On 08/14/2013 03:22 PM, Drew Majewski wrote:
Hi Kevin,
Sorry for the late response but I just double checked and tried all of the
Phase 2 settings but I get the same result:
Here are the Phase 2 proposals that I use:
nopfs-esp-3des-md5
nopfs-esp-3des-sha
nopfs-esp-aes128-sha
nopfs-esp-aes128-md5
In the Shrew 2.2.0 client I test with I tried a few different combination
of options but none of them work:
Transform Algorithm: esp-3des
HMAC Algorithm: sha1
PFS Exchange: disabled
Transform Algorithm: esp-3des
HMAC Algorithm: md5
PFS Exchange: disabled
Transform Algorithm: esp-aes
Transform Key Length: 128
HMAC Algorithm: sha1
PFS Exchange: disabled
Transform Algorithm: esp-aes
Transform Key Length: 128
HMAC Algorithm: md5
PFS Exchange: disabled
On all of the tests above I get the same issue. Shrew connects, tunnel
enables, grabs VPN IP, can't ping anything and then Shrew just disconnects
and logs in Juniper about Phase 2.
2013-08-14 15:08:54 info IKE x.x.x.x Phase 2
msg ID 61aceddd: Negotiations have failed.
2013-08-14 15:08:54 info IKE x.x.x.x Phase 2
msg ID 61aceddd: Negotiations have failed for user *****.
Hi Drew,
I'm very sorry for the late response, I've been away for a while.
Are you still having this issue? If so, can you provide the complete
Juniper logs (all the IKE, Phase 1 and Phase 2 entries) as well as a
debug trace from Shrew?
Debug trace instructions:
https://www.shrew.net/support/VPN_Bug_Report_Windows
_______________________________________________
vpn-help mailing list
[email protected]
https://lists.shrew.net/mailman/listinfo/vpn-help
