On 5/9/2011 2:20 PM, Alexander Coers wrote:
Hi,
Am 28.04.2011 um 04:57 schrieb kevin vpn:
...
12:48:25 ii : resend limit exceeded for phase2 exchange
Hi Alexander,
The connection is failing in the phase2 exchange process. You'll need
to double-check your settings on the gateway and in the client.
Posting the log from the gateway could help us debug things for you.
You could try disabling PFS to simplify things a little bit
I disabled PFS, but the result is the same.
Here is the log from the router:
[09/May/11 21:07:05] @sys WAN(PPPoE) IP is 62.226.52.249[09/May/11 21:09:11]
@sys Get current time from NTP server : May 09 2011 Mon. 21:09:11[09/May/11
21:10:33] @in UDP from 85.22.14.23:500 to 62.226.52.249:500
[09/May/11 21:10:33] IKE[6] Rx<< MM_I1 : 85.22.14.23 SA, VID, VID, VID, VID
[09/May/11 21:10:33] IKE[6] Tx>> MM_R1 : 85.22.14.23 SA
[09/May/11 21:10:33] IKE[6] ISAKMP SA CKI=[b8d1581b 4cea1bab] CKR=[1cf5e5d0
1f2e0499]
[09/May/11 21:10:33] IKE[6] ISAKMP SA DES / MD5 / PreShared / MODP_768 /
3600 sec (*0 sec)
[09/May/11 21:10:34] IKE[6] Rx<< MM_I2 : 85.22.14.23 KE, NONCE
[09/May/11 21:10:34] IKE[6] Tx>> MM_R2 : 85.22.14.23 KE, NONCE
[09/May/11 21:10:35] This connection request matches tunnel 1 setting !
[09/May/11 21:10:35] IKE[1] Rx<< MM_I3 : 85.22.14.23 ID, HASH
[09/May/11 21:10:35] IKE[1] Tx>> MM_R3 : 85.22.14.23 ID, HASH
[09/May/11 21:13:17] @sys WAN(PPPoE) IP is 62.226.47.244[09/May/11 21:14:08]
@sys Get current time from NTP server : May 09 2011 Mon. 21:14:08[09/May/11
21:14:51] @in TCP from 85.22.14.23:59699 to 192.168.6.200:22
Make sure your policy settings match. It may also be worth fiddling with
the Policy Generation Level feature of the client ( policy tab ).
-Matthew
_______________________________________________
vpn-help mailing list
[email protected]
http://lists.shrew.net/mailman/listinfo/vpn-help
