On 07/24/2012 02:29 AM, Steven Lam wrote:
Hi, here is the log:
<snip>
12/07/23 23:19:51 -> : send IKE packet 10.0.1.102:500 ->
xxx.xxx.xxx.xxx:500 ( 620 bytes )
12/07/23 23:19:51 DB : phase1 resend event scheduled ( ref count = 2 )
12/07/23 23:19:56 -> : resend 1 phase1 packet(s) 10.0.1.102:500 ->
xxx.xxx.xxx.xxx:500
12/07/23 23:20:01 -> : resend 1 phase1 packet(s) 10.0.1.102:500 ->
xxx.xxx.xxx.xxx:500
12/07/23 23:20:06 -> : resend 1 phase1 packet(s) 10.0.1.102:500 ->
xxx.xxx.xxx.xxx:500
12/07/23 23:20:11 ii : resend limit exceeded for phase1 exchange
12/07/23 23:20:11 ii : phase1 removal before expire time
12/07/23 23:20:11 DB : phase1 deleted ( obj count = 0 )
12/07/23 23:20:11 DB : policy not found
12/07/23 23:20:11 DB : policy not found
12/07/23 23:20:11 DB : policy not found
12/07/23 23:20:11 DB : policy not found
<snip>
I don't see any problem until the policy not found error.
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of Kevin VPN
Sent: July-22-12 9:38 AM
To: [email protected]
Subject: Re: [vpn-help] negotiation timeout
On 07/19/2012 02:26 AM, Steven Lam wrote:
Hi, I'm using shrew 2.1.7 connecting to rv082. I haven't been able to
connect so far. I am having connection timeout error. Shrew will say
it is bringing up tunnel but it will eventually get a "negotiation
timeout"
message. When I consult the vpn log on the rv082, I see a lot of
"ignoring vendor id payload" message. The payload id is different
each time. Any idea what it is? Thanks!
Hi Steven,
I'm not sure the vendor id payload is a big problem. During negotiation, I
think Shrew provides a list of the vendor ids it supports/emulates.
I would generate a log file from Shrew to see if it gives us more
information, I would guess there is something else wrong, perhaps a
configuration mismatch.
Instructions on how to generate a log file are here:
http://www.shrew.net/support/wiki/BugReportVpnWindows
Hi Steven,
The problem is actually before the "policy not found," it's here:
> 12/07/23 23:19:51 -> : send IKE packet 10.0.1.102:500 ->
xxx.xxx.xxx.xxx:500 (
> 620 bytes )
> 12/07/23 23:19:51 DB : phase1 resend event scheduled ( ref count = 2 )
> 12/07/23 23:19:56 -> : resend 1 phase1 packet(s) 10.0.1.102:500 ->
> xxx.xxx.xxx.xxx:500
> 12/07/23 23:20:01 -> : resend 1 phase1 packet(s) 10.0.1.102:500 ->
> xxx.xxx.xxx.xxx:500
> 12/07/23 23:20:06 -> : resend 1 phase1 packet(s) 10.0.1.102:500 ->
> xxx.xxx.xxx.xxx:500
> 12/07/23 23:20:11 ii : resend limit exceeded for phase1 exchange
These messages mean that Shrew tried to contact the gateway but received
no response. At this point, you'll need to get the gateway logs to see
if it is receiving the packets from Shrew and if so, why it is not
responding.
My guess is that it will be something related to the settings on the
Authentication tab of the Shrew Site Configuration. Look to synchronize
those with the settings on the gateway.
_______________________________________________
vpn-help mailing list
[email protected]
http://lists.shrew.net/mailman/listinfo/vpn-help
