentication with domain name".

    If I look at the State of the VPN tunnel summary, it shows the IP "mondomaine.dyndns.org 0.0.0.0" under the column heading "Remote Gateway". The button "Connect" Tunnel test is n/a.

    I can solve each mondomaine.dyndns.org on both sides of each VPN entry using the Diagnostic DNS search within each router. If I wired a fixed IP address for the Local and the remote gateway, everything works fine. VPN is good.

    I can't seem to get the "mondomaine.dyndns.org" function works. It seems that the router is unable to solve the dynamic IP address of the domain names on each of the routers.

    I am confused, but this is my first time using a Cisco VPN router. Thanks in advance for some ideas.

    Hello MtnSledder,

    You can use only address dynamic IP + domain name (FQDN) of one side of the tunnel. On the other device try to select IP and then the possibility of using the IP by DNS resolved.  You will find this under the remote gateway once you select IP only.

    Give that a try and it must raise the tunnel.

    Christopher Ebert

    Network support - Cisco Small Business Support Center Engineer

  • RV082 VPN to ASA5500 device crashes when the keep-alive enabled

    Hi all.

    We have several here RV082s which are intended to connect to a central ASA5510 firewall. VPNS are configured and essentially operate, however in our test environment the RV082s kept crashing after seemingly unpredictable time (sometimes after several days or even weeks). The RV082 have the new firmware (v4.1.0.02 - tm).

    Investigations further on the issue, I discovered that accidents can be reproduced upon activation of the keep-alive option on the RV082. Power on the RV082, they can get started, start the VPN, and then they crash a few seconds after the tunnel has been implemented (one or two pings go usually). When crashing, the RV082 becomes completely inaccessible, IE no ping, no interface Web etc.

    There is a note in the firmware release notes saying that the activation of the keep-alive option would not work the way that it should. However it seems that enabling this option allows the router completely crash after the next reboot. This makes the keep-alive option basically useless, however we need since the routers will be installed at remote sites with no staff there.

    Is it possible to activate the keep-alive option without the crash of routers immediately after start-up?

    Thanks & cheers

    The RV082 is configured to route all traffic to the ASA? If so, there is a special beta firmware that is trying to solve the problem. However, you will need to call the help desk to create a ticket first.

    http://www.Cisco.com/en/us/support/tsd_cisco_small_business_support_center_contacts.html

  • Remote Desktop RV082 VPN encryption error

    We have two rv082 routers. One at our main oice and the other in a remote office. Both have the latest firmware installed. They are connected by a VPN tunnel. All our computers have WinXP on them. I often use remote desktop via the VPN from my laptop to my desktop computer at Headquarters with no problems.

    Now, I installed Win7 on my two machines and now get an error after a few seconds to a minute after I start a desktop session remotely by VPN. "Due to an error in data encryption, this session will take end." if I try a desktop session remotely when I'm at the main office (not through the VPN), there is no problem. I use the same computers as before. The only thing that has changed is the operating system.

    Remote Desktop between computers Windows XP through the VPN still works fine. For now, I have remote desktop on a server Win2003 R2 via the VPN and Office remotely and the server for my machine Win7, which is slow to say the least.

    Both computers are connected to the network directly not wireless. I tried to turn off the packages extended on both machines, but that did not help.

    This is driving me crazy ideas?

    Affecting the interface manual WAN1 1500 bytes only strength this WAN operator interface at that specific MTU rather than to negotiate which automatically.

    You asked if there is no consequence for changing this setting and that the answer really depends on what the correct MTU should be for your connection. Forcing this MTU may cause you to fragment packets. You can run a test of your network to help determine what would be the most ideal for your connection.

    Open a command prompt on a computer on your local network and get an external address to ping on internet. Run the following command where x.x.x.x is the external IP address.

    f-l 1500 x.x.x.x ping

    This will send a ping with a packet size of 1500. If that MTU is not correct, you will receive a message that says "packet needs to be fragmented but DF parameter. If the MTU is fine then you will get the result of your standard response. If you get just fragmentation error keep test by running the same command, but reduce the size of the packets until you get normal responses. I hope this helps and you can see that 1500 is the MTU that is perfect for your connection.

  • RV082 VPN Cisco ASA

    I have seen discussions on people who make reliable VPN connections to a RV082 at a remote site to a Cisco ASA 5500 security series device in a Home Office.  Can we get a FAQ/document displays the settings on both sides so that it works?  Even if mark you it as "This is a configuration not supported, use at your own discretion", it would be better than nothing.  Each Cisco, Linksys device or otherwise, must be able to communicate with other devices, especially on a standard IPSec protocols.

    Please see attached tech note on the definition of the tunnel VPN RVxx Linksys with Cisco

  • Cisco Linksys RV082 VPN router Port Translation

    Hi all

    We have a router RV082 and we try to do port forwarding.

    For example:

    88.123.2.5:80 > 192.168.1.10:2334

    88.123.2.5:81 > 192.168.1.10:2335

    However this does not seem to be possible because I can choose only the source port and IP address of destination unlike the RVS4000.

    Thank you

    These products are processed by the Cisco Small Business support community. Please refer to the URL: https://supportforums.cisco.com/community/netpro/small-business

  • RV082 VPN Client can connect only for 6 minutes

    Hello

    I have a RV082 with firmware 1.3.98 - tm.

    The problem I have is that a Client with Windows XP SP3 can connect only for 6 minutes exactly.

    In addition, a windows appears on the client saying that the remote system is not respoding and asking to wait or not.

    We have also applied fix for Windows XP described here:

    http://www.linksys.com/servlet/Satellite?blobcol=urldata&blobheadername1=Content-Type&blobheadername2=Content-Disposition&blobheadervalue1=text%2Fplain&blobheadervalue2=inline%3B+filename%3DQVPN%2BClient%2Bv1.2.11%2BRelease%2BNote.txt&blobkey=id&blobtable=MungoBlobs&blobwhere=1193800512161&ssbinary=true&lid=3723833685B09

    http://support.Microsoft.com/kb/889527/en-us

    I have restart the RV082. What can I do else?

    Thank you very much

    Oliver

    The problem was the NAT in the ADSL modem. I tryied changing the ADSL modem and the problem is solved.

    Thank you

    Oliver

  • We are upgrading Cisco ASA VPN HA pair 9.5.1

    We will lose the sessions/connections VPN?

    This is what happens when you do not have state synchronization.  Maybe you would like to enable for your next update.

  • ASA 5510 to Sonicwall TZ205 - ASA 9.1.6 upgrade breaks Tunnel VPN

    After reclassification of 8.4.5 to 9.1.6 my tunnel from site to site between an ASA 5510 and a Sonicwall TZ 205 is 'up' and I can ping the external interface of the other but I can't ping LAN to LAN.

    Hey Kevin,

    They should not be a difference on the config VPN between these versions, can you try to run a packet - trace on the SAA or place a screenshot inside while sending traffic.

    Example:

    entry Packet-trace within the icmp < src="" ip=""> 8 0

    Capture the vpn inside the match ip host host interface

    It may be useful

    -Randy-

  • The upgrade 25 users VPN license for 50 users.

    Hello

    Currently I have ASA5500-SSL-25 = license installed on my ASA 5520.

    I want the same for 50 users now.

    Please help me with the part number for a 25 to 50 users upgrade path.

    The order code is "L-ASA-SSL-25-50 =".

  • After upgrade no more VPNS to v3.6.3 (hub)

    Once we have updated version of 3.6.1 to 3.6.3 concentrator we are more able to set up a VPN session.

    Hereby the newspapers from the hub and the Cisco VPN Client.

    For security reasons, I replaced the following information:

    Concentrators c.c.c.c = IP address

    ISP of the assigned client IP = w.w.w.w.

    The client IP address assigned (from pool) Concentratot = internal g.g.g.g

    Primary DNS/WINS=D1.D1.D1.D1

    Secondary DNS/WINS=D2.D2.D2.D2

    Journal of the hub:

    2002-08-10 183 14:20:24.840 SEV = 5 IP/49 RPT = 5

    Transmitting station TCP SYN - ACK to client.w, port TCP dest 1677 pkt

    10/08/2002 184 14:20:24.850 SEV = 5 RPT IP/50 = 9

    Head of network TCP ACK from client.w, port TCP source 1677 pkt

    185 10/08/2002 14:20:24.890 SEV = 5 RPT IP/50 = 10

    Head of network TCP ACK from client.w, port TCP source 1677 pkt

    186 10/08/2002 14:20:25.190 SEV = 5 RPT IP 41 = 5

    Established client.w, the TCP source 1677 port TCP session.

    188 10/08/2002 14:20:37.170 SEV = 4 RPT IKE/52 = 5.w

    User group [TestGroup] [testuser]

    (Testuser) user authenticated.

    10/08/2002 189 14:20:37.280 SEV = 5 RPT IKE/184 = 5.w

    User group [TestGroup] [testuser]

    Client OS: Windows NT

    The client Application version: 3.6.2 (Rel) of

    192 10/08/2002 14:20:37.620 SEV = 4 RPT IKE/119 = 5.w

    User group [TestGroup] [testuser]

    PHASE 1 IS COMPLETE

    2002-08-10 193 14:20:37.630 SEV = 5 RPT IKE/25 = 5.w

    User group [TestGroup] [testuser]

    Data received from the Proxy host remote ID supported:

    Address g.g.g.g, protocol 0, Port 0

    196-10/08/2002 14:20:37.630 SEV = 5 RPT IKE/24 = 5.w

    User group [TestGroup] [testuser]

    Data received from the Proxy host local ID supported:

    Address c.c.c.c, protocol 0, Port 0

    199-10/08/2002 14:20:37.630 SEV = 5 RPT IKE/66 = 5.w

    User group [TestGroup] [testuser]

    Remote peer IKE configured for SA: ESP-AES128-SHA

    201 10/08/2002 14:20:37.630 SEV = IKE/0 4 RPT = 5.w

    User group [TestGroup] [testuser]

    All the proposals of the IPSec Security Association has deemed unacceptable!

    202-10/08/2002 14:20:37.630 SEV = 4. RPT = 5 IKEDBG/0

    Error of QM WSF (P2 struct & 0x1d150bc, mess id 0xbac8f29).

    203-10/08/2002 14:20:37.630 SEV = 4 IKEDBG/65 RPT = 5.w

    User group [TestGroup] [testuser]

    History of mistake IKE responder QM WSF (struct & 0x1d150bc)

    , :

    QM_DONE, EV_ERROR

    QM_BLD_MSG2, EV_NEGO_SA

    QM_BLD_MSG2, EV_IS_REKEY

    QM_BLD_MSG2, EV_CONFIRM_SA

    209 10/08/2002 14:20:37.640 SEV = 5 IP/43 RPT = 5

    Remove entry TCP peripheral pour.w IDE oucederomsurlesecondport 1677

    Journal of the client:

    5 14:20:24.786 08/10/02 Sev = Info/6 DIALER / 0 x 63300002

    Start the connection.

    6 14:20:24.796 08/10/02 Sev = Info/4 CM / 0 x 63100002

    Start the login process

    7 14:20:24.796 08/10/02 Sev = Info/4 CM / 0 x 63100004

    Establish a connection using Ethernet

    8 14:20:24.796 08/10/02 Sev = Info/4 CM / 0 x 63100026

    Attempt to connect with the server "c.c.c.c.

    9 14:20:24.796 10/08/02 Sev = Info/6 CM / 0 x 63100033

    Awarded the local TCP port 1677 for the TCP connection.

    10 14:20:24.866 10/08/02 Sev = Info/4 CM/0x6310002D

    TCP connection on port 10001 with Server "c.c.c.c.

    11 14:20:24.996 08/10/02 Sev = Info/4 CM / 0 x 63100026

    Attempt to connect with the server "c.c.c.c.

    12 14:20:24.996 08/10/02 Sev = Info/6 IKE/0x6300003B

    Try to establish a connection with c.c.c.c.

    13 14:20:25.017 08/10/02 Sev = Info/4 IKE / 0 x 63000013

    SEND to > ISAKMP OAK AG (SA, KE, NO, ID, VID, VID, VID) to c.c.c.c

    14 14:20:25.347 08/10/02 Sev = Info/6 IPSEC/0x6370001F

    TCP SYN sent to c.c.c.c, src port 1677, port dst 10001

    15 14:20:25.347 08/10/02 Sev = Info/6 IPSEC/0x6370001C

    TCP SYN - ACK received from c.c.c.c, src port 10001, port dst 1677

    16 14:20:25.347 08/10/02 Sev = Info/6 IPSEC / 0 x 63700020

    TCP ACK sent c.c.c.c, src port 1677, port dst 10001

    17 14:20:25.347 08/10/02 Sev = Info/4 IPSEC / 0 x 63700014

    Remove all keys

    18 14:20:25.597 08/10/02 Sev = Info/5 IKE/0x6300002F

    Received packet of ISAKMP: peer = c.c.c.c

    19 14:20:25.597 08/10/02 Sev = Info/4 IKE / 0 x 63000014

    RECEIVING< isakmp="" oak="" ag="" (sa,="" ke,="" non,="" id,="" hash,="" vid,="" vid,="" vid,="" vid,="" vid)="" from="">

    20 14:20:25.597 08/10/02 Sev = Info/5 IKE / 0 x 63000059

    Useful load Vendor ID = 12F5F28C457168A9702D9FE274CC0100

    21 14:20:25.597 08/10/02 Sev = Info/5 IKE / 0 x 63000001

    Peer is a compatible peer Cisco-Unity

    22 14:20:25.597 08/10/02 Sev = Info/5 IKE / 0 x 63000059

    Useful load Vendor ID = 09002689DFD6B712

    23 14:20:25.597 08/10/02 Sev = Info/5 IKE / 0 x 63000001

    Peer supports XAUTH

    24 14:20:25.597 08/10/02 Sev = Info/5 IKE / 0 x 63000059

    Useful load Vendor ID = AFCAD71368A1F1C96B8696FC77570100

    25 14:20:25.597 08/10/02 Sev = Info/5 IKE / 0 x 63000001

    Peer supports the DPD

    26 14:20:25.597 08/10/02 Sev = Info/5 IKE / 0 x 63000059

    Useful load Vendor ID = 4048B7D56EBCE88525E7DE7F00D6C2D3C0000000

    27 14:20:25.597 10/08/02 Sev = Info/5 IKE / 0 x 63000059

    Useful load Vendor ID = 1F07F70EAA6514D3B0FA96542A500306

    28 14:20:25.617 08/10/02 Sev = Info/4 IKE / 0 x 63000013

    SEND to > ISAKMP OAK AG * (HASH, NOTIFY: STATUS_INITIAL_CONTACT) to c.c.c.c

    29 14:20:25.778 08/10/02 Sev = Info/5 IKE/0x6300002F

    Received packet of ISAKMP: peer = c.c.c.c

    30 14:20:25.778 08/10/02 Sev = Info/4 IKE / 0 x 63000014

    RECEIVING< isakmp="" oak="" trans="" *(hash,="" attr)="" from="">

    31 14:20:25.778 08/10/02 Sev = Info/4 CM / 0 x 63100015

    Launch application xAuth

    32 14:20:34.671 08/10/02 Sev = Info/4 CM / 0 x 63100017

    xAuth application returned

    33 14:20:34.671 08/10/02 Sev = Info/4 IKE / 0 x 63000013

    SEND to > ISAKMP OAK TRANS *(HASH, ATTR) to c.c.c.c

    34 14:20:37.194 08/10/02 Sev = Info/5 IKE/0x6300002F

    Received packet of ISAKMP: peer = c.c.c.c

    35 14:20:37.194 08/10/02 Sev = Info/4 IKE / 0 x 63000014

    RECEIVING< isakmp="" oak="" trans="" *(hash,="" attr)="" from="">

    36 14:20:37.194 08/10/02 Sev = Info/4 CM/0x6310000E

    ITS established Phase 1. 1. ITS phase 1 in the system

    37 14:20:37.194 08/10/02 Sev = Info/4 IKE / 0 x 63000013

    SEND to > ISAKMP OAK TRANS *(HASH, ATTR) to c.c.c.c

    38 14:20:37.204 08/10/02 Sev = Info/5 IKE/0x6300005D

    Customer address a request from firewall to hub

    39 14:20:37.204 08/10/02 Sev = Info/5 IKE/0x6300005C

    Firewall policy: product = Cisco integrated customer, capacity = (centralized Protection Policy).

    40 14:20:37.214 08/10/02 Sev = Info/4 IKE / 0 x 63000013

    SEND to > ISAKMP OAK TRANS *(HASH, ATTR) to c.c.c.c

    41 14:20:37.375 08/10/02 Sev = Info/5 IKE/0x6300002F

    Received packet of ISAKMP: peer = c.c.c.c

    42 14:20:37.375 08/10/02 Sev = Info/4 IKE / 0 x 63000014

    RECEIVING< isakmp="" oak="" trans="" *(hash,="" attr)="" from="">

    43 14:20:37.375 08/10/02 Sev = Info/5 IKE / 0 x 63000010

    MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_ADDRESS:, value = g.g.g.g

    44 14:20:37.375 10/08/02 Sev = Info/5 IKE / 0 x 63000010

    MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS (1):, value = d1.d1.d1.d1

    45 14:20:37.375 08/10/02 Sev = Info/5 IKE / 0 x 63000010

    MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS (2):, value = d2.d2.d2.d2

    46 14:20:37.375 08/10/02 Sev = Info/5 IKE / 0 x 63000010

    MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NBNS (1) (a.k.a. WINS):, value = d1.d1.d1.d1

    47 14:20:37.375 08/10/02 Sev = Info/5 IKE / 0 x 63000010

    MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NBNS (2) (a.k.a. WINS):, value = d2.d2.d2.d2

    48 14:20:37.375 08/10/02 Sev = Info/5 IKE/0x6300000E

    MODE_CFG_REPLY: Attribute = MODECFG_UNITY_BANNER, value = WARNING:

    Any use of this system may be recorded or monitored without further notice, and newspapers that results can be used as evidence in court.

    If you are not authorized to use this system disconnect now!

    49 14:20:37.375 08/10/02 Sev = Info/5 IKE/0x6300000D

    MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SAVEPWD:, value = 0x00000000

    50 14:20:37.375 08/10/02 Sev = Info/5 IKE/0x6300000D

    MODE_CFG_REPLY: Attribute = MODECFG_UNITY_PFS:, value = 0x00000000

    51 14:20:37.375 08/10/02 Sev = Info/5 IKE/0x6300000E

    MODE_CFG_REPLY: Attribute = APPLICATION_VERSION, value = Cisco Systems, Inc. / VPN 3000 Concentrator Version 3.6.3.Rel created by vmurphy on October 4, 2002 16:23

    52 14:20:37.425 08/10/02 Sev = Info/4 CM / 0 x 63100019

    Data in mode Config received

    53 14:20:37.465 08/10/02 Sev = Info/5 IKE / 0 x 63000055

    Has received a request for Driver IP address c.c.c.c, GW IP = c.c.c.c key

    54 14:20:37.465 08/10/02 Sev = Info/4 IKE / 0 x 63000013

    SEND to > ISAKMP OAK QM * (HASH, SA, NO, ID, ID) to c.c.c.c

    55 14:20:37.465 08/10/02 Sev = Info/5 IKE / 0 x 63000055

    Received a key demand driver for IP 10.10.10.255, GW IP = c.c.c.c

    56 14:20:37.465 08/10/02 Sev = Info/4 IKE / 0 x 63000013

    SEND to > ISAKMP OAK QM * (HASH, SA, NO, ID, ID) to c.c.c.c

    57 14:20:37.675 08/10/02 Sev = Info/5 IKE/0x6300002F

    Received packet of ISAKMP: peer = c.c.c.c

    58 14:20:37.675 08/10/02 Sev = Info/4 IKE / 0 x 63000014

    RECEIVING< isakmp="" oak="" info="" *(hash,="" notify:status_resp_lifetime)="" from="">

    59 14:20:37.675 08/10/02 Sev = Info/5 IKE / 0 x 63000044

    Answering MACHINE-LIFE notify has value of 86400 seconds

    60 14:20:37.675 10/08/02 Sev = Info/5 IKE / 0 x 63000046

    This SA has already been living for 13 seconds, setting expiration 86387 seconds now

    61 14:20:37.705 08/10/02 Sev = Info/5 IKE/0x6300002F

    Received packet of ISAKMP: peer = c.c.c.c

    62 14:20:37.705 08/10/02 Sev = Info/4 IKE / 0 x 63000014

    RECEIVING< isakmp="" oak="" info="" *(hash,="" del)="" from="">

    63 14:20:37.705 08/10/02 Sev = Info/5 IKE/0x6300003C

    A receipt a payload to DELETE for IKE SA with Cookies = 2CDEFD1BD3EFB19215350D42094312B8

    64 14:20:37.705 08/10/02 Sev = Info/5 IKE / 0 x 63000017

    Marking of IKE SA delete (COOKIES = 2CDEFD1BD3EFB192 15350D42094312B8) reason = DEL_REASON_PEER_DELETION

    65 14:20:38.066 08/10/02 Sev = Info/4 IPSEC / 0 x 63700014

    Remove all keys

    66 14:20:38.066 08/10/02 Sev = Info/6 IPSEC/0x6370002B

    Sent packets of 6, 0 were fragmented.

    67 14:20:38.066 08/10/02 Sev = Info/6 IPSEC/0x6370001D

    TCP RST from c.c.c.c, src port 10001, port dst 1677

    68 14:20:38.366 08/10/02 Sev = Info/4 CM / 0 x 63100012

    ITS phase 1 deleted before first Phase 2 SA is caused by "DEL_REASON_PEER_DELETION". 0 ITS phase 1 currently in the system

    69 14:20:38.366 08/10/02 Sev = Info/5 CM / 0 x 63100029

    Initializing CVPNDrv

    70 14:20:38.366 08/10/02 Sev = Info/4 CM / 0 x 63100031

    Reset the TCP connection on port 10001

    71 14:20:38.366 08/10/02 Sev = Info/6 CM / 0 x 63100034

    Removed the local TCP port 1677 for the TCP connection.

    72 14:20:38.416 08/10/02 Sev = WARNING/3 DIALER/0xE3300008

    GI VPNStart callback doesn't have a 'CM_IKE_RECEIVED_DELETE_NOTIFICATION' (15 h).

    73 14:20:39.418 08/10/02 Sev = Info/4 IPSEC / 0 x 63700012

    Delete all keys associated with peer c.c.c.c

    74 14:20:39.418 08/10/02 Sev = Info/4 IPSEC / 0 x 63700012

    Delete all keys associated with peer c.c.c.c

    75 14:20:39.418 08/10/02 Sev = Info/6 IPSEC / 0 x 63700022

    TCP RST sent to c.c.c.c, src port 1677, port dst 10001

    76 14:20:39.418 08/10/02 Sev = Info/4 IPSEC / 0 x 63700014

    Remove all keys

    77 14:20:39.418 08/10/02 Sev = Info/6 IPSEC/0x6370002B

    Sent 4 packets, 0 were fragmented.

    When I look at the proposals of active IKE SA or configurations all seems ok (so everything worked fine with 3.6.1. Concentrator release).

    Any suggestion would be appreciated.

    Marcel

    OK, I tried it myself and ran into the same issue. AES seems to be broken in 3.6.3. A bug has been created (CSCdy88797) and will be corrected shortly, but for now, you need to use 3.6.1 or change the encryption algorithms if you simply use 3.6.3.

    Sorry about that.

  • RV082 VPN gateway to gateway does not connect


    These products are processed by the Cisco Small Business support community. (URL: https://supportforums.cisco.com/community/netpro/small-business )

  • Need help with native VPN client for Mac to the Configuration of the VPN router RV082

    Guys,

    I am trying to set up router RV082 VPN Client with native Mac for my remote access. However, no matter what I did, I'm not able to make works. Can any give me an example of how to set my router RV082 and Mac Book Pro (Mountain Lion)?

    Thank you

    Hi Jixian, the native client MAC does not work. The IPSEC VPN client is the same as the 5.x Cisco VPN client is not supported on this device.

    Your alternatives are to use PPTP or a 3rd party IPsec client such as ipsecuritas.

    -Tom
    Please evaluate the useful messages

  • Unable to connect to the Cisco VPN you use native client: El Capitan

    I'm unable to connect to the Cisco VPN using native client server Cisco OSX via IPSec. Before the upgrade for connections VPN El Capitan has worked without any problems. VPN uses the shared secret of group. It seems, I get the error "raccoon [2580] ': could not send message vpn_control: Broken pipe ' during the connection."

    When I upgraded to El Capitan, VPN connection has stopped working. I tried to do the following:

    * connect using the old work VPN connection: without success

    Config: Hand [server address, account name],

    AUTH settings [shared secret, the Group name].

    Advanced [mode to use the passive FTP = TRUE]

    errors:

    "authd [124]: copy_rights: _server_authorize failed.

    "raccoon [2580]: could not send message vpn_control: Broken pipe"

    ...

    * Add new VPN connection using L2TP over IPSec: without success

    Config: Hand [server address, account name],

    Authentication settings [user authentication: password, identification of the Machine: Shared Secret].

    Advanced [send all traffic on the VPN = TRUE]

    errsors:

    "pppd [2616]: password not found in the system keychain.

    "authd [124]: copy_rights: _server_authorize failed.

    ...


    * Add new connection using Cisco via IPSec VPN: without success

    Main config: [server address, account name].

    AUTH settings [shared secret, the Group name].

    Advanced [mode to use the passive FTP = TRUE]

    errors:

    "authd [124]: copy_rights: _server_authorize failed.

    "raccoon [2580]: could not send message vpn_control: Broken pipe"

    VPN server is high and does not work and accepts connections, this problem is entirely on the client side.

    I. Journal of Console app existing/Legacy VPN connection:

    26/03/16 10:24:01, 000 syslogd [40]: sender ASL statistics

    26/03/16 10:24:01, nesessionmanager 311 [2112]: NESMLegacySession [VPN_CONN_NAME$: B7816CCC-2D2C-4D6D - 83 D 9-B2C8B6EB8589]: received an order to start SystemUIServer [2346]

    26/03/16 10:24:01, nesessionmanager 311 [2112]: NESMLegacySession [VPN_CONN_NAME$: B7816CCC-2D2C-4D6D - 83 D 9-B2C8B6EB8589]: changed to connecting status

    26/03/16 10:24:01, nesessionmanager 313 [2112]: IPSec to connect to the server $VPN_SERVER_IP

    26/03/16 10:24:01, 316 nesessionmanager [2112]: phase 1 of the IPSec from.

    26/03/16 10:24:01, racoon 338 [2580]: agreed to the takeover of vpn connection.

    26/03/16 10:24:01, racoon 338 [2580]: agreed to the takeover of vpn connection.

    26/03/16 10:24:01, racoon 339 [2580]: IPSec to connect to the server $VPN_SERVER_IP

    26/03/16 10:24:01, racoon 339 [2580]: IPSec to connect to the server $VPN_SERVER_IP

    26/03/16 10:24:01, racoon 339 [2580]: connection.

    26/03/16 10:24:01, racoon 339 [2580]: IPSec Phase 1 started (initiated by me).

    26/03/16 10:24:01, racoon 339 [2580]: IPSec Phase 1 started (initiated by me).

    26/03/16 10:24:01, racoon 349 [2580]: IKE Packet: forward the success. (Initiator, Aggressive Mode 1 message).

    26/03/16 10:24:01, racoon 350 [2580]: > > > > > status of phase change = Phase 1 began by us

    26/03/16 10:24:01, racoon 350 [2580]: > > > > > status of phase change = Phase 1 began by us

    26/03/16 10:24:01, racoon 381 [2580]: no message must be encrypted, 0x14a1, side 0 status

    26/03/16 10:24:01, racoon 381 [2580]: no message must be encrypted, 0x14a1, side 0 status

    26/03/16 10:24:01, 381 nesessionmanager [2112]: Controller IPSec: IKE FAILED. phase 2, assert 0

    26/03/16 10:24:01, 381 nesessionmanager [2112]: Controller IPSec: retry the aggressive mode IPSec with DH group 2

    26/03/16 10:24:01, nesessionmanager 404 [2112]: phase 1 of the IPSec from.

    26/03/16 10:24:01, racoon 404 [2580]: IPSec to connect to the server $VPN_SERVER_IP

    26/03/16 10:24:01, racoon 404 [2580]: IPSec to connect to the server $VPN_SERVER_IP

    26/03/16 10:24:01, racoon 405 [2580]: connection.

    26/03/16 10:24:01, racoon 405 [2580]: IPSec Phase 1 started (initiated by me).

    26/03/16 10:24:01, racoon 405 [2580]: IPSec Phase 1 started (initiated by me).

    26/03/16 10:24:01, 407 raccoon [2580]: IKE Packet: forward the success. (Initiator, Aggressive Mode 1 message).

    26/03/16 10:24:01, 407 raccoon [2580]: > > > > > status of phase change = Phase 1 began by us

    26/03/16 10:24:01, 407 raccoon [2580]: > > > > > status of phase change = Phase 1 began by us

    26/03/16 10:24:01, racoon 436 [2580]: port 62465 anticipated, but 0

    26/03/16 10:24:01, racoon 436 [2580]: port 62465 anticipated, but 0

    26/03/16 10:24:01, 463 raccoon [2580]: IKEv1 Phase 1 AUTH: success. (Initiator, aggressive-Mode Message 2).

    26/03/16 10:24:01, 463 raccoon [2580]: > > > > > status of phase change = Phase 1 began with a peer

    26/03/16 10:24:01, 463 raccoon [2580]: > > > > > status of phase change = Phase 1 began with a peer

    26/03/16 10:24:01, 463 raccoon [2580]: IKE Packet: receive a success. (Initiator, Aggressive Mode 2 message).

    26/03/16 10:24:01, 463 raccoon [2580]: initiating IKEv1 Phase 1: success. (Initiator, aggressive Mode).

    26/03/16 10:24:01, 463 raccoon [2580]: IKE Packet: forward the success. (Initiator, Aggressive Mode 3 message).

    26/03/16 10:24:01, 463 raccoon [2580]: IPSec Phase 1 established (initiated by me).

    26/03/16 10:24:01, 463 raccoon [2580]: IPSec Phase 1 established (initiated by me).

    26/03/16 10:24:01, 484 raccoon [2580]: IPSec Extended requested authentication.

    26/03/16 10:24:01, 484 raccoon [2580]: IPSec Extended requested authentication.

    26/03/16 10:24:01, nesessionmanager 485 [2112]: IPSec asking extended authentication.

    [26/03/16 10:24:01, 494 nesessionmanager [2112]: NESMLegacySession[$VPN-CONN-NAME:B7816CCC-2D2C-4D6D-83D9-B2C8B6EB8589]: status changed by disconnecting

    26/03/16 10:24:01, 495 nesessionmanager [2112]: IPSec disconnection from the server $VPN_SERVER_IP

    26/03/16 10:24:01, racoon 495 [2580]: IPSec disconnection from the server $VPN_SERVER_IP

    26/03/16 10:24:01, racoon 495 [2580]: IPSec disconnection from the server $VPN_SERVER_IP

    26/03/16 10:24:01, racoon 495 [2580]: IKE Packet: forward the success. (Information message).

    26/03/16 10:24:01, racoon 495 [2580]: IKEv1-Information Notice: pass success. (Delete the ISAKMP Security Association).

    26/03/16 10:24:01, racoon 495 [2580]: could not send message vpn_control: Broken pipe

    26/03/16 10:24:01, racoon 495 [2580]: could not send message vpn_control: Broken pipe

    [26/03/16 10:24:01, 496 nesessionmanager [2112]: NESMLegacySession[$VPN-CONN-NAME:B7816CCC-2D2C-4D6D-83D9-B2C8B6EB8589]: status changed to offline, last stop reason no

    26/03/16 10:24:01, racoon 496 [2580]: glob found no match for the path "/ var/run/racoon/*.conf".

    26/03/16 10:24:01, racoon 496 [2580]: glob found no match for the path "/ var/run/racoon/*.conf".

    26/03/16 10:24:01, racoon 496 [2580]: IPSec disconnection from the server $VPN_SERVER_IP

    26/03/16 10:24:01, racoon 496 [2580]: IPSec disconnection from the server $VPN_SERVER_IP

    $VPN_SERVER_IP

    II. new VPN connection using L2TP over IPSec Console app log:

    26/03/16 10:37:26, 293 com.apple.preference.network.remoteservice [2539]: CGContextSetFillColorWithColor: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 293 com.apple.preference.network.remoteservice [2539]: CGContextSetStrokeColorWithColor: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 293 com.apple.preference.network.remoteservice [2539]: CGContextGetCompositeOperation: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 293 com.apple.preference.network.remoteservice [2539]: CGContextSetCompositeOperation: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 293 com.apple.preference.network.remoteservice [2539]: CGContextFillRects: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 293 com.apple.preference.network.remoteservice [2539]: CGContextSetCompositeOperation: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 293 com.apple.preference.network.remoteservice [2539]: CGContextClipToRect: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 293 com.apple.preference.network.remoteservice [2539]: CGContextGetShouldSmoothFonts: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 293 com.apple.preference.network.remoteservice [2539]: CGContextGetFontSmoothingStyle: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 293 com.apple.preference.network.remoteservice [2539]: CGContextGetFontAntialiasingStyle: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextSetFontSmoothingStyle: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextGetCTM: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextGetDefaultUserSpaceToDeviceSpaceTransform: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextSaveGState: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextConcatCTM: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextSaveGState: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextDrawImages: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextRestoreGState: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextRestoreGState: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextGetCTM: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextGetShouldSmoothFonts: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextGetFontSmoothingStyle: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextSetFontSmoothingStyle: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, 294 com.apple.preference.network.remoteservice [2539]: CGContextSetFontSmoothingStyle: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextGetCTM: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextGetDefaultUserSpaceToDeviceSpaceTransform: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextSaveGState: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, com.apple.preference.network.remoteservice [2539 295]: CGContextConcatCTM: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextSaveGState: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextDrawImages: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextRestoreGState: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextRestoreGState: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextGetCTM: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextGetCTM: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextGetDefaultUserSpaceToDeviceSpaceTransform: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextSaveGState: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, com.apple.preference.network.remoteservice [2539 295]: CGContextConcatCTM: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextSaveGState: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextDrawImages: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextRestoreGState: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextRestoreGState: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:26, [2539 295] com.apple.preference.network.remoteservice: CGContextGetCTM: context invalid 0x0. If you want to see the trail, please set CG_CONTEXT_SHOW_BACKTRACE environment variable.

    26/03/16 10:37:28, [2539 339] com.apple.preference.network.remoteservice: error in CoreDragRemoveTrackingHandler:-1856

    26/03/16 10:37:28, [2539 339] com.apple.preference.network.remoteservice: error in CoreDragRemoveReceiveHandler:-1856

    26/03/16 10:37:28, com.apple.xpc.launchd [1 393]: (com.apple.SystemUIServer.agent [2346]) Service was released due to the signal: Broken pipe: 13

    26/03/16 10:37:28, Spotlight 461 [459]: spot: logging agent

    26/03/16 10:37:28, [2539 487] com.apple.preference.network.remoteservice: service - area of the one error ERROR = NEConfigurationErrorDomain Code = 9 "configuration is unchanged" UserInfo = {NSLocalizedDescription = configuration is unchanged}

    26/03/16 10:37:28, [2539 487] com.apple.preference.network.remoteservice: service - area of the one error ERROR = NEConfigurationErrorDomain Code = 9 "configuration is unchanged" UserInfo = {NSLocalizedDescription = configuration is unchanged}

    26/03/16 10:37:28, nesessionmanager 519 [2112]: NESMLegacySession [VPN_CONN_NAME$: 04c 10954-16 b 2 - 40BB - B3F1 - 9288F968029E]: received an order to start com.apple.preference.network.re [2539]

    26/03/16 10:37:28, nesessionmanager 519 [2112]: NESMLegacySession [VPN_CONN_NAME$: 04c 10954-16 b 2 - 40BB - B3F1 - 9288F968029E]: changed to connecting status

    26/03/16 10:37:28, com.apple.SecurityServer [75 536]: rules of problem opening the file "/ etc/authorization ': no such file or directory

    26/03/16 10:37:28, com.apple.SecurityServer [75 536]: sandbox has denied authorizing the right "system.keychain.modify" customer "/ usr/libexec/nehelper" [184]

    26/03/16 10:37:28, 536 pppd [2616]: NetworkExtension is the controller

    26/03/16 10:37:28, 538 pppd [2616]: NetworkExtension is the controller

    26/03/16 10:37:28, nehelper 540 [184]: 10954-16 b 2 - 40BB - B3F1 04c - 9288F968029E: cannot copy content, returned SecKeychainItemCopyContent user interaction is not allowed.

    26/03/16 10:37:28, nehelper 540 [184]: 10954-16 b 2 - 40BB - B3F1 04c - 9288F968029E: SecKeychainItemFreeContent returned the user interaction is not allowed.

    26/03/16 10:37:28, 570 pppd [2616]: password not found in the system keychain

    26/03/16 10:37:28, 572 pppd [2616]: publish_entry SCDSet() failed: success!

    26/03/16 10:37:28, 573 pppd [2616]: publish_entry SCDSet() failed: success!

    26/03/16 10:37:28, 573 pppd [2616]: pppd 2.4.2 (Apple version 809.40.5) started by $VPN_SERVER_USER, uid 501

    26/03/16 10:37:28, SystemUIServer 620 [2615]: [BluetoothHIDDeviceController] EventServiceConnectedCallback

    26/03/16 10:37:28, SystemUIServer 620 [2615]: [BluetoothHIDDeviceController] EventServiceDisconnectedCallback

    26/03/16 10:37:28, authd 720 [124]: copy_rights: _server_authorize failed

    26/03/16 10:37:28, sandboxd 748 [120]: nehelper (184) ([184]) refuse the authorization-right-get system.keychain.modify

    III. New connection of Cisco VPN through IPSec Console app log:

    26/03/16 10:18:26, 917 WindowServer [172]: _CGXRemoveWindowFromWindowMovementGroup: 0x10d of window is not attached to the window 0x10f

    26/03/16 10:19:43, 975 WindowServer [172]: _CGXRemoveWindowFromWindowMovementGroup: 0x10d of window is not attached to the window 0x10f

    [26/03/16 10:19:56 nesessionmanager 265 [2112]: NESMLegacySession[$VPN-CONN-NAME:72874CC0-2A89-4B61-80F1-9BB4F3EA953B]: received an order to start SystemUIServer [2346]

    [26/03/16 10:19:56 nesessionmanager 265 [2112]: NESMLegacySession[$VPN-CONN-NAME:72874CC0-2A89-4B61-80F1-9BB4F3EA953B]: changed to connecting status

    26/03/16 10:19:56, nesessionmanager 267 [2112]: IPSec to connect to the server $VPN_SERVER_IP

    26/03/16 10:19:56, nesessionmanager 270 [2112]: phase 1 of the IPSec from.

    26/03/16 10:19:56, authd 284 [124]: copy_rights: _server_authorize failed

    26/03/16 10:19:56, 295 raccoon [2576]: agreed to the takeover of vpn connection.

    26/03/16 10:19:56, 295 raccoon [2576]: agreed to the takeover of vpn connection.

    26/03/16 10:19:56, 295 raccoon [2576]: IPSec to connect to the server $VPN_SERVER_IP

    26/03/16 10:19:56, 295 raccoon [2576]: IPSec to connect to the server $VPN_SERVER_IP

    26/03/16 10:19:56, racoon 296 [2576]: connection.

    26/03/16 10:19:56, racoon 296 [2576]: IPSec Phase 1 started (initiated by me).

    26/03/16 10:19:56, racoon 296 [2576]: IPSec Phase 1 started (initiated by me).

    26/03/16 10:19:56, racoon 308 [2576]: IKE Packet: forward the success. (Initiator, Aggressive Mode 1 message).

    26/03/16 10:19:56, racoon 308 [2576]: > > > > > status of phase change = Phase 1 began by us

    26/03/16 10:19:56, racoon 308 [2576]: > > > > > status of phase change = Phase 1 began by us

    26/03/16 10:19:56, 352 raccoon [2576]: no message must be encrypted, 0x14a1, side 0 status

    26/03/16 10:19:56, 352 raccoon [2576]: no message must be encrypted, 0x14a1, side 0 status

    26/03/16 10:19:56, nesessionmanager 352 [2112]: Controller IPSec: IKE FAILED. phase 2, assert 0

    26/03/16 10:19:56, nesessionmanager 353 [2112]: Controller IPSec: retry the aggressive mode IPSec with DH group 2

    26/03/16 10:19:56, nesessionmanager 373 [2112]: phase 1 of the IPSec from.

    26/03/16 10:19:56, 374 raccoon [2576]: IPSec to connect to the server $VPN_SERVER_IP

    26/03/16 10:19:56, 374 raccoon [2576]: IPSec to connect to the server $VPN_SERVER_IP

    26/03/16 10:19:56, 374 raccoon [2576]: connection.

    26/03/16 10:19:56, 374 raccoon [2576]: IPSec Phase 1 started (initiated by me).

    26/03/16 10:19:56, 374 raccoon [2576]: IPSec Phase 1 started (initiated by me).

    26/03/16 10:19:56, racoon 376 [2576]: IKE Packet: forward the success. (Initiator, Aggressive Mode 1 message).

    26/03/16 10:19:56, racoon 376 [2576]: > > > > > status of phase change = Phase 1 began by us

    26/03/16 10:19:56, racoon 376 [2576]: > > > > > status of phase change = Phase 1 began by us

    26/03/16 10:19:56, racoon 404 [2576]: port 62465 anticipated, but 0

    26/03/16 10:19:56, racoon 404 [2576]: port 62465 anticipated, but 0

    26/03/16 10:19:56, racoon 432 [2576]: IKEv1 Phase 1 AUTH: success. (Initiator, aggressive-Mode Message 2).

    26/03/16 10:19:56, racoon 432 [2576]: > > > > > status of phase change = Phase 1 began with a peer

    26/03/16 10:19:56, racoon 432 [2576]: > > > > > status of phase change = Phase 1 began with a peer

    26/03/16 10:19:56, racoon 432 [2576]: IKE Packet: receive a success. (Initiator, Aggressive Mode 2 message).

    26/03/16 10:19:56, racoon 432 [2576]: initiating IKEv1 Phase 1: success. (Initiator, aggressive Mode).

    26/03/16 10:19:56, racoon 432 [2576]: IKE Packet: forward the success. (Initiator, Aggressive Mode 3 message).

    26/03/16 10:19:56, 433 raccoon [2576]: IPSec Phase 1 established (initiated by me).

    26/03/16 10:19:56, 433 raccoon [2576]: IPSec Phase 1 established (initiated by me).

    26/03/16 10:19:56, racoon 453 [2576]: IPSec Extended requested authentication.

    26/03/16 10:19:56, racoon 453 [2576]: IPSec Extended requested authentication.

    26/03/16 10:19:56, 454 nesessionmanager [2112]: IPSec asking extended authentication.

    [26/03/16 10:19:56, nesessionmanager 464 [2112]: NESMLegacySession[$VPN-CONN-NAME:72874CC0-2A89-4B61-80F1-9BB4F3EA953B]: status changed by disconnecting

    26/03/16 10:19:56, nesessionmanager 464 [2112]: IPSec disconnection from the server $VPN_SERVER_IP

    26/03/16 10:19:56, racoon 465 [2576]: IPSec disconnection from the server $VPN_SERVER_IP

    26/03/16 10:19:56, racoon 465 [2576]: IPSec disconnection from the server $VPN_SERVER_IP

    26/03/16 10:19:56, racoon 465 [2576]: IKE Packet: forward the success. (Information message).

    26/03/16 10:19:56, racoon 465 [2576]: IKEv1-Information Notice: pass success. (Delete the ISAKMP Security Association).

    26/03/16 10:19:56, racoon 465 [2576]: could not send message vpn_control: Broken pipe

    26/03/16 10:19:56, racoon 465 [2576]: could not send message vpn_control: Broken pipe

    [26/03/16 10:19:56, nesessionmanager 465 [2112]: NESMLegacySession[$VPN-CONN-NAME:72874CC0-2A89-4B61-80F1-9BB4F3EA953B]: status changed to offline, last stop reason no

    26/03/16 10:19:56, 466 raccoon [2576]: glob found no match for the path "/ var/run/racoon/*.conf".

    26/03/16 10:19:56, 466 raccoon [2576]: glob found no match for the path "/ var/run/racoon/*.conf".

    26/03/16 10:19:56, 466 raccoon [2576]: IPSec disconnection from the server $VPN_SERVER_IP

    26/03/16 10:19:56, 466 raccoon [2576]: IPSec disconnection from the server $VPN_SERVER_IP

    It seems that I solved the problem, but I'm not sure it helped.

    After restart of the operating system, the two connections: old and new Cisco via IPSec connection, began to work.

Maybe you are looking for