|
|||
|
Probleme VPN mit NCP
Hallo liebes Intranator Team
leider bekomme ich mit dem NCP client keine Verbindung zustande. Sieht irgendwie aus als würde mit den Zertifikaten etwas nicht stimmen?! Für den Fall wäre es schön zu erfahren was genau nicht stimmt. Ich komme leider nicht dahinter. Unter XP war die Welt noch in ordnung (= Schönes Wochenende client: 31.10.2008 14:37:31 IPSDIALCHAN::start building connection 31.10.2008 14:37:35 IPSDIALCHAN::start building connection 31.10.2008 14:37:35 NCPIKE-phase1:name(*****) - outgoing connect request - main mode. 31.10.2008 14:37:35 XMIT_MSG1_MAIN - ***** 31.10.2008 14:37:35 RECV_MSG2_MAIN - ***** 31.10.2008 14:37:35 IPSDIAL->FINAL_TUNNEL_ENDPOINT:***.***.***.*** 31.10.2008 14:37:35 IKE phase I: Setting LifeTime to 28800 seconds 31.10.2008 14:37:35 ***** ->Support for NAT-T version - 9 31.10.2008 14:37:35 XMIT_MSG3_MAIN - ***** 31.10.2008 14:37:36 RECV_MSG4_MAIN - ***** 31.10.2008 14:37:36 XMIT_MSG5_MAIN - ***** 31.10.2008 14:37:36 XMIT_MSG5_MAIN_RESUME - ***** 31.10.2008 14:37:36 RECV_MSG6_MAIN - ***** 31.10.2008 14:37:36 RECV_MSG6_MAIN_RESUME - ***** 31.10.2008 14:37:36 Turning on DPD mode - ***** 31.10.2008 14:37:36 NCPIKE-phase1:name(*****) - connected 31.10.2008 14:37:36 Phase1 is Ready: IkeIndex = 00000006 31.10.2008 14:37:36 Quick Mode is Ready: IkeIndex = 00000006 , VpnSrcPort = 500 31.10.2008 14:37:36 Assigned IP Address: 192.168.168.1 31.10.2008 14:37:36 XMIT_MSG1_QUICK - ***** 31.10.2008 14:37:37 NOTIFY : ***** : RECEIVED : INVALID_ID_INFORMATION : 18 31.10.2008 14:37:41 NOTIFY : ***** : RECEIVED : INVALID_MESSAGE_ID : 9 31.10.2008 14:37:44 NOTIFY : ***** : RECEIVED : INVALID_MESSAGE_ID : 9 31.10.2008 14:37:47 NOTIFY : ***** : RECEIVED : INVALID_MESSAGE_ID : 9 31.10.2008 14:37:50 NCPIKE-phase2:name(*****) - error - retry timeout - max retries 31.10.2008 14:37:50 IPSDIAL - disconnected from ***** on channel 1. intranator: Oct 31 14:35:41 intranator pluto[2226]: packet from 89.50.82.112:500: ignoring Vendor ID payload [da8e937880010000] Oct 31 14:35:41 intranator pluto[2226]: packet from 89.50.82.112:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] Oct 31 14:35:41 intranator pluto[2226]: packet from 89.50.82.112:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] Oct 31 14:35:41 intranator pluto[2226]: packet from 89.50.82.112:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00] Oct 31 14:35:41 intranator pluto[2226]: packet from 89.50.82.112:500: received Vendor ID payload [RFC 3947] Oct 31 14:35:41 intranator pluto[2226]: packet from 89.50.82.112:500: received Vendor ID payload [Dead Peer Detection] Oct 31 14:35:41 intranator pluto[2226]: packet from 89.50.82.112:500: ignoring Vendor ID payload [NCP Client] Oct 31 14:35:41 intranator pluto[2226]: packet from 89.50.82.112:500: ignoring Vendor ID payload [c61baca1f1a60cc10800000000000000] Oct 31 14:35:41 intranator pluto[2226]: packet from 89.50.82.112:500: ignoring Vendor ID payload [FRAGMENTATION c0000000] Oct 31 14:35:41 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: responding to Main Mode from unknown peer 89.50.82.112 Oct 31 14:35:41 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: NAT-Traversal: Result using RFC 3947: no NAT detected Oct 31 14:35:42 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: ignoring informational payload, type IPSEC_INITIAL_CONTACT Oct 31 14:35:42 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: Peer ID is ID_DER_ASN1_DN: 'C=de, O=*****, CN=euloc' Oct 31 14:35:42 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: issuer cacert not found Oct 31 14:35:42 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: X.509 certificate rejected Oct 31 14:35:42 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: we have a cert and are sending it Oct 31 14:35:42 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: sent MR3, ISAKMP SA established Oct 31 14:35:42 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: cannot respond to IPsec SA request because no connection is known for 0.0.0.0/0===**.***.**.***[C=de, O=*****, CN=eu]...89.50.82.112[C=de, O=eutect, CN=euloc]===192.168.168.1/32 Oct 31 14:35:42 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: sending encrypted notification INVALID_ID_INFORMATION to 89.50.82.112:500 Oct 31 14:35:47 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xe5fb2de5 (perhaps this is a duplicated packet) Oct 31 14:35:47 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: sending encrypted notification INVALID_MESSAGE_ID to 89.50.82.112:500 Oct 31 14:35:50 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xe5fb2de5 (perhaps this is a duplicated packet) Oct 31 14:35:50 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: sending encrypted notification INVALID_MESSAGE_ID to 89.50.82.112:500 Oct 31 14:35:53 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xe5fb2de5 (perhaps this is a duplicated packet) Oct 31 14:35:53 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: sending encrypted notification INVALID_MESSAGE_ID to 89.50.82.112:500 Oct 31 14:35:56 intranator pluto[2226]: "C17"[6] 89.50.82.112 #7: received Delete SA payload: deleting ISAKMP State #7 Oct 31 14:35:56 intranator pluto[2226]: "C17"[6] 89.50.82.112: deleting connection "C17" instance with peer 89.50.82.112 {isakmp=#0/ipsec=#0} |
|
|||
|
Hallo,
In dieser Meldung sehen Sie die Ursache für das Problem am besten: Zitat:
Herzliche Grüße, v. Egidy |
![]() |
| Themen-Optionen | |
| Ansicht | Thema bewerten |
|
|