[Ayuda] vpn [OT]

Jose Luis Ayala mvp_user en yahoo.com
Mar Jun 7 02:46:01 CDT 2005 


--- mtzcesar en queretaro.podernet.com.mx wrote:

> Buen dia, alguien ha trabajado con equipos Cisco
> Systems, Inc./VPN 3000 Concentrator Version 4.0.4.A
> y equipos smc?  la razon es que necesito hacer una
> vpn Lan to Lan mediate ipsec  y obtengo este error
> del aldo del vpn
> concentrator

que carrier estas usando? los smc son dsl modems o
routers o que diablos?

 
> 31315 06/01/2005 19:05:22.560 SEV=9 IKEDBG/19
> RPT=3261 12.34.56.78 
> Group [L2L: Smc]
> IKEGetUserAttributes: primary DNS = 192.168.0.4
> 
> 31316 06/01/2005 19:05:22.560 SEV=9 IKEDBG/19
> RPT=3262 12.34.56.78 
> Group [L2L: Smc]
> IKEGetUserAttributes: secondary DNS = 200.33.150.193

puedes pingear bien a estos dos dns desde cada
ubicacion?

> 
> 31317 06/01/2005 19:05:22.560 SEV=9 IKEDBG/19
> RPT=3263 12.34.56.78 
> Group [L2L: Smc]
> IKEGetUserAttributes: IP Compression = disabled
> 
> 31318 06/01/2005 19:05:22.560 SEV=7 IKEDBG/73
> RPT=937 12.34.56.78 
> Group [L2L: Smc]
> Authorization configured for RADIUS, Authorization
> not required
> 
> 31319 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/2
> RPT=1301 
> AUTH_Close(277)
> 
> 31320 06/01/2005 19:05:22.560 SEV=9 IKEDBG/0
> RPT=41572 12.34.56.78 
> Group [L2L: Smc]
> Oakley begin quick mode
> 
> 31321 06/01/2005 19:05:22.560 SEV=12 IKEDECODE/2
> RPT=1047 
> IKE Initiator starting QM: msg id = 8a5d20c8
> 
> 31322 06/01/2005 19:05:22.560 SEV=4 IKE/119 RPT=1084
> 12.34.56.78 
> Group [L2L: Smc]
> PHASE 1 COMPLETED
> 
> 31323 06/01/2005 19:05:22.560 SEV=6 IKE/121 RPT=1084
> 12.34.56.78 
> Keep-alive type for this connection: None
> 
> 31324 06/01/2005 19:05:22.560 SEV=7 IKEDBG/0
> RPT=41573 12.34.56.78 
> Group [L2L: Smc]
> Starting phase 1 rekey timer: 64800000 (ms)
> 
> 31325 06/01/2005 19:05:22.560 SEV=4 AUTH/22 RPT=1084
> 
> User [L2L: Smc] Group [L2L: Smc] connected, Session
> Type: IPSec/LAN-to-LAN

aqui todavia va bien

> 
> 31326 06/01/2005 19:05:22.570 SEV=4 AUTH/84 RPT=1029
> 
> LAN-to-LAN tunnel to headend device 12.34.56.78
> connected
> 
> 31338 06/01/2005 19:05:22.570 SEV=9 IKEDBG/1
> RPT=8268 12.34.56.78 
> Group [L2L: Smc]
> constructing proxy ID
> 
> 31339 06/01/2005 19:05:22.570 SEV=7 IKEDBG/0
> RPT=41577 12.34.56.78 
> Group [L2L: Smc]
> Transmitting Proxy Id:
>   Local host:  192.168.0.190  Protocol 0  Port 0
>   Remote host: 12.34.56.78  Protocol 0  Port 0

ok, tienes algun gateway definido para enlazar estas
dos redes que te marca aqui?

> 
> 31343 06/01/2005 19:05:22.570 SEV=12 IKEDECODE/7
> RPT=1029 
> IKE Initiator sending Initial Contact
> 
> 31344 06/01/2005 19:05:22.570 SEV=9 IKEDBG/0
> RPT=41578 12.34.56.78 
> Group [L2L: Smc]
> constructing qm hash
> 
> Authentication session closed: handle = 277
> 
> 31352 06/01/2005 19:05:25.540 SEV=4 EVENT/39
> RPT=1915 
> Event Manager erased file(s) LOG34591.TXT when
> saving file: log35028.txt
> 
> 31353 06/01/2005 19:05:54.580 SEV=4 IKEDBG/0
> RPT=41580 
> QM FSM error (P2 struct &0x1d85348, mess id
> 0x8a5d20c8)!
> 
> 31354 06/01/2005 19:05:54.580 SEV=7 IKEDBG/65
> RPT=7816 12.34.56.78 
> Group [L2L: Smc]
> IKE QM Initiator FSM error history (struct
> &0x1d85348)
> <state>, <event>:
> QM_DONE, EV_ERROR
> QM_WAIT_MSG2, EV_TIMEOUT
> QM_WAIT_MSG2, NullEvent
> QM_SND_MSG1, EV_SND_MSG
> 
> 31359 06/01/2005 19:05:54.580 SEV=9 IKEDBG/0
> RPT=41581 
> sending delete/delete with reason message
> 
> 31360 06/01/2005 19:05:54.580 SEV=9 IKEDBG/0
> RPT=41582 12.34.56.78 
> Group [L2L: Smc]
> constructing blank hash
> 
> 31361 06/01/2005 19:05:54.580 SEV=9 IKEDBG/0
> RPT=41583 
> constructing IPSec delete payload
> 
> 31362 06/01/2005 19:05:54.580 SEV=9 IKEDBG/0
> RPT=41584 12.34.56.78 
> Group [L2L: Smc]
> constructing qm hash
> 
> 31363 06/01/2005 19:05:54.580 SEV=8 IKEDBG/0
> RPT=41585 12.34.56.78 
> SENDING Message (msgid=d5109d68) with payloads : 
> HDR + HASH (8) + DELETE (12) 
> total length : 68
> 
> 31365 06/01/2005 19:05:54.580 SEV=7 IKEDBG/9
> RPT=1141 12.34.56.78 
> Group [L2L: Smc]
> IKE Deleting SA: Remote Proxy 12.34.56.78, Local
> Proxy 192.168.0.190
> 
> 31367 06/01/2005 19:05:54.580 SEV=6 IKE/0 RPT=1810
> 12.34.56.78 
> Group [L2L: Smc]
> Removing peer from correlator table failed, no
> match!
> 
> 31368 06/01/2005 19:05:54.590 SEV=9 IKEDBG/0
> RPT=41586 12.34.56.78 
> Group [L2L: Smc]
> IKE SA MM:98596d72 rcv'd Terminate: state MM_ACTIVE
> flags 0x00000062, refcnt 1, tuncnt 0
> 
> 31371 06/01/2005 19:05:54.590 SEV=9 IKEDBG/0
> RPT=41587 12.34.56.78 
> Group [L2L: Smc]
> IKE SA MM:98596d72 terminating:
> flags 0x01000022, refcnt 0, tuncnt 0
> 
> 31373 06/01/2005 19:05:54.590 SEV=9 IKEDBG/0
> RPT=41588 
> sending delete/delete with reason message
> 
> 31374 06/01/2005 19:05:54.590 SEV=9 IKEDBG/0
> RPT=41589 12.34.56.78 
> Group [L2L: Smc]
> constructing blank hash
> 
> 
> alguna idea o comentario ?  de antemano gracias

podrias enviar un diagrama de como tienes conectados
tus equipos asi como la IP de cada uno y el carrier
que usas? porque con el puro log no es informacion
suficiente. 

Saludos





> 
> 
>  
> _______________________________________________
> Ayuda mailing list
> Ayuda en linux.org.mx
> Para salir de la lista:
>
http://mail.linux.org.mx/cgi-bin/mailman/listinfo/ayuda/
> 


Jose Luis Ayala. DID: (777)3295535. Nextel ID: 159379*2
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1. (geekcode.com)
GCS d- s+:+ a- C++ UL++++ P+ L+++ E---- W+ N* o-- K- w--- O M V-- PS Y+ PGP+ t 5 X R tv- b++ DI+ D G e++ h* r y+++++
------END GEEK CODE BLOCK------


		
__________________________________ 
Discover Yahoo! 
Get on-the-go sports scores, stock quotes, news and more. Check it out! 
http://discover.yahoo.com/mobile.html

 
_______________________________________________
Ayuda mailing list
Ayuda en linux.org.mx
Para salir de la lista: http://mail.linux.org.mx/cgi-bin/mailman/listinfo/ayuda/

Más información sobre la lista de distribución Ayuda