On 12/08/2011 03:18 PM, Tim Keane wrote:
Yes, I am seeing the 'completed negotiations' message in the Juniper event log. The lifetime of 3600 s / 0 KB matches the parameters in the Shrew client's configuration. I've been examining the debug ike output, but I'm pretty much seeing the same thing. The connection seems to be made, the Shrew client continues to send Phase2 packets, eventually hitting its resend limit, at which point it sends a peer delete message.
Are you using a policy-based or route-based VPN on the Juniper? Have you also done flow filters and/or snoops in conjunction with the debug ike?
If you want, you can send me the get db str output and I can take a look at it (feel free to anonymize IPs/usernames).
_______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
