Hi, on a windows 2008 R2 Server i have a problem in phase 1. Problem: the vpn client does not see the answers from vpn server. I have verified with Network sniffer that the packets arrive on the win2008 r2 box.
The cap files from debugging are completely empty. No send and no receivepackets. In the iked log I see resend's and then a timeout like that: 12/03/02 13:37:50 DB : phase1 ref increment ( ref count = 1, obj count = 0 ) 12/03/02 13:37:50 DB : phase1 added ( obj count = 1 ) 12/03/02 13:37:50 >> : security association payload 12/03/02 13:37:50 >> : - proposal #1 payload 12/03/02 13:37:50 >> : -- transform #1 payload 12/03/02 13:37:50 >> : -- transform #2 payload 12/03/02 13:37:50 >> : -- transform #3 payload 12/03/02 13:37:50 >> : -- transform #4 payload 12/03/02 13:37:50 >> : -- transform #5 payload 12/03/02 13:37:50 >> : -- transform #6 payload 12/03/02 13:37:50 >> : -- transform #7 payload 12/03/02 13:37:50 >> : -- transform #8 payload 12/03/02 13:37:50 >> : -- transform #9 payload 12/03/02 13:37:50 >> : -- transform #10 payload 12/03/02 13:37:50 >> : -- transform #11 payload 12/03/02 13:37:50 >> : -- transform #12 payload 12/03/02 13:37:50 >> : -- transform #13 payload 12/03/02 13:37:50 >> : -- transform #14 payload 12/03/02 13:37:50 >> : -- transform #15 payload 12/03/02 13:37:50 >> : -- transform #16 payload 12/03/02 13:37:50 >> : -- transform #17 payload 12/03/02 13:37:50 >> : -- transform #18 payload 12/03/02 13:37:50 >> : key exchange payload 12/03/02 13:37:50 >> : nonce payload 12/03/02 13:37:50 >> : identification payload 12/03/02 13:37:50 >> : vendor id payload 12/03/02 13:37:50 ii : local supports XAUTH 12/03/02 13:37:50 >> : vendor id payload 12/03/02 13:37:50 ii : local supports nat-t ( draft v02 ) 12/03/02 13:37:50 >> : vendor id payload 12/03/02 13:37:50 ii : local supports nat-t ( draft v03 ) 12/03/02 13:37:50 >> : vendor id payload 12/03/02 13:37:50 ii : local supports nat-t ( rfc ) 12/03/02 13:37:50 >> : vendor id payload 12/03/02 13:37:50 ii : local supports DPDv1 12/03/02 13:37:50 >> : vendor id payload 12/03/02 13:37:50 ii : local is SHREW SOFT compatible 12/03/02 13:37:50 >> : vendor id payload 12/03/02 13:37:50 ii : local is NETSCREEN compatible 12/03/02 13:37:50 >> : vendor id payload 12/03/02 13:37:50 ii : local is SIDEWINDER compatible 12/03/02 13:37:50 >> : vendor id payload 12/03/02 13:37:50 ii : local is CISCO UNITY compatible 12/03/02 13:37:50 >= : cookies a5ee74543f00c208:0000000000000000 12/03/02 13:37:50 >= : message 00000000 12/03/02 13:37:50 -> : send IKE packet 10.100.100.10:500 -> xxx.xxx.xxx.xxx:500 ( 1121 bytes ) 12/03/02 13:37:50 DB : phase1 resend event scheduled ( ref count = 2 ) 12/03/02 13:37:50 DB : phase1 ref decrement ( ref count = 1, obj count = 1 ) 12/03/02 13:37:50 DB : tunnel ref increment ( ref count = 3, obj count = 1 ) 12/03/02 13:37:55 -> : resend 1 phase1 packet(s) 10.100.100.10:500 -> xxx.xxx.xxx.xxx:500 12/03/02 13:38:00 -> : resend 1 phase1 packet(s) 10.100.100.10:500 -> xxx.xxx.xxx.xxx:500 12/03/02 13:38:05 -> : resend 1 phase1 packet(s) 10.100.100.10:500 -> xxx.xxx.xxx.xxx:500 12/03/02 13:38:10 ii : resend limit exceeded for phase1 exchange 12/03/02 13:38:10 ii : phase1 removal before expire time 12/03/02 13:38:10 DB : phase1 deleted ( obj count = 0 ) Any hints ? Regards Martin Forster
_______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
