VPN RV 016 with Stonegate

Unanswered Question
Jan 29th, 2010

Hi, good afternoon.

My vpn site-to-site not connect.

Following the logs:

Jan 29 10:24:18 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet  
Jan 29 10:24:18 2010     VPN Log    Ignoring Vendor ID payload [645af885467f08a6...] 
Jan 29 10:24:18 2010     VPN Log    Ignoring Vendor ID payload [baeb239037e17787...] 
Jan 29 10:24:18 2010     VPN Log    Ignoring Vendor ID payload [c573b056d7faca36...] 
Jan 29 10:24:18 2010     VPN Log    Ignoring Vendor ID payload [431cfc9292a0595d...] 
Jan 29 10:24:18 2010     VPN Log    Received Vendor ID payload Type = [Dead Peer Detection] 
Jan 29 10:24:18 2010     VPN Log    Ignoring Vendor ID payload Type = [Cisco-Unity] 
Jan 29 10:24:18 2010     VPN Log    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet 
Jan 29 10:24:18 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet 
Jan 29 10:24:18 2010     VPN Log    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet 
Jan 29 10:24:18 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet 
Jan 29 10:24:18 2010     VPN Log    Discarding duplicate packet; already STATE_MAIN_I3 
Jan 29 10:24:18 2010     VPN Log    Received informational payload, type INVALID_PAYLOAD_TYPE 
Jan 29 10:24:18 2010     VPN Log    Received informational payload, type INVALID_PAYLOAD_TYPE 
Jan 29 10:24:18 2010     VPN Log    Received informational payload, type INVALID_PAYLOAD_TYPE 
Jan 29 10:24:21 2010     VPN Log    Initiating Main Mode 
Jan 29 10:24:21 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet 
Jan 29 10:24:21 2010     VPN Log    Ignoring Vendor ID payload [645af885467f08a6...] 
Jan 29 10:24:21 2010     VPN Log    Ignoring Vendor ID payload [baeb239037e17787...] 
Jan 29 10:24:21 2010     VPN Log    Ignoring Vendor ID payload [c573b056d7faca36...] 
Jan 29 10:24:21 2010     VPN Log    Ignoring Vendor ID payload [431cfc9292a0595d...] 
Jan 29 10:24:21 2010     VPN Log    Received Vendor ID payload Type = [Dead Peer Detection] 
Jan 29 10:24:21 2010     VPN Log    Ignoring Vendor ID payload Type = [Cisco-Unity] 
Jan 29 10:24:21 2010     VPN Log    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet 
Jan 29 10:24:21 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet 
Jan 29 10:24:21 2010     VPN Log    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet 
Jan 29 10:24:21 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet 
Jan 29 10:24:22 2010     VPN Log    Received informational payload, type INVALID_PAYLOAD_TYPE 
Jan 29 10:24:22 2010     VPN Log    Received informational payload, type INVALID_PAYLOAD_TYPE

The config of the client part:

FASE 1 (IKE)

Crypto

3DES

Pre-Shared  Key

senha de criptografia (a ser definida em cjto)

Auth

MD5

Diffie Hellmann

Group 2

LifeTime

28800

FASE  2

Crypto

3DES

Auth

MD5

LifeTime

28800

PFS

Disable

PEER: X.X.X.X

REMOTE NETWORK 10.0.0.0 / 255.255.0.0

IN ANNEX my config:

Thanks

Attachment: 
I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
edusilveira Fri, 01/29/2010 - 07:32

I configured the lifetimes corretly but this problem continue.


NAT-T is enable.

Logs:

/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Tabela normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman"; mso-ansi-language:#0400; mso-fareast-language:#0400; mso-bidi-language:#0400;}

Jan 29 13:17:22 2010     VPN Log    Initiating Main Mode 

Jan 29 13:17:22 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet 

Jan 29 13:17:22 2010     VPN Log    Ignoring Vendor ID payload [645af885467f08a6...] 

Jan 29 13:17:22 2010     VPN Log    Ignoring Vendor ID payload [baeb239037e17787...] 

Jan 29 13:17:22 2010     VPN Log    Ignoring Vendor ID payload [c573b056d7faca36...] 

Jan 29 13:17:22 2010     VPN Log    Ignoring Vendor ID payload [431cfc9292a0595d...] 

Jan 29 13:17:22 2010     VPN Log    Received Vendor ID payload Type = [Dead Peer Detection] 

Jan 29 13:17:22 2010     VPN Log    Ignoring Vendor ID payload Type = [Cisco-Unity] 

Jan 29 13:17:22 2010     VPN Log    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet 

Jan 29 13:17:22 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet 

Jan 29 13:17:22 2010     VPN Log    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet 

Jan 29 13:17:22 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet 

Jan 29 13:17:22 2010     VPN Log    Received informational payload, type INVALID_PAYLOAD_TYPE 

Jan 29 13:17:22 2010     VPN Log    Received informational payload, type INVALID_PAYLOAD_TYPE

pudawat Fri, 01/29/2010 - 17:04

Halt at Main mode message 5 clearly indicates PRE-SHARED KEY MISMATCH!

Actions

This Discussion