[Ayuda] vpn [OT]
mtzcesar en queretaro.podernet.com.mx
mtzcesar en queretaro.podernet.com.mx
Lun Jun 6 11:33:59 CDT 2005
Buen dia, alguien ha trabajado con equipos Cisco Systems, Inc./VPN 3000 Concentrator Version 4.0.4.A
y equipos smc? la razon es que necesito hacer una vpn Lan to Lan mediate ipsec y obtengo este error del aldo del vpn
concentrator
31214 06/01/2005 19:05:22.120 SEV=8 IKEDECODE/0 RPT=28389 12.34.56.78
ISAKMP HEADER : ( Version 1.0 )
Initiator Cookie(8): 98 59 6D 72 DC FE B0 B7
Responder Cookie(8): C2 FD 1D 75 83 06 AA A1
Next Payload : SA (1)
Exchange Type : Oakley Main Mode
Flags : 0
Message ID : 0
Length : 84
31220 06/01/2005 19:05:22.120 SEV=8 IKEDBG/0 RPT=41554 12.34.56.78
RECEIVED Message (msgid=0) with payloads :
HDR + SA (1) + NONE (0)
total length : 84
31222 06/01/2005 19:05:22.120 SEV=8 IKEDBG/0 RPT=41555 12.34.56.78
RECEIVED Message (msgid=0) with payloads :
HDR + SA (1) + NONE (0)
total length : 84
31224 06/01/2005 19:05:22.120 SEV=9 IKEDBG/0 RPT=41556 12.34.56.78
processing SA payload
31225 06/01/2005 19:05:22.120 SEV=8 IKEDECODE/0 RPT=28390 12.34.56.78
SA Payload Decode :
DOI : IPSEC (1)
Situation : Identity Only (1)
Length : 56
31228 06/01/2005 19:05:22.120 SEV=8 IKEDECODE/0 RPT=28391 12.34.56.78
Proposal Decode:
Proposal # : 1
Protocol ID : ISAKMP (1)
#of Transforms: 1
Length : 44
31231 06/01/2005 19:05:22.120 SEV=8 IKEDECODE/0 RPT=28392 12.34.56.78
Transform # 1 Decode for Proposal # 1:
Transform # : 1
Transform ID : IKE (1)
Length : 36
31233 06/01/2005 19:05:22.120 SEV=8 IKEDECODE/0 RPT=28393 12.34.56.78
Phase 1 SA Attribute Decode for Transform # 1:
Encryption Alg: Triple-DES (5)
Hash Alg : SHA (2)
Auth Method : Preshared Key (1)
DH Group : Oakley Group 2 (2)
Life Time : 86400 seconds
31238 06/01/2005 19:05:22.120 SEV=12 IKEDECODE/0 RPT=28394
IKE Decode of received SA attributes follows:
0000: 80010005 80020002 80030001 80040002 ................
0010: 800B0001 000C0004 00015180 ..........Q.
31241 06/01/2005 19:05:22.120 SEV=7 IKEDBG/0 RPT=41557 12.34.56.78
Oakley proposal is acceptable
31242 06/01/2005 19:05:22.230 SEV=9 IKEDBG/0 RPT=41558 12.34.56.78
constructing ke payload
31243 06/01/2005 19:05:22.230 SEV=9 IKEDBG/1 RPT=8263 12.34.56.78
constructing nonce payload
31244 06/01/2005 19:05:22.230 SEV=9 IKEDBG/46 RPT=12648 12.34.56.78
constructing Cisco Unity VID payload
31245 06/01/2005 19:05:22.230 SEV=9 IKEDBG/46 RPT=12649 12.34.56.78
constructing xauth V6 VID payload
31246 06/01/2005 19:05:22.230 SEV=9 IKEDBG/48 RPT=2265 12.34.56.78
Send IOS VID
31247 06/01/2005 19:05:22.230 SEV=9 IKEDBG/38 RPT=1153 12.34.56.78
Constructing VPN 3000 spoofing IOS Vendor ID payload (version: 1.0.0, capabiliti
es: 20000409)
31249 06/01/2005 19:05:22.230 SEV=9 IKEDBG/46 RPT=12650 12.34.56.78
constructing VID payload
31250 06/01/2005 19:05:22.230 SEV=9 IKEDBG/48 RPT=2266 12.34.56.78
Send Altiga GW VID
31251 06/01/2005 19:05:22.230 SEV=8 IKEDBG/0 RPT=41559 12.34.56.78
SENDING Message (msgid=0) with payloads :
HDR + KE (4) + NONCE (10)
total length : 256
31253 06/01/2005 19:05:22.240 SEV=8 IKEDECODE/0 RPT=28395 12.34.56.78
ISAKMP HEADER : ( Version 1.0 )
Initiator Cookie(8): 98 59 6D 72 DC FE B0 B7
Responder Cookie(8): C2 FD 1D 75 83 06 AA A1
Next Payload : KE (4)
Exchange Type : Oakley Main Mode
Flags : 0
Message ID : 0
Length : 184
31259 06/01/2005 19:05:22.240 SEV=8 IKEDBG/0 RPT=41560 12.34.56.78
RECEIVED Message (msgid=0) with payloads :
HDR + KE (4) + NONCE (10) + NONE (0)
total length : 184
31261 06/01/2005 19:05:22.240 SEV=8 IKEDBG/0 RPT=41561 12.34.56.78
RECEIVED Message (msgid=0) with payloads :
HDR + KE (4) + NONCE (10) + NONE (0)
total length : 184
31263 06/01/2005 19:05:22.240 SEV=9 IKEDBG/0 RPT=41562 12.34.56.78
processing ke payload
31264 06/01/2005 19:05:22.240 SEV=9 IKEDBG/0 RPT=41563 12.34.56.78
processing ISA_KE
31265 06/01/2005 19:05:22.240 SEV=9 IKEDBG/1 RPT=8264 12.34.56.78
processing nonce payload
31266 06/01/2005 19:05:22.340 SEV=9 IKEDBG/0 RPT=41564 12.34.56.78
Generating keys for Initiator...
31267 06/01/2005 19:05:22.360 SEV=9 IKEDBG/1 RPT=8265 12.34.56.78
Group [L2L: Smc]
constructing ID
31268 06/01/2005 19:05:22.360 SEV=9 IKEDBG/0 RPT=41565
Group [L2L: Smc]
construct hash payload
31269 06/01/2005 19:05:22.360 SEV=9 IKEDBG/0 RPT=41566 12.34.56.78
Group [L2L: Smc]
computing hash
31270 06/01/2005 19:05:22.370 SEV=9 IKEDBG/46 RPT=12651 12.34.56.78
Group [L2L: Smc]
constructing dpd vid payload
31271 06/01/2005 19:05:22.370 SEV=8 IKEDBG/0 RPT=41567 12.34.56.78
SENDING Message (msgid=0) with payloads :
HDR + ID (5) + HASH (8)
total length : 84
31273 06/01/2005 19:05:22.450 SEV=8 IKEDECODE/0 RPT=28396 12.34.56.78
ISAKMP HEADER : ( Version 1.0 )
Initiator Cookie(8): 98 59 6D 72 DC FE B0 B7
Responder Cookie(8): C2 FD 1D 75 83 06 AA A1
Next Payload : ID (5)
Exchange Type : Oakley Main Mode
Flags : 1 (ENCRYPT )
Message ID : 0
Length : 68
31279 06/01/2005 19:05:22.460 SEV=8 IKEDBG/0 RPT=41568 12.34.56.78
RECEIVED Message (msgid=0) with payloads :
HDR + ID (5) + HASH (8) + NONE (0)
total length : 64
31281 06/01/2005 19:05:22.460 SEV=9 IKEDBG/1 RPT=8266 12.34.56.78
Group [L2L: Smc]
Processing ID
31282 06/01/2005 19:05:22.460 SEV=12 IKEDECODE/11 RPT=1372
ID_IPV4_ADDR ID received
12.34.56.78
31283 06/01/2005 19:05:22.460 SEV=9 IKEDBG/0 RPT=41569 12.34.56.78
Group [L2L: Smc]
processing hash
31284 06/01/2005 19:05:22.460 SEV=9 IKEDBG/0 RPT=41570 12.34.56.78
Group [L2L: Smc]
computing hash
31285 06/01/2005 19:05:22.460 SEV=9 IKEDBG/23 RPT=1142 12.34.56.78
Group [L2L: Smc]
Starting group lookup for peer 12.34.56.78
31286 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/1 RPT=1302
AUTH_Open() returns 277
31287 06/01/2005 19:05:22.460 SEV=7 AUTH/12 RPT=1302
Authentication session opened: handle = 277
31288 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/3 RPT=1467
AUTH_PutAttrTable(277, 9b150c)
31289 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/6 RPT=1130
AUTH_GroupAuthenticate(277, 1c18b7c, 605a14)
31290 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/59 RPT=1469
AUTH_BindServer(1f00018, 0, 0)
31291 06/01/2005 19:05:22.460 SEV=9 AUTHDBG/69 RPT=1467
Auth Server eaf92c has been bound to ACB 1f00018, sessions = 1
31292 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/65 RPT=1467
AUTH_CreateTimer(1f00018, 0, 0)
31293 06/01/2005 19:05:22.460 SEV=9 AUTHDBG/72 RPT=1467
Reply timer created: handle = 3B050018
31294 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/179 RPT=1467
AUTH_SyncToServer(1f00018, 0, 0)
31295 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/180 RPT=1467
AUTH_SendLockReq(1f00018, 0, 0)
31296 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/61 RPT=1467
AUTH_BuildMsg(1f00018, 0, 0)
31297 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/64 RPT=1472
AUTH_StartTimer(1f00018, 0, 0)
31298 06/01/2005 19:05:22.460 SEV=9 AUTHDBG/73 RPT=1472
Reply timer started: handle = 3B050018, timestamp = 26554897, timeout = 30000
31299 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/62 RPT=1472
AUTH_SndRequest(1f00018, 0, 0)
31300 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/50 RPT=2601
IntDB_Decode(1c5dff8, 194)
31301 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/47 RPT=1301
IntDB_Xmt(1f00018)
31302 06/01/2005 19:05:22.460 SEV=9 AUTHDBG/71 RPT=1472
xmit_cnt = 1
31303 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/182 RPT=1301
IntDB_ServiceRequest(1f00018)
31304 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/49 RPT=1301
IntDB_Match(1f00018, c6b2e4)
31305 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/63 RPT=1465
AUTH_RcvReply(1f00018, 0, 0)
31306 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/50 RPT=2602
IntDB_Decode(c6b2e4, 22223)
31307 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/48 RPT=1301
IntDB_Rcv(1f00018)
31308 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/66 RPT=1466
AUTH_DeleteTimer(1f00018, 0, 0)
31309 06/01/2005 19:05:22.560 SEV=9 AUTHDBG/74 RPT=1466
Reply timer stopped: handle = 3B050018, timestamp = 26554907
31310 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/58 RPT=1468
AUTH_Callback(1f00018, 0, 0)
31311 06/01/2005 19:05:22.560 SEV=6 AUTH/41 RPT=1240 12.34.56.78
Authentication successful: handle = 277, server = Internal, group = L2L: Smc
31312 06/01/2005 19:05:22.560 SEV=7 IKEDBG/0 RPT=41571 12.34.56.78
Group [L2L: Smc]
Found Phase 1 Group (L2L: Smc)
31313 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/4 RPT=1246
AUTH_GetAttrTable(277, 1002ee4)
31314 06/01/2005 19:05:22.560 SEV=7 IKEDBG/14 RPT=833 12.34.56.78
Group [L2L: Smc]
Authentication configured for Internal
31315 06/01/2005 19:05:22.560 SEV=9 IKEDBG/19 RPT=3261 12.34.56.78
Group [L2L: Smc]
IKEGetUserAttributes: primary DNS = 192.168.0.4
31316 06/01/2005 19:05:22.560 SEV=9 IKEDBG/19 RPT=3262 12.34.56.78
Group [L2L: Smc]
IKEGetUserAttributes: secondary DNS = 200.33.150.193
31317 06/01/2005 19:05:22.560 SEV=9 IKEDBG/19 RPT=3263 12.34.56.78
Group [L2L: Smc]
IKEGetUserAttributes: IP Compression = disabled
31318 06/01/2005 19:05:22.560 SEV=7 IKEDBG/73 RPT=937 12.34.56.78
Group [L2L: Smc]
Authorization configured for RADIUS, Authorization not required
31319 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/2 RPT=1301
AUTH_Close(277)
31320 06/01/2005 19:05:22.560 SEV=9 IKEDBG/0 RPT=41572 12.34.56.78
Group [L2L: Smc]
Oakley begin quick mode
31321 06/01/2005 19:05:22.560 SEV=12 IKEDECODE/2 RPT=1047
IKE Initiator starting QM: msg id = 8a5d20c8
31322 06/01/2005 19:05:22.560 SEV=4 IKE/119 RPT=1084 12.34.56.78
Group [L2L: Smc]
PHASE 1 COMPLETED
31323 06/01/2005 19:05:22.560 SEV=6 IKE/121 RPT=1084 12.34.56.78
Keep-alive type for this connection: None
31324 06/01/2005 19:05:22.560 SEV=7 IKEDBG/0 RPT=41573 12.34.56.78
Group [L2L: Smc]
Starting phase 1 rekey timer: 64800000 (ms)
31325 06/01/2005 19:05:22.560 SEV=4 AUTH/22 RPT=1084
User [L2L: Smc] Group [L2L: Smc] connected, Session Type: IPSec/LAN-to-LAN
31326 06/01/2005 19:05:22.570 SEV=4 AUTH/84 RPT=1029
LAN-to-LAN tunnel to headend device 12.34.56.78 connected
31327 06/01/2005 19:05:22.570 SEV=9 IPSECDBG/6 RPT=2566
IPSEC key message parse - msgtype 6, len 208, vers 1, pid 00000000, seq 1141, er
r 0, type 2, mode 0, state 32, label 0, pad 0, spi 00000000, encrKeyLen 0, hashK
eyLen 0, ivlen 0, alg 0, hmacAlg 0, lifetype 0, lifetime1 635968, lifetime2 0, d
sId 300
31331 06/01/2005 19:05:22.570 SEV=9 IPSECDBG/1 RPT=5017
Processing KEY_GETSPI msg!
31332 06/01/2005 19:05:22.570 SEV=7 IPSECDBG/13 RPT=1141
Reserved SPI 1557717501
31333 06/01/2005 19:05:22.570 SEV=8 IKEDBG/6 RPT=1141
IKE got SPI from key engine: SPI = 0x5cd8e1fd
31334 06/01/2005 19:05:22.570 SEV=9 IKEDBG/0 RPT=41574 12.34.56.78
Group [L2L: Smc]
oakley constucting quick mode
31335 06/01/2005 19:05:22.570 SEV=9 IKEDBG/0 RPT=41575 12.34.56.78
Group [L2L: Smc]
constructing blank hash
31336 06/01/2005 19:05:22.570 SEV=9 IKEDBG/0 RPT=41576 12.34.56.78
Group [L2L: Smc]
constructing ISA_SA for ipsec
31337 06/01/2005 19:05:22.570 SEV=9 IKEDBG/1 RPT=8267 12.34.56.78
Group [L2L: Smc]
constructing ipsec nonce payload
31338 06/01/2005 19:05:22.570 SEV=9 IKEDBG/1 RPT=8268 12.34.56.78
Group [L2L: Smc]
constructing proxy ID
31339 06/01/2005 19:05:22.570 SEV=7 IKEDBG/0 RPT=41577 12.34.56.78
Group [L2L: Smc]
Transmitting Proxy Id:
Local host: 192.168.0.190 Protocol 0 Port 0
Remote host: 12.34.56.78 Protocol 0 Port 0
31343 06/01/2005 19:05:22.570 SEV=12 IKEDECODE/7 RPT=1029
IKE Initiator sending Initial Contact
31344 06/01/2005 19:05:22.570 SEV=9 IKEDBG/0 RPT=41578 12.34.56.78
Group [L2L: Smc]
constructing qm hash
31345 06/01/2005 19:05:22.570 SEV=12 IKEDECODE/4 RPT=1047
IKE Initiator sending 1st QM pkt: msg id = 8a5d20c8
31346 06/01/2005 19:05:22.570 SEV=8 IKEDBG/0 RPT=41579 12.34.56.78
SENDING Message (msgid=8a5d20c8) with payloads :
HDR + HASH (8) + SA (1)
total length : 176
31348 06/01/2005 19:05:22.580 SEV=8 AUTHDBG/60 RPT=1466
AUTH_UnbindServer(1f00018, 0, 0)
31349 06/01/2005 19:05:22.580 SEV=9 AUTHDBG/70 RPT=1466
Auth Server eaf92c has been unbound from ACB 1f00018, sessions = 0
31350 06/01/2005 19:05:22.580 SEV=8 AUTHDBG/10 RPT=1300
AUTH_Int_FreeAuthCB(1f00018)
31351 06/01/2005 19:05:22.580 SEV=7 AUTH/13 RPT=1300
Authentication session closed: handle = 277
31352 06/01/2005 19:05:25.540 SEV=4 EVENT/39 RPT=1915
Event Manager erased file(s) LOG34591.TXT when saving file: log35028.txt
31353 06/01/2005 19:05:54.580 SEV=4 IKEDBG/0 RPT=41580
QM FSM error (P2 struct &0x1d85348, mess id 0x8a5d20c8)!
31354 06/01/2005 19:05:54.580 SEV=7 IKEDBG/65 RPT=7816 12.34.56.78
Group [L2L: Smc]
IKE QM Initiator FSM error history (struct &0x1d85348)
<state>, <event>:
QM_DONE, EV_ERROR
QM_WAIT_MSG2, EV_TIMEOUT
QM_WAIT_MSG2, NullEvent
QM_SND_MSG1, EV_SND_MSG
31359 06/01/2005 19:05:54.580 SEV=9 IKEDBG/0 RPT=41581
sending delete/delete with reason message
31360 06/01/2005 19:05:54.580 SEV=9 IKEDBG/0 RPT=41582 12.34.56.78
Group [L2L: Smc]
constructing blank hash
31361 06/01/2005 19:05:54.580 SEV=9 IKEDBG/0 RPT=41583
constructing IPSec delete payload
31362 06/01/2005 19:05:54.580 SEV=9 IKEDBG/0 RPT=41584 12.34.56.78
Group [L2L: Smc]
constructing qm hash
31363 06/01/2005 19:05:54.580 SEV=8 IKEDBG/0 RPT=41585 12.34.56.78
SENDING Message (msgid=d5109d68) with payloads :
HDR + HASH (8) + DELETE (12)
total length : 68
31365 06/01/2005 19:05:54.580 SEV=7 IKEDBG/9 RPT=1141 12.34.56.78
Group [L2L: Smc]
IKE Deleting SA: Remote Proxy 12.34.56.78, Local Proxy 192.168.0.190
31367 06/01/2005 19:05:54.580 SEV=6 IKE/0 RPT=1810 12.34.56.78
Group [L2L: Smc]
Removing peer from correlator table failed, no match!
31368 06/01/2005 19:05:54.590 SEV=9 IKEDBG/0 RPT=41586 12.34.56.78
Group [L2L: Smc]
IKE SA MM:98596d72 rcv'd Terminate: state MM_ACTIVE
flags 0x00000062, refcnt 1, tuncnt 0
31371 06/01/2005 19:05:54.590 SEV=9 IKEDBG/0 RPT=41587 12.34.56.78
Group [L2L: Smc]
IKE SA MM:98596d72 terminating:
flags 0x01000022, refcnt 0, tuncnt 0
31373 06/01/2005 19:05:54.590 SEV=9 IKEDBG/0 RPT=41588
sending delete/delete with reason message
31374 06/01/2005 19:05:54.590 SEV=9 IKEDBG/0 RPT=41589 12.34.56.78
Group [L2L: Smc]
constructing blank hash
alguna idea o comentario ? de antemano gracias
_______________________________________________
Ayuda mailing list
Ayuda en linux.org.mx
Para salir de la lista: http://mail.linux.org.mx/cgi-bin/mailman/listinfo/ayuda/
Más información sobre la lista de distribución Ayuda