On Tue, 1 Jul 2003 08:18 pm, Wayne Pascoe wrote:
> 2003-07-01 11:05:58: ERROR: isakmp.c:1776:isakmp_chkph1there(): phase2
> negotiation failed due to time up waiting for phase1. ESP

I have seen this error when setting up a VVPN between FBSD and a D-Link 804V

In my case it was the DLink expecting main mode and me trying aggressive


Do you get different behavour if you try to establish the VPn from each end?

Run ethereal on the outside lan segment - it tells you what happens at the 
beginning of the key negotiation - at least until they go to encrypted mode. 
That way you will see if the Rapto is doing main, aggressive etc

What do you setkeys -DP look like?

> proposal {
>       encryption_algorithm des;
>       hash_algorithm md5;
>       authentication_method pre_shared_key;
>       dh_group 2 ;
> }
> sainfo anonymous
> {
>       pfs_group 1;
>       lifetime time 10 min;
>       encryption_algorithm des;
>       authentication_algorithm hmac_md5;
>       compression_algorithm deflate ;
> }

Looks ok to me.  But what is the rest of the remote config?

[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to