VPN logs

I'm having a problem with a vpn client. It is a device of fortinet on the other side, but it seems like he's not even trying to connect to me. I was hoping to get a second set of eyes on the newspapers. From what I see, we try to establish a connection and have found no answer to its firewall. Is this correct?

State peer is:

IKE Peer: 75.109.209.123

Type: user role: initiator

Generate a new key: no State: AM_WAIT_MSG2

Newspapers of (debug crypto isakmp debug crypto ipsec 127 AND 127) are as follows:

PTO iSep 30 16:19:50 [IKEv1]: IP x.x.x.x IKE_DECODE = new SEND Message (msgid = 0) with payloads: HDR (4) SA (1) + KE + NUNCIO (10) + ID (5) seller (13) + the seller (13) + seller (13) + seller (13) + the seller (13) + seller (13) + (0) NONE total length: 564
CIMP 12 Sep 30 16:19:52 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
7
30 sep 16:19:57 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
30 sep 16:19:58 [IKEv1]: IP x.x.x.x IKE_DECODE = new SEND Message (msgid = 0) with payloads: HDR (4) SA (1) + KE + NUNCIO (10) + ID (5) seller (13) + the seller (13) + seller (13) + seller (13) + the seller (13) + seller (13) + (0) NONE total length: 564

30 sep 16:20:02 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
30 sep 16:20:06 [IKEv1]: IP x.x.x.x IKE_DECODE = new SEND Message (msgid = 0) with payloads: HDR (4) SA (1) + KE + NUNCIO (10) + ID (5) seller (13) + the seller (13) + seller (13) + seller (13) + the seller (13) + seller (13) + (0) NONE total length: 564
30 sep 16:20:07 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
30 sep 16:20:12 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
30 sep 16:20:14 [IKEv1 DEBUG]: IP = x.x.x.x, history of mistake IKE AM Initiator WSF (struct & 0xd8ae6448) , : AM_DONE, EV_ERROR--> AM_WAIT_MSG2, EV_RETRY--> AM_WAIT_MSG2, EV_TIMEOUT--> AM_WAIT_MSG2 NullEvent--> AM_SND_MSG1, EV_SND_MSG--> AM_SND_MSG1, EV_START_TMR--> AM_SND_MSG1, EV_RESEND_MSG--> AM_WAIT_MSG2, EV_RETRY
30 sep 16:20:14 [IKEv1 DEBUG]: IP = x.x.x.x, IKE SA AM:e851b91a ending: flags 0 x 01000021, refcnt 0, tuncnt 0
30 sep 16:20:14 [IKEv1 DEBUG]: IP = x.x.x.x, sending clear/delete with the message of reason
30 sep 16:20:14 [IKEv1]: IP = x.x.x.x, counterpart of drop table counterpart, didn't match!
30 sep 16:20:14 [IKEv1]: IP = x.x.x.x, error: cannot delete PeerTblEntry
30 sep 16:20:17 [IKEv1]: IP = x.x.x.x, IKE initiator: New Phase 1, Intf inside, IKE Peer x.x.x.x 10.12.0.0 local Proxy address, address remote Proxy 10.186.17.0, Card Crypto (mymap)
30 sep 16:20:17 [IKEv1 DEBUG]: IP = x.x.x.x, build payloads of ISAKMP security
30 sep 16:20:17 [IKEv1 DEBUG]: IP = x.x.x.x, building ke payload
30 sep 16:20:17 [IKEv1 DEBUG]: IP = x.x.x.x, building nonce payload
30 sep 16:20:17 [IKEv1 DEBUG]: IP = x.x.x.x, building the payload ID
30 sep 16:20:17 [IKEv1 DEBUG]: IP = x.x.x.x, build payloads of Cisco Unity VID
30 sep 16:20:17 [IKEv1 DEBUG]: IP = x.x.x.x, constructing payload V6 VID xauth
30 sep 16:20:17 [IKEv1 DEBUG]: IP = x.x.x.x, building the payload of the NAT-Traversal VID ver 02
30 sep 16:20:17 [IKEv1 DEBUG]: IP = x.x.x.x, building the payload of the NAT-Traversal VID ver 03
30 sep 16:20:17 [IKEv1 DEBUG]: IP = x.x.x.x, building the payload of NAT-Traversal VID worm RFC
30 sep 16:20:17 [IKEv1 DEBUG]: IP = x.x.x.x, building the Fragmentation VID + load useful functionality
30 sep 16:20:17 [IKEv1]: IP = x.x.x.x, IKE_DECODE SEND Message (msgid = 0) with payloads: HDR (4) SA (1) + KE + NUNCIO (10) + ID (5) seller (13) + the seller (13) + seller (13) + seller (13) + the seller (13) + seller (13) + (0) NONE total length: 564
30 sep 16:20:22 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
30 sep 16:20:25 [IKEv1]: IP x.x.x.x IKE_DECODE = new SEND Message (msgid = 0) with payloads: HDR (4) SA (1) + KE + NUNCIO (10) + ID (5) seller (13) + the seller (13) + seller (13) + seller (13) + the seller (13) + seller (13) + (0) NONE total length: 564
30 sep 16:20:27 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
30 sep 16:20:32 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
30 sep 16:20:33 [IKEv1]: IP x.x.x.x IKE_DECODE = new SEND Message (msgid = 0) with payloads: HDR (4) SA (1) + KE + NUNCIO (10) + ID (5) seller (13) + the seller (13) + seller (13) + seller (13) + the seller (13) + seller (13) + (0) NONE total length: 564
30 sep 16:20:37 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
30 sep 16:20:41 [IKEv1]: IP x.x.x.x IKE_DECODE = new SEND Message (msgid = 0) with payloads: HDR (4) SA (1) + KE + NUNCIO (10) + ID (5) seller (13) + the seller (13) + seller (13) + seller (13) + the seller (13) + seller (13) + (0) NONE total length: 564
30 sep 16:20:42 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
30 sep 16:20:47 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
30 sep 16:20:49 [IKEv1 DEBUG]: IP = x.x.x.x, history of mistake IKE AM Initiator WSF (struct & 0xd8aef3b0) , : AM_DONE, EV_ERROR--> AM_WAIT_MSG2, EV_RETRY--> AM_WAIT_MSG2, EV_TIMEOUT--> AM_WAIT_MSG2 NullEvent--> AM_SND_MSG1, EV_SND_MSG--> AM_SND_MSG1, EV_START_TMR--> AM_SND_MSG1, EV_RESEND_MSG--> AM_WAIT_MSG2, EV_RETRY
30 sep 16:20:49 [IKEv1 DEBUG]: IP = x.x.x.x, IKE SA AM:7d86ef8f ending: flags 0 x 01000021, refcnt 0, tuncnt 0
30 sep 16:20:49 [IKEv1 DEBUG]: IP = x.x.x.x, sending clear/delete with the message of reason
30 sep 16:20:49 [IKEv1]: IP = x.x.x.x, counterpart of drop table counterpart, didn't match!
30 sep 16:20:49 [IKEv1]: IP = x.x.x.x, error: cannot delete PeerTblEntry
30 sep 16:20:52 [IKEv1]: IP = x.x.x.x, IKE
inside, IKE Peer x.x.x.x 10.12.0.0 local Proxy address, address remote Proxy 10.186.17.0, Card Crypto (mymap)
30 sep 16:20:52 [IKEv1 DEBUG]: IP = x.x.x.x, build payloads of ISAKMP security
30 sep 16:20:52 [IKEv1 DEBUG]: IP = x.x.x.x, building ke payload
30 sep 16:20:52 [IKEv1 DEBUG]: IP = x.x.x.x, building nonce payload
30 sep 16:20:52 [IKEv1 DEBUG]: IP = x.x.x.x, building the payload ID
30 sep 16:20:52 [IKEv1 DEBUG]: IP = x.x.x.x, build payloads of Cisco Unity VID
30 sep 16:20:52 [IKEv1 DEBUG]: IP = x.x.x.x, constructing payload V6 VID xauth
30 sep 16:20:52 [IKEv1 DEBUG]: IP = x.x.x.x, building the payload of the NAT-Traversal VID ver 02
30 sep 16:20:52 [IKEv1 DEBUG]: IP = x.x.x.x, building the payload of the NAT-Traversal VID ver 03
30 sep 16:20:52 [IKEv1 DEBUG]: IP = x.x.x.x, building the payload of NAT-Traversal VID worm RFC
30 sep 16:20:52 [IKEv1 DEBUG]: IP = x.x.x.x, building the Fragmentation VID + load useful functionality
30 sep 16:20:52 [IKEv1]: IP = x.x.x.x, IKE_DECODE SEND Message (msgid = 0) with payloads: HDR (4) SA (1) + KE + NUNCIO (10) + ID (5) seller (13) + the seller (13) + seller (13) + seller (13) + the seller (13) + seller (13) + (0) NONE total length: 564
30 sep 16:20:57 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
30 sep 16:21 [IKEv1]: IP x.x.x.x IKE_DECODE = new SEND Message (msgid = 0) with payloads: HDR (4) SA (1) + KE + NUNCIO (10) + ID (5) seller (13) + the seller (13) + seller (13) + seller (13) + the seller (13) + seller (13) + (0) NONE total length: 564
30 sep 16:21:02 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
30 sep 16:21:07 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.
30 sep 16:21:08 [IKEv1]: IP x.x.x.x IKE_DECODE = new SEND Message (msgid = 0) with payloads: HDR (4) SA (1) + KE + NUNCIO (10) + ID (5) seller (13) + the seller (13) + seller (13) + seller (13) + the seller (13) + seller (13) + (0) NONE total length: 564

30 sep 16:21:12 [IKEv1]: IP = x.x.x.x, KEY-ACQUIRE Queuing messages are treated when SA P1 is finished.

AM_WAIT_MSG2

You sent means phase 1 proposal for the remote site and now waiting for the answer.  the problem could be that you operate in aggressive mode (AM) and the remote site is main mode (MM).  Check first with the located remote.

If you're both in the same mode, then the Fortigate is does not match one of the parameters presented in phase 1: IE. encryption, hash, Diffie Hellman group: key

--

Please do not forget to select a correct answer and rate useful posts

Tags: Cisco Security

Similar Questions

  • Download connection for VPN log

    Logging and diagnostics of the VPN connection are a total waste of time - even after clearing logs and the connection that once, there are tens of thousands of lines of newspapers. Diagnose insists, of course, that everything is fine. By clicking Help, takes you as usual, a totally independent place - I got 30 results for "troubleshooting." What has to do with VPN, I guess Microsoft could say.

    Can I get a simple log that shows the protocols and parameters that were considered along with the results? As the old modem component logs?

    Seems they were too advanced a feature for the Member States to implement in a bare back and compact OS like Win 7... / sarcasm

    PS That is him go with not being able to open the settings window? Or connect to two connections at the same time? Or check the status of the underlying network when connecting? Fever of the modal dialog again?

    If you watched to where newspapers to find errors?

    http://Windows.Microsoft.com/en-us/Windows7/open-Event-Viewer

    http://Windows.Microsoft.com/en-us/Windows7/what-information-appears-in-event-logs-Event-Viewer

    You or the VPN server admins looked at the logs from the server using VPN?

    If it is a PPTP VPN connection?

    Don't forget you must forward/open the TCP 1723 Port through the firewall or the router, the server behind. The firewall or the router also need to be able to pass traffic GRE protocol 47. This is sometimes called PPTP pass through or VPN Pass Through or is configured automatically when the TCP 1723 Port is open on the firewall or the router.

    Test the VPN path using the PPTP Ping and VPN traffic sections on this page...

    http://TechNet.Microsoft.com/en-us/library/bb877965.aspx

    http://Windows.Microsoft.com/en-us/Windows7/why-am-I-having-problems-with-my-VPN-connection

    Troubleshooting VPN connections...

    http://blogs.technet.com/b/rrasblog/archive/2009/08/12/troubleshooting-common-VPN-related-errors.aspx

    Troubleshooting Vista VPN page that may be of little help...

    http://blogs.technet.com/b/rrasblog/archive/2007/04/08/troubleshooting-Vista-VPN-problems.aspx

    Additional help in TechNet Windows 7 Pro forums...

    http://social.technet.Microsoft.com/forums/en/w7itpronetworking/threads

    .. .or the appropriate instance of Windows Server...

    http://social.technet.Microsoft.com/forums/en/category/WindowsServer/

  • The VPN log

    Hello world

    Is there a way I can turn on logging on my ASA5550 so that I can check the time and date (and how long) the VPN users are connected?

    Your help is greatly appreciated.

    Thank you

    Alfred

    You can set the ASA to send syslog messages when the user connects and disconnects.

    # User vpn connection to syslog message is # 713119 and 611310 syslog:

    http://www.Cisco.com/en/us/docs/security/ASA/asa80/system/message/logmsgs.html#wp4775678

    http://www.Cisco.com/en/us/docs/security/ASA/asa80/system/message/logmsgs.html#wp4774637

    and to disconnect is syslog # 113019:

    http://www.Cisco.com/en/us/docs/security/ASA/asa80/system/message/logmsgs.html#wp4769539

    Hope that helps.

  • Anyconnect VPN logs

    Hello people!

    I would like to know how I can see the story of anyconnect VPN.

    See current webvpn or ssl vpn client session, I now this command can be using, but I Don t know about history.
    ASA # display webvpn vpn-sessiondb
    or ASA # display vpn-sessiondb svc

    Thank you

    Marcio

    Hi Marcio,

    To do this you must configure a syslog server.

    Please visit this link:

    http://www.Cisco.com/c/en/us/support/docs/security/PIX-500-series-Securi...

    You would be able to extract the information from the Anyconnect users who have a link in the past.

    It will be useful.

    Kind regards

    Aditya

    Please evaluate the useful messages.

  • AnyConnect VPN log in failure

    Today, we had a very disturbing failure.  We have a private network fully functional virtual on our device of Adaptive Security ASA 5510 8.2 (5) running.  I was installing a new user on a computer of Windows 7 Professional 64 bit using FireFox instead of Internet Explorer.

    The initial connection has worked well, but the client download has failed.  I clicked on the link to download the client manually and the Cisco VPN client appeared to download and install correctly.  However, when I tried to open the VPN after installed customer he says again once the automatic download of the client failed and he offered the link to download the client once again, that I made with exactly the same result.

    I thought that perhaps the problem was with FireFox so I opened Internet Explorer and enter the url for the VPN.  After that the user name and password entered (and validated), I got the same error on the failure of client download and I selected the link for download it manually like I did the other 3 times in FireFox.  This time, it seemed indeed that it worked as I received the certificate on AnyConnect error (which I normally receive it) However, the login screen remained on the page after I clicked on the certificate error to continue.

    The PC seems to hang so I finished the VPN session and then attempted to re-establish the connection.  This time when I entered the username and password, it came up saying "opening session not valid."  I tried again and got the same result.  I tried another user but no joy... same result... is not a valid connection.  I went to another PC; that worked fine a few minutes earlier and I got the same invalid login message any user name and password I entered.  Something happened that was blocking all users to connect to the VPN.

    I didn't believe that attempts to connect to the VPN using FireFox on a Windows 7 64 bit machine could sort my Cisco VPN fall but I was out of options... so I restarted the ASA and much to my reboot disappoinment has completely restored the VPN service.

    Now, if it was a router LinkSys of 75 million dollars instead of a safety device several thousand dollars I just shake, but how can it be that a failed connection attempt could put a Cisco ASA 5510 VPN kneeling?  I thought maybe I had grown the max license for SSL VPN connections... I think its 2... But if it was the case then why don't the message indicates that instead of just saying 'invalid connection '.  Also, there is no other opening connectionsat the time unless all downlaod failure attempts counted as active sessions.  Also, I had already checked in ASDM and no active VPN sessions have been recorded.

    Any guidance someone can provide would be greatly appreciated.

    Ed

    Hi Edward,.

    I went through the issue and I think you have only 2 license for SSL and when you try to login several times, nomatter if the installation completed successfully, or it has failed but the sessions have been built on the SAA and after the construction of the session, ASA pushed these files on client computers. I know that it gives you a message beside the point, saying: 'Invalid logon', but if you run the debug web svc 255 on the SAA (using SSH/Telnet), you will see a message:

    Session could not be established. Session limit 2 reached

    .

    You say that you don't see any session on the SAA, so could you please get the output of the command:

    debugging web anyconnect 255 (or debug web svc 255) and share with us.

    Thank you

    Vishnu Sharma

  • iPhone 6s won't connect to VPN on work wifi but goes on other wifi networks

    Hello

    I have been connected to my wifi to work for a while and had to use a VPN to use things such as whats'app and access to sites like Facebook. It worked well until what recently just VPN logs not when I am connected to this wifi network. I know that the password etc and I get the symbol wifi at the top of my phone but never impossible to access Web sites (which was normal, but the VPN it fixed), but now I can not connect the VPN even more.

    The VPN application I use is Betternet but I've also tried a few others, none works. However, they all work when I connect to my own wifi network.

    iPhone 6 s - last version of iOS from today (28 Apr 16) cannot find the exact version on my phone

    Pleaseeeeee help me connect to my VPN when I'm on my work wifi

    VPN can be difficult, maybe to consult Betternet. Also see this article for suggestions.

    iOS: setting up VPN - Apple Support

    FWIW here are some general recommendations for Wi - Fi problems, maybe one of them will help you.

    (1) perform a forced reboot: hold the Home and Sleep/Wake buttons simultaneously for about 15-20 seconds, until the Apple logo appears. Leave the device to reboot.

    (2) resetting the network settings: settings > general > reset > reset network settings. Join the network again.

    (3) reboot router/Modem: unplug power for 2 minutes and reconnect. Update the Firmware on the router (support Web site of the manufacturer for a new FW check). Also try different bands (2.4 GHz and 5 GHz) and different bandwidths (recommended for 2.4 to 20 MHz bandwidth).

    (4) change of Google DNS: settings > Wi - Fi > click the network, delete all the numbers under DNS and enter 8.8.8.8 or otherwise 8.8.4.4

    (5) disable the prioritization of device on the router if this feature is available.

    (6) determine if other wireless network devices work well (other iOS devices, Mac, PC).

    (7) try the device on another network, i.e., neighbors, the public coffee house, etc.

    (8) to restore the device (ask for more details if you wish).

    https://support.Apple.com/en-us/HT201252

    (9) go to the Apple Store for the evaluation of the material.

  • Problems with FVS336GV2 and AVAYA 9620L VPN

    Hello

    I have Avaya 9620 L is currently working and all the settings successfully with netgear FVS336gv3. My problem is, when the phone is turned off at the remote site in the afternoon and return the morning that he fails to connect via VPN. Just told IKE Phase 1 error. In my VPN log it says "cannot find the file configuration xx.xx.xx.xx. Now this configuration worked the previous day.

    When I go to the netgear and change "encryption algorithm" or 'Authentication algorithm' (no matter what) that the newspaper says that it does not. I have change it back to what it was before and how you know he is running like a charm. In the course of the day, no matter how many times the phone or the netgear feeding cycle, it always connects. Only when he is off all nite, the next day, the netgear let the phone not connect unless I have change a setting and than back to his original one. If I change a setting on the Avaya netgear and it works.

    Does anyone have any ideas as to why the netgear blocks VPN until I have change the setting?

    Hi Moussa,.

    The firmware 3.1.1 - 08 seems to be more stable than version 4.3.3 - 6 at least for my setup here. Last week I had no problems and it works every morning when powered. For now I'll stick to firmware V3.1.1-08.

  • RV042 to AG241V2 VPN static IP to dynamic IP to AG241V2 RV042

    Hello!

    I have correctly configured my VPN gateway Gateway inserting the real IP address on my AG241V2 so no problem, the VPN works.

    However, AG241V2 is not on a static IP address if I have implemented a dyndns account and can ping my domain name successfully to get the IP address revised each change. Implemented the RV042 and AG241V2 using the service seem to be a little more difficult.

    My RV042 is grateful properly the IP address through a DNS lookup bu I can't get an updated VPN in place. My journal RV420 VPN gives the following message.

    31 Mai 13:10: 17 2013 The VPN log Launch the main Mode
    31 Mai 13:10: 17 2013 The VPN log [Tunnel negotiation Info] > Send main initiator Mode 1 package
    31 Mai 13:10: 17 2013 The VPN log [Tunnel negotiation of Info]< initiator="" received="" main="" mode="" 2nd="" packet="">
    31 Mai 13:10: 17 2013 The VPN log [Tunnel negotiation Info] > initiator send Mode main 3rd package
    31 Mai 13:10: 17 2013 The VPN log [Tunnel negotiation of Info]< initiator="" received="" main="" mode="" 4th="" packet="">
    31 Mai 13:10: 17 2013 The VPN log [Tunnel negotiation Info] > main initiator Mode to send 5 packs
    31 Mai 13:10: 17 2013 The VPN log [Tunnel negotiation Info] > initiator receive hand Mode 6 Pack
    31 Mai 13:10: 17 2013 The VPN log Main mode peer ID is ID_IPV4_ADDR: '81.xxx.199.xx '.
    31 Mai 13:10: 17 2013 The VPN log We require the peer to have ID ' @?. dnsalias.com', but peer says "81.xxx.199.xx".
    31 Mai 13:10: 17 2013 The VPN log We require the peer to have ID ' @?. dnsalias.com', but peer says "81.xxx.199.xx".


    Please note that I oscured DNS name with? and part of the IP address.

    Can anyone help?

    Kind regards

    Malcolm

    These products are processed by the Cisco Small Business support community. (URL: https://supportforums.cisco.com/community/netpro/small-business )

  • QuickVPN - could not do a ping the remote VPN router!

    Hello

    I have a RV042 (VPN router) and I have some problems to run properly using the QuickVPN client.

    Here is the Log of the QuickVPN client.

    2008-10-15 20:14:38 [STATUS] a network interface detected with 192.168.0.104 IP address
    2008-10-15 20:14:38 [STATUS] connection...
    2008-10-15 20:14:38 [STATUS] connection to a remote gateway with IP address: 96.20.174.84
    2008-10-15 20:14:38 [WARNING] server certificate does not exist on your local computer.
    2008-10-15 20:14:44 remote gateway [STATE] has been reached with https...
    2008-10-15 20:14:44 [STATUS] commissioning...
    2008-10-15 20:14:51 [STATUS] Tunnel is connected successfully.
    2008-10-15 20:14:51 [STATUS] verification of network...
    2008-10-15 20:14:55 [WARNING] failed to do a ping the remote VPN router!
    2008-10-15 20:14:58 [WARNING] failed to do a ping the remote VPN router!
    2008-10-15 20:15:01 [WARNING] failed to do a ping the remote VPN router!
    2008-10-15 20:15:05 [WARNING] failed to do a ping the remote VPN router!
    2008-10-15 20:15:08 [WARNING] failed to do a ping the remote VPN router!
    2008-10-15 20:15:11 [WARNING] Ping has been blocked, which can be caused by an unexpected disconnection.
    2008-10-15 20:15:19 [STATUS] disconnection...
    2008-10-15 20:15:25 [STATUS] Tunnel is disconnected successfully.

    I don't know how it is implemented, but if WuickVPN wait a form ping my router, it will not happen. I was never able to ping my router ouside of my ISP network.

    There is a way to disable the Ping process and continue with the VPN connection?

    QuickVPN try ping on the router via the VPN tunnel to check the connection. It should work without worrying about whether your ISP filters ICMP messages or not. The tunnel is encrypted your ISP won't know what you're doing.

    Please post the corresponding on the RV042 VPN log. That is expected to see how far you get.

    You have a firewall running on the computer? I think that some firewalls have difficulty with the traffic of ESP.

    What is the router that is connected to the computer? How is it that is configured?

  • Attack detected in Journal of the VPN VPN?

    Hello

    I see the King of the messages in the VPN log:

    4 Mar 15:55:10 2010 VPN Log [Tunnel negotiation Info] > main initiator Mode to send 1 package

    4 Mar 15:55:10 2010 VPN Log [Tunnel negotiation Info] > main initiator Mode to send 1 package

    4 Mar 15:55:10 2010 VPN Log [Tunnel negotiation Info] > main initiator Mode to send 1 package

    4 Mar 15:55:10 2010 VPN Log [Tunnel negotiation Info] > main initiator Mode to send 1 package

    4 Mar 15:55:10 2010 VPN Log [Tunnel negotiation Info] > main initiator Mode to send 1 package

    4 Mar 15:55:10 2010 VPN Log [Tunnel negotiation Info] > main initiator Mode to send 1 package

    4 Mar 15:55:10 2010 VPN Log [Tunnel negotiation Info] > main initiator Mode to send 1 package

    4 Mar 15:55:10 2010 VPN Log [Tunnel negotiation Info] > main initiator Mode to send 1 package

    4 Mar 15:55:10 2010 VPN Log [Tunnel negotiation Info] > main initiator Mode to send 1 package

    4 Mar 15:55:10 2010 VPN Log [Tunnel negotiation Info] > main initiator Mode to send 1 package

    4 Mar 15:55:10 2010 VPN Log [Tunnel negotiation Info] > main initiator Mode to send 1 package

    These messages have flooded the page of the newspaper and have the same hour: minute: second

    Is this some kind of attack or back?

    I have a Linksys RV082, firmware 2.0.0.19 - tm

    Thank you very much

    Oliver

    Possible. Is the RV082 on the other side off as well?

  • RV042 VPN tunnel with Samsung Ubigate ibg2600 need help

    Hi all, ok before I completely remove all of my hair, I thought stop by here and ask the volume for you all with the hope that someone can track down the problem.

    In short I am configuring a 'Gateway to gateway' vpn tunnel between two sites, I don't have access to the config of the router from Samsung, but the ISPS making sure that they followed my setup - watching newspapers RV042, I don't however see the reason for the failure - im no expert vpn...

    Sorry if the log file turns on a bit, I didn't know where the beginning and the end was stupid I know... any advice would be greatly welcomed lol.

    System log
    Current time: Fri Sep 2 03:37:52 2009 all THE Log Log Log Log VPN Firewall Access system
     
    Time
    Type of event Message
    2 sep 03:36:01 2009 value of VPN Log [Tunnel negotiation Info] Inbound SPI = c3bdba08
    2 sep 03:36:01 2009 value of outbound SPI VPN Log [Tunnel negotiation Info] = c664c1ca
    2 sep 03:36:02 2009 VPN Log [Tunnel negotiation Info] > initiator send fast Mode 3rd package
    2 sep 03:36:02 2009 VPN Log [Tunnel negotiation Info] Quick Mode Phase 2 SA established, IPSec Tunnel connected
    2 sep 03:36:02 2009 VPN journal Dead Peer Detection start, DPD delay = timeout = 10 sec 10 sec timer
    2 sep 03:36:02 2009 VPN received log delete SA payload: ISAKMP State #627 removal
    2 sep 03:36:02 2009 VPN Log Main Mode initiator
    2 sep 03:36:02 2009 VPN Log [Tunnel negotiation Info] > Send main initiator Mode 1 package
    2 sep 03:36:02 2009 charge of VPN journal received Vendor ID Type = [Dead Peer Detection]
    2 sep 03:36:02 2009 VPN Log [Tunnel negotiation of Info]< initiator="" received="" main="" mode="" 2nd="" packet="">
    2 sep 03:36:02 2009 VPN Log [Tunnel negotiation Info] > initiator send Mode main 3rd package
    2 sep 03:36:03 2009 VPN Log [Tunnel negotiation of Info]< initiator="" received="" main="" mode="" 4th="" packet="">
    2 sep 03:36:03 2009 Log [Tunnel negotiation Info] VPN > main initiator Mode to send 5 packs
    2 sep 03:36:03 2009 Log [Tunnel negotiation Info] VPN > initiator receive hand Mode 6 Pack
    2 sep 03:36:03 2009 log VPN main mode peer ID is ID_IPV4_ADDR: '87.85.xxx.xxx '.
    2 sep 03:36:03 2009 Log [Tunnel negotiation Info] VPN Mode main Phase 1 SA established
    2 sep 03:36:03 2009 log VPN [Tunnel negotiation Info] initiator Cookies = c527 d584 595 c 2c3b
    2 sep 03:36:03 2009 log VPN [Tunnel negotiation Info] responder Cookies = b62c ca31 1a5f 673f
    2 sep 03:36:03 2009 log quick launch Mode PSK VPN + TUNNEL + PFS
    2 sep 03:36:03 2009 Log [Tunnel negotiation Info] VPN > initiator send fast Mode 1 package
    2 sep 03:36:04 2009 VPN Log [Tunnel negotiation of Info]< initiator="" received="" quick="" mode="" 2nd="" packet="">
    2 sep 03:36:04 2009 value of VPN Log [Tunnel negotiation Info] Inbound SPI = c3bdba09
    2 sep 03:36:04 2009 value of outbound SPI VPN Log [Tunnel negotiation Info] = e3da1469
    2 sep 03:36:04 2009 VPN Log [Tunnel negotiation Info] > initiator send fast Mode 3rd package
    2 sep 03:36:04 2009 VPN Log [Tunnel negotiation Info] Quick Mode Phase 2 SA established, IPSec Tunnel connected
    2 sep 03:36:04 2009 VPN journal Dead Peer Detection start, DPD delay = timeout = 10 sec 10 sec timer
    2 sep 03:36:05 2009 VPN received log delete SA payload: ISAKMP State #629 removal

    PFS - off on tada and linksys router does not support the samsung lol! connected!

  • VPN works, causes periodic freezes of BEFSX41

    I use a BEFSX41 as a firewall/router and site to site vpn.

    While the vpn tunnel is up the router seems to freeze every minute (sometimes after 45 seconds or 30 seconds.

    This is easily evindent when ping the router from another machine on the side of the intranet. While the average ping time is less than 1 milliseconds, every minute it will be 500 milliseconds or more. A ping to a machine on the remote side of the vpn is usually 80 milliseconds and every minute or so it goes up to 2 seoconds for a few pings.

    If I take the vpn to the bottom of the judgment of the problem (i.e. ping the router/firewall to the intranet side is consistently below 1 millisecond)

    I discovered that these freezes/delays coincides with information in the vpn log file, it looks like this:

    2008-12-04 12:46:01 IKE[1] Set up ESP tunnel with 206.xxx.xxx.xx Success !2008-12-04 12:46:012008-12-04 12:46:34 IKE[1] Rx << QM_I1 : 206.xxx.xxx.xx HASH, SA, NONCE, ID, ID2008-12-04 12:46:34 IKE[1] **Check your Local/Remote Secure Group settings !2008-12-04 12:47:012008-12-04 12:47:01 IKE[1] Tx >> MM_I1 : 206.xxx.xxx.xx Error !2008-12-04 12:47:02 IKE[1] Rx << MM_R1 : 206.xxx.xxx.xx SA, VID2008-12-04 12:47:02 IKE[1] ISAKMP SA CKI=[342ed619 c59fed01] CKR=[kkkk1954 ffff4e87]2008-12-04 12:47:02 IKE[1] ISAKMP SA 3DES / MD5 / PreShared / MODP_1024 / 3600 sec (*3600 sec)2008-12-04 12:47:02 IKE[1] Tx >> MM_I2 : 206.xxx.xxx.xx KE, NONCE2008-12-04 12:47:03 IKE[1] Rx << MM_R2 : 206.xxx.xxx.xx KE, NONCE2008-12-04 12:47:03 IKE[1] Tx >> MM_I3 : 206.xxx.xxx.xx ID, HASH2008-12-04 12:47:05 IKE[1] Rx << MM_R3 : 206.xxx.xxx.xx ID, HASH2008-12-04 12:47:05 IKE[1] Rx << QM_R1 : 206.xxx.xxx.xx HASH, SA, NONCE, ID, ID2008-12-04 12:47:05 IKE[1] Tx >> QM_I2 : 206.xxx.xxx.xx HASH2008-12-04 12:47:05 IKE[1] ESP_SA 3DES / MD5 / 3600 sec / SPI=[nnnn7daf:mmmm9ee9]2008-12-04 12:47:05 IKE[1] Set up ESP tunnel with 206.xxx.xxx.xx Success !2008-12-04 12:47:052008-12-04 12:47:32 IKE[1] Rx << QM_I1 : 206.xxx.xxx.xx HASH, SA, NONCE, ID, ID2008-12-04 12:47:32 IKE[1] **Check your Local/Remote Secure Group settings !2008-12-04 12:48:012008-12-04 12:48:01 IKE[1] Tx >> MM_I1 : 206.xxx.xxx.xx Error !2008-12-04 12:48:02 IKE[1] Rx << MM_R1 : 206.xxx.xxx.xx SA, VID2008-12-04 12:48:02 IKE[1] ISAKMP SA CKI=[60e98e30 f5831f66] CKR=[kkkk6675 ffff38d1]2008-12-04 12:48:02 IKE[1] ISAKMP SA 3DES / MD5 / PreShared / MODP_1024 / 3600 sec (*3600 sec)2008-12-04 12:48:02 IKE[1] Tx >> MM_I2 : 206.xxx.xxx.xx KE, NONCE2008-12-04 12:48:03 IKE[1] Rx << MM_R2 : 206.xxx.xxx.xx KE, NONCE2008-12-04 12:48:03 IKE[1] Tx >> MM_I3 : 206.xxx.xxx.xx ID, HASH2008-12-04 12:48:05 IKE[1] Rx << MM_R3 : 206.xxx.xxx.xx ID, HASH2008-12-04 12:48:05 IKE[1] Rx << QM_R1 : 206.xxx.xxx.xx HASH, SA, NONCE, ID, ID2008-12-04 12:48:05 IKE[1] Tx >> QM_I2 : 206.xxx.xxx.xx HASH2008-12-04 12:48:05 IKE[1] ESP_SA 3DES / MD5 / 3600 sec / SPI=[nnnn65e5:mmmm2ea9]2008-12-04 12:48:05 IKE[1] Set up ESP tunnel with 206.xxx.xxx.xx Success !2008-12-04 12:48:05

    The situation described above repeats adfinium

    To be clear, the vpn works (with the exception of periodic delays) throughout several days

    I think that my settings may not completely right, butI don't know how to interpret the log above

    Found.

    I had disabled PFS. I enabled PFS and the problem disappeared.

    http://en.Wikipedia.org/wiki/Perfect_forward_secrecy

    See sections 8-10 http://www.ietf.org/rfc/rfc2409.txt to see why

  • Cisco RV042 cannot create a simple VPN?

    Hello

    I'm confused because I'm trying to set up a simple VPN (client of the bridge), but I can't!

    A SSL VPN or an IPSEC VPN, whatever...

    The RV042 firmware is up-to-date, and I try QuickVPN as a customer vpn (also updated...)

    My configuration details:

    I'm at the: 192.168.2.14/24

    My RV042: 192.168.2.250/24

    And the VPN intend to connect to: 192.168.4.x

    I am currently in testing... that's why I use private IP...

    Customer gateway
    Add a new VPN group

    Tunnel ofgroup VPN
    Group No. 1
    Name of the tunnel: VPN TEST
    Interface: WAN1WAN2
    Activate:
    Configuration of local groups

    Type of local security group: Range IPSubnetIP
    IP address: 192.168.4.0
    Subnet mask: 255.255.255.0
    Remote Client installation

    Remote client: Domain Name (FQDN) Email address (USER FQDN) Client Microsoft VPN XP/2000
    Domain name: Microsoft.com
    IPSec configuration

    Input mode: IKE with preshared key
    Group of the phase 1 of DH: Group 1-768 bitGroup bitGroup 2-1024 bit 5-1536
    Encryption of the phase 1: DES3DESAES-128AES-192AES-256
    Authentication of the phase 1: MD5SHA1
    Phase 1 time in HIS life: 28800 seconds
    Perfect Forward Secrecy:
    Group of the phase 2 DH: Group 1-768 bitGroup bitGroup 2-1024 bit 5-1536
    Encryption of the phase 2: DES3DESAES-128AES-192AES-256
    Authentication of the phase 2: MD5SHA1
    Time for phase 2 of HIS life: 3600 seconds
    Pre-shared key: 123456

    so far, nothing fancy... Ok?

    So I create my username for the test:

    VPN Client Access
    User name:
    New password:
    Confirm the new password:
    Allow the change of password: YesNo.
    Active:
    DTSInfo-online Active

    The user is created and activated...

    For the test, I have disabled the firewall (router + windows 7).

    A dnow, when I lunch the QuickVPN client:

    Then, when I have lunch:

    > Connection...

    > Activation of policy...

    > Verification of network...

    > The remote gateway is not responding. You don't want to wait? [NO]

    > Disconecting from the server...

    This means that, after activation of the policy, I am connected on the router (user status: active). But when he check network... I am offline!

    There is the newspaper of the RV042:

    dec 18 12:57:50 2012 The VPN log description of the additional connection (qknips1)
    dec 18 12:57:50 2012 The VPN log listen to IKE messages
    dec 18 12:57:50 2012 The VPN log forget the secrets
    dec 18 12:57:50 2012 The VPN log loading of the secrets of ' / etc/ipsec.d/ipsec.secrets'
    18 12:57:57 dec 2012 The VPN log (qknips1): removal of connection

    If I'm signed for 7 seconds... Why?

    Can someone help me?

    When I try with the built-in Windows VPN client, newspapers are filled just more... ^ ^

    Help! hour

    Thanks (and sorry for my bad English ^ ^)

    Hello

    Please use our forum

    Hi Skip my name is Johnnatan and I'm part of the community of support to small businesses. I ve seen your post and I see you are using Windows 7 and that you disable your firewall to test your connection. A configuration of the computer and the router must be in order to solve your problem.

    Computer

    As you use Windows 7, you must enable the Windows Firewall and create 2 rules, also make sure that Ipsec communication is allowed, you can follow these steps:

    http://www6.nohold.NET/CiscoSB/Loginr.aspx?login=1&PID=2&app=search&VW=1&articleid=2922

    Router:

    Go firewall > basic settings and

    Disable: Block WAN request

    Enable: Remote Management

    Go to VPN > VPN Passthrough and make sure everything is activate.

    I hope that you will find this answer useful, if it was satisfactory to you, please indicate the question as answer. Please note post you consider useful.

    Greetings,

    Johnnatan Rodriguez Miranda.

    Support of Cisco network engineer.

  • Client VPN WRVS4400N

    I can not to reach the QuickVPN Client Gateway (WRVS4400N) and paste parts of the journal on this subject.

    Help please?

    ********************************************************Logs from The Client*************************************************************************************

    2013/02/28 11:33:03 [STATUS] OS Version: unknown

    2013/02/28 11:33:03 [STATUS] a network interface detected with the IP 10.100.51.53

    2013/02/28 11:33:03 [STATUS] connection...

    Address of the VPN entry Server 2013/02/28 11:33:03 [DEBUG] = 108.132.169.44

    2013/02/28 11:33:03 [STATUS] connection to a remote gateway with IP address: 108.132.169.44

    2013/02/28 11:33:14 remote gateway [WARNING] has not been achieved...

    2013/02/28 11:33:14 [WARNING] failed to connect.

    2013/02/28 11:33:14 [WARNING] server certificate does not exist on your local computer.

    2013/02/28 11:33:20 remote gateway [STATE] has been reached with https...

    2013/02/28 11:33:20 [STATUS] commissioning...

    2013/02/28 11:33:23 [STATUS] success of connect.

    2013/02/28 11:33:23 [STATUS] Tunnel is configured. Ping test will begin.

    2013/02/28 11:33:23 [STATUS] verification of network...

    2013/02/28 11:33:29 [WARNING] failed to do a remote VPN router ping!

    2013/02/28 11:33:32 [WARNING] failed to do a remote VPN router ping!

    2013/02/28 11:33:35 [WARNING] failed to do a remote VPN router ping!

    2013/02/28 11:33:38 [WARNING] failed to do a remote VPN router ping!

    2013/02/28 11:33:41 [WARNING] failed to do a remote VPN router ping!

    2013/02/28 11:33:54 [WARNING] Ping has been blocked, which can be caused by an unexpected disconnection.

    2013/02/28 11:33:56 [STATUS] disconnection...

    2013/02/28 11:34:02 [STATUS] success of disconnect.

    *******************************************************Logs from the WRVS4400N******************************************************************************

    28 FEV 10:55: 22 - [VPN Log]: added the description of the connection "test_rw_rw".

    28 FEV 10:55: 22 - [VPN Log]: listen to IKE messages

    28 FEV 10:55: 22 - [VPN Log]: forget the secrets

    28 FEV 10:55: 22 - [VPN Log]: loading of secrets "/ etc/ipsec.secrets '.

    28 FEV 10:56 - [VPN Log]: 'test_rw_rw': removal of connection

    Thank you

    Orlando

    Hi, orlando, please use our forum, my name is Johnnatan and I'm part of the community of support to small businesses. When you configure a remote VPN connection, there are certain steps that are lost on the way, I created a document for the ths kind of questions, you can see here, if you have any questions, please let me know and I´ll help you. I hope you find this answer useful,

    "* Please mark the issue as response or write it down so others can benefit from.

    Greetings,

    Johnnatan Rodriguez Miranda.

    Support of Cisco network engineer.

  • RV042 VPN site to Site

    Hello please could someone help me regarding my PROBLEM with VPN site-to-site.

    I have installation of gateway to gateway unfortunetly I don't have any static IP address, so I have 2 accounts of DynDNS.org on two installation Sites. The two RV042 connect to another router/Modem.

    I put the two as router in router Mode and not as a gateway.  The VPN status remains tab just to "waiting for connection" I can see the dynamic IP address to connect remotely on the main site and distance from each other.  I can ping so two dyndns names.  But unable to connect...

    The VPN log shows the following.

    ERROR: error report asynchronous network on eth1 to message to the port of 105.237.1.xx 500, complainant 192.168.137.153: no route to the host [errno 148, original ICMP type 3 code 1 (unauthenticated)]

    What is the main site and 192.168.138.0 the remote site, the main site has a subnet of 192.168.137.0

    Please could someone help me or point me in the right direction? Thanks in advance.

    Hi Stephen, it may be a few problems. The first is maybe that you said that you have a modem/router device, this means that it is for the RV042 nating.  If that's the case then the modems/routers upstream need port forwarding to go to the RV042. ICMP type 3 is a destination unreachable error. That means subnet remote th could not be reached by the applicant rv042. This can withdraw your NAT problem with modems/routers.

    So, first thing I would do is port before all the RV042 services to make sure that the firewall on the modems/routers aren't pipe upward works.

    -Tom
    Please mark replied messages useful

Maybe you are looking for

  • How can I prevent the Thunderbird sending spam emails?

    I work as a consultant and use Thunderbird as my email of the company. Last month, emails from one of my customers were going to spam. I added their addresses in my address book. In the menu setting junk, "does not automatically mark messages as junk

  • M40 - get a blue screen message

    Hello My laptop Toshiba M40 is hung up on a screen outside Sony SDM-HX93. And I regularly get blue screens of death :-/ He always mentions the ATI driver as the source of the problem. My ATI driver is the 6.14.10.6525 (I got it on the Toshiba site).

  • I can't get into xp. a blue screen appears with the 0x0000007e error code

    I went to a blue screen.  Can I make the Windows/sysrem22/hal.dll file is missing or damaged.  I made a copy of the file on a CD from another computer, but I don't know how to load it on my desktop computer.  It doesn't work in either safe mode.  I h

  • Web site accessibility issue

    can not access google. shows expired or internet connectivity error.  can directly access all other websites.

  • problems with two stray files - automatic and custom

    Hello I've been tinkering with and deleting files that I should go far, and one of the effects is that I have now two folders (containing the MS files with encrypted file names) are no longer in their home for good. I put the someplace temporary wher