01-14-2012 03:21 PM
I have recently bought two CISCO routers RV220W for our main and brach office mainly for VPN tunneling. I didnt know they are routers only not modems. so I have set it up using BT 2wire Router as modem only.
I have successfuly setup the routers and manage to establish the VPN tunneling between two routers.
AS bt doesnt give static WAN IP address so I have used Dyndns which works fine. although I have 5 static ip address which cannot be used for WAN unless i cahnge to one IP address even then BT tech said it will not work.
when I created the tunnel i could ping both servers with their IP only not with the names. I can ping them fine locally. I could also see the network from branch office to main office but not from main office to branch office. today when I restarted the server I cannot ping both server i mean vice versa but VPN tunnel is established. now I cannot see the network from branch office to main office as well.
both sites running windows server 2008 standard. main office server has 6 NIC cards two wwith public and three with private ip addresses, its also runing Terminal server, exchange, file etc. the branch office has two NIC card one with private and one with public ip.
intially I could establish the VPN tunnel as the network range was same on both sites so I changed one in th e10.0.0.0 range other in 192.168.1.0 range and VPN tunnel was established straightaway.
As soon as the VPN tunnel was created I manage to creat an external trust without any problems and both servers are added in each other forward zones as name servers.
in the main office the fues went off and I had to re-start the router and now the VPN tunnel is not establishing, mainly the error is ISAKMP-SA Expired I will paste the log of both routers below
Now I need your help.
1. How to Clear Old or Existing Security Associations (Tunnels) on RV220W
2. how to fix the problem where I can ping the server with their IP as well as domain names ?
3. how to set it up so that both sides can see the network resources as well as access it ?
4. how to set it up so if the staff in branch office wants to log on the domain in main office he can simply do it as he does it in his office.
I can remote desktop both servers without any problems.
I have rebooted both servers few times, I have changed the share key, I also deleted the old setup and created new on both server but still no luck
Any urgent help will be appricated
01-14-2012 03:30 PM
Router1 Ipsec Policies
IPsec Policies
Add / Edit IKE Policy Configuration | |||
Policy Name: | |||
Direction / Type: | |||
Exchange Mode: | |||
Local | |||
Identifier Type: | |||
Identifier: | |||
Remote | |||
Identifier Type: | |||
Identifier: | |||
IKE SA Parameters | |||
Encryption Algorithm: | |||
Authentication Algorithm: | |||
Authentication Method: | |||
Pre-Shared Key: | |||
Diffie-Hellman (DH) Group: | |||
SA-Lifetime: | Seconds | ||
Dead Peer Detection: | Enable | ||
Detection Period: | |||
Reconnect after Failure Count: | |||
Extended Authentication | |||
XAUTH Type: | |||
Authentication Type: | |||
Username: | |||
Password: | |||
01-14-2012 03:32 PM
Router1 VPN Policies
IPsec Policies
Add / Edit VPN Policy Configuration | |||
Policy Name: | |||
Policy Type: | |||
Remote Endpoint: | |||
NETBIOS: | Enable | ||
Local Traffic Selection | |||
Local IP: | |||
Start Address: | |||
End Address: | |||
Subnet Mask: | |||
Remote Traffic Selection | |||
Remote IP: | |||
Start Address: | |||
End Address: | |||
Subnet Mask: | |||
Manual Policy Parameters | |||
SPI-Incoming: | |||
SPI-Outgoing: | |||
Encryption Algorithm: | |||
Key-In: | |||
Key-Out: | |||
Integrity Algorithm: | |||
Key-In: | |||
Key-Out: | |||
Auto Policy Parameters | |||
SA-Lifetime: | |||
Encryption Algorithm: | |||
Integrity Algorithm: | |||
PFS Key Group: | Enable | ||
Select IKE Policy: | |||
01-14-2012 03:35 PM
Router 2 IPsec
IPsec Policies
Add / Edit IKE Policy Configuration | |||
Policy Name: | |||
Direction / Type: | |||
Exchange Mode: | |||
Local | |||
Identifier Type: | |||
Identifier: | |||
Remote | |||
Identifier Type: | |||
Identifier: | |||
IKE SA Parameters | |||
Encryption Algorithm: | |||
Authentication Algorithm: | |||
Authentication Method: | |||
Pre-Shared Key: | |||
Diffie-Hellman (DH) Group: | |||
SA-Lifetime: | Seconds | ||
Dead Peer Detection: | Enable | ||
Detection Period: | |||
Reconnect after Failure Count: | |||
Extended Authentication | |||
XAUTH Type: | |||
Authentication Type: | |||
Username: | |||
Password: | |||
01-14-2012 03:37 PM
Router 2 VPN
Add / Edit VPN Policy Configuration | |||
Policy Name: | |||
Policy Type: | |||
Remote Endpoint: | FQDN | ||
NETBIOS: | Enable | ||
Local Traffic Selection | |||
Local IP: | |||
Start Address: | |||
End Address: | |||
Subnet Mask: | |||
Remote Traffic Selection | |||
Remote IP: | |||
Start Address: | |||
End Address: | |||
Subnet Mask: | |||
Manual Policy Parameters | |||
SPI-Incoming: | |||
SPI-Outgoing: | |||
Encryption Algorithm: | |||
Key-In: | |||
Key-Out: | |||
Integrity Algorithm: | |||
Key-In: | |||
Key-Out: | |||
Auto Policy Parameters | |||
SA-Lifetime: | |||
Encryption Algorithm: | |||
Integrity Algorithm: | |||
PFS Key Group: | Enable | ||
Select IKE Policy: | |||
01-14-2012 03:41 PM
Router1 log
2012-01-14 09:23:03: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:23:04: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.127.128.1[500]-197.143
.198.1[500
] with spi:9dd3d5f20fabee3d:2bc2b
c5c6660437
f
2012-01-14 09:23:12: [rv220w][IKE] INFO: remote configuration for identifier "router1.vpn.com" found
2012-01-14 09:23:12: [rv220w][IKE] INFO: Received request for new phase 1 negotiation: 197.127.128.1[500]<=>197.1
43.198.1[5
00]
2012-01-14 09:23:12: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:23:12: [rv220w][IKE] INFO: Received Vendor ID: RFC XXXX
2012-01-14 09:23:12: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike
-02
2012-01-14 09:23:12: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:23:12: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:23:12: [rv220w][IKE] INFO: For 197.143.198.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:23:13: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:23:13: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:23:13: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:23:13: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:23:13: [rv220w][IKE] INFO: ISAKMP-SA established for 197.127.128.1[500]-197.143
.198.1[500
] with spi:43e947c9f4344673:8059b
360776508e
9
2012-01-14 09:23:13: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:23:13: [rv220w][IKE] INFO: ISAKMP-SA expired 197.127.128.1[500]-197.143
.198.1[500
] spi:43e947c9f4344673:8059b
360776508e
9
2012-01-14 09:23:13: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:23:14: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.127.128.1[500]-197.143
.198.1[500
] with spi:43e947c9f4344673:8059b
360776508e
9
2012-01-14 09:23:33: [rv220w][IKE] ERROR: Phase 2 negotiation failed due to time up waiting for phase1. ESP 197.143.198.1->197.127.128
.1
2012-01-14 09:24:02: [rv220w][IKE] INFO: Using IPsec SA configuration: 10.0.0.0/24<->192.168.100.
0/24
2012-01-14 09:24:02: [rv220w][IKE] INFO: remote configuration for identifier "router1.vpn.com" found
2012-01-14 09:24:02: [rv220w][IKE] INFO: Initiating new phase 1 negotiation: 197.127.128.1[500]<=>197.1
43.198.1[5
00]
2012-01-14 09:24:02: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:24:02: [rv220w][IKE] INFO: [ident_i1send:180]: XXX: NUMNATTVENDORIDS: 3
2012-01-14 09:24:02: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 4
2012-01-14 09:24:02: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 8
2012-01-14 09:24:02: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 9
2012-01-14 09:24:02: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:24:02: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:24:02: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:24:02: [rv220w][IKE] INFO: For 197.143.198.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:24:03: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:24:03: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:24:03: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:24:03: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:24:03: [rv220w][IKE] INFO: ISAKMP-SA established for 197.127.128.1[500]-197.143
.198.1[500
] with spi:3e55c80741ba280c:dd313
67ffdf353b
8
2012-01-14 09:24:03: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:24:03: [rv220w][IKE] INFO: ISAKMP-SA expired 197.127.128.1[500]-197.143
.198.1[500
] spi:3e55c80741ba280c:dd313
67ffdf353b
8
2012-01-14 09:24:03: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:24:04: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.127.128.1[500]-197.143
.198.1[500
] with spi:3e55c80741ba280c:dd313
67ffdf353b
8
2012-01-14 09:24:27: [rv220w][IKE] INFO: remote configuration for identifier "router1.vpn.com" found
2012-01-14 09:24:27: [rv220w][IKE] INFO: Received request for new phase 1 negotiation: 197.127.128.1[500]<=>197.1
43.198.1[5
00]
2012-01-14 09:24:27: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:24:27: [rv220w][IKE] INFO: Received Vendor ID: RFC XXXX
2012-01-14 09:24:27: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike
-02
2012-01-14 09:24:27: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:24:27: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:24:27: [rv220w][IKE] INFO: For 197.143.198.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:24:27: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:24:27: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:24:27: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:24:27: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:24:27: [rv220w][IKE] INFO: ISAKMP-SA established for 197.127.128.1[500]-197.143
.198.1[500
] with spi:bf736f5e71444cab:30d24
12dc75cb60
2
2012-01-14 09:24:27: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:24:27: [rv220w][IKE] INFO: ISAKMP-SA expired 197.127.128.1[500]-197.143
.198.1[500
] spi:bf736f5e71444cab:30d24
12dc75cb60
2
2012-01-14 09:24:27: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:24:28: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.127.128.1[500]-197.143
.198.1[500
] with spi:bf736f5e71444cab:30d24
12dc75cb60
2
2012-01-14 09:24:33: [rv220w][IKE] ERROR: Phase 2 negotiation failed due to time up waiting for phase1. ESP 197.143.198.1->197.127.128
.1
2012-01-14 09:24:43: [rv220w][IKE] INFO: Using IPsec SA configuration: 10.0.0.0/24<->192.168.100.
0/24
2012-01-14 09:24:43: [rv220w][IKE] INFO: remote configuration for identifier "router1.vpn.com" found
2012-01-14 09:24:43: [rv220w][IKE] INFO: Initiating new phase 1 negotiation: 197.127.128.1[500]<=>197.1
43.198.1[5
00]
2012-01-14 09:24:43: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:24:43: [rv220w][IKE] INFO: [ident_i1send:180]: XXX: NUMNATTVENDORIDS: 3
2012-01-14 09:24:43: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 4
2012-01-14 09:24:43: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 8
2012-01-14 09:24:43: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 9
2012-01-14 09:24:43: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:24:43: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:24:43: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:24:43: [rv220w][IKE] INFO: For 197.143.198.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:24:43: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:24:43: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:24:43: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:24:43: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:24:44: [rv220w][IKE] INFO: ISAKMP-SA established for 197.127.128.1[500]-197.143
.198.1[500
] with spi:01055a0e8b3c2d3c:ecbef
bd9ed57340
3
2012-01-14 09:24:44: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:24:44: [rv220w][IKE] INFO: ISAKMP-SA expired 197.127.128.1[500]-197.143
.198.1[500
] spi:01055a0e8b3c2d3c:ecbef
bd9ed57340
3
2012-01-14 09:24:44: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:24:45: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.127.128.1[500]-197.143
.198.1[500
] with spi:01055a0e8b3c2d3c:ecbef
bd9ed57340
3
2012-01-14 09:25:14: [rv220w][IKE] ERROR: Phase 2 negotiation failed due to time up waiting for phase1. ESP 197.143.198.1->197.127.128
.1
2012-01-14 09:26:02: [rv220w][IKE] INFO: Using IPsec SA configuration: 10.0.0.0/24<->192.168.100.
0/24
2012-01-14 09:26:02: [rv220w][IKE] INFO: remote configuration for identifier "router1.vpn.com" found
2012-01-14 09:26:02: [rv220w][IKE] INFO: Initiating new phase 1 negotiation: 197.127.128.1[500]<=>197.1
43.198.1[5
00]
2012-01-14 09:26:02: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:26:02: [rv220w][IKE] INFO: [ident_i1send:180]: XXX: NUMNATTVENDORIDS: 3
2012-01-14 09:26:02: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 4
2012-01-14 09:26:02: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 8
2012-01-14 09:26:02: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 9
2012-01-14 09:26:02: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:26:02: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:26:02: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:26:02: [rv220w][IKE] INFO: For 197.143.198.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:26:03: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:26:03: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:26:03: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:26:03: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:26:03: [rv220w][IKE] INFO: ISAKMP-SA established for 197.127.128.1[500]-197.143
.198.1[500
] with spi:bee67d28e1abcb44:8154b
5e19a4d737
f
2012-01-14 09:26:03: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:26:03: [rv220w][IKE] INFO: ISAKMP-SA expired 197.127.128.1[500]-197.143
.198.1[500
] spi:bee67d28e1abcb44:8154b
5e19a4d737
f
2012-01-14 09:26:03: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:26:04: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.127.128.1[500]-197.143
.198.1[500
] with spi:bee67d28e1abcb44:8154b
5e19a4d737
f
2012-01-14 09:26:22: [rv220w][IKE] INFO: remote configuration for identifier "router1.vpn.com" found
2012-01-14 09:26:22: [rv220w][IKE] INFO: Received request for new phase 1 negotiation: 197.127.128.1[500]<=>197.1
43.198.1[5
00]
2012-01-14 09:26:22: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:26:22: [rv220w][IKE] INFO: Received Vendor ID: RFC XXXX
2012-01-14 09:26:22: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike
-02
2012-01-14 09:26:22: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:26:22: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:26:22: [rv220w][IKE] INFO: For 197.143.198.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:26:22: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:26:22: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:26:22: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:26:22: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:26:22: [rv220w][IKE] INFO: ISAKMP-SA established for 197.127.128.1[500]-197.143
.198.1[500
] with spi:8608af37edbabe3c:7c9a4
0fe6f8c5a1
d
2012-01-14 09:26:22: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:26:22: [rv220w][IKE] INFO: ISAKMP-SA expired 197.127.128.1[500]-197.143
.198.1[500
] spi:8608af37edbabe3c:7c9a4
0fe6f8c5a1
d
2012-01-14 09:26:22: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:26:23: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.127.128.1[500]-197.143
.198.1[500
] with spi:8608af37edbabe3c:7c9a4
0fe6f8c5a1
d
2012-01-14 09:26:33: [rv220w][IKE] ERROR: Phase 2 negotiation failed due to time up waiting for phase1. ESP 197.143.198.1->197.127.128
.1
2012-01-14 09:28:13: [rv220w][IKE] INFO: Using IPsec SA configuration: 10.0.0.0/24<->192.168.100.
0/24
2012-01-14 09:28:13: [rv220w][IKE] INFO: remote configuration for identifier "router1.vpn.com" found
2012-01-14 09:28:13: [rv220w][IKE] INFO: Initiating new phase 1 negotiation: 197.127.128.1[500]<=>197.1
43.198.1[5
00]
2012-01-14 09:28:13: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:28:13: [rv220w][IKE] INFO: [ident_i1send:180]: XXX: NUMNATTVENDORIDS: 3
2012-01-14 09:28:13: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 4
2012-01-14 09:28:13: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 8
2012-01-14 09:28:13: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 9
2012-01-14 09:28:14: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:28:14: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:28:14: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:28:14: [rv220w][IKE] INFO: For 197.143.198.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:28:14: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:28:14: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:28:14: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:28:14: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:28:14: [rv220w][IKE] INFO: ISAKMP-SA established for 197.127.128.1[500]-197.143
.198.1[500
] with spi:6e3e37112f726505:d538c
7b380d1bb7
b
2012-01-14 09:28:14: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:28:14: [rv220w][IKE] INFO: ISAKMP-SA expired 197.127.128.1[500]-197.143
.198.1[500
] spi:6e3e37112f726505:d538c
7b380d1bb7
b
2012-01-14 09:28:14: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:28:15: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.127.128.1[500]-197.143
.198.1[500
] with spi:6e3e37112f726505:d538c
7b380d1bb7
b
2012-01-14 09:28:44: [rv220w][IKE] ERROR: Phase 2 negotiation failed due to time up waiting for phase1. ESP 197.143.198.1->197.127.128
.1
2012-01-14 09:29:01: [rv220w][IKE] INFO: Using IPsec SA configuration: 10.0.0.0/24<->192.168.100.
0/24
2012-01-14 09:29:01: [rv220w][IKE] INFO: remote configuration for identifier "router1.vpn.com" found
2012-01-14 09:29:01: [rv220w][IKE] INFO: Initiating new phase 1 negotiation: 197.127.128.1[500]<=>197.1
43.198.1[5
00]
2012-01-14 09:29:01: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:29:01: [rv220w][IKE] INFO: [ident_i1send:180]: XXX: NUMNATTVENDORIDS: 3
2012-01-14 09:29:01: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 4
2012-01-14 09:29:01: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 8
2012-01-14 09:29:01: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 9
2012-01-14 09:29:01: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:29:01: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:29:01: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:29:01: [rv220w][IKE] INFO: For 197.143.198.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:29:02: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:29:02: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:29:02: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:29:02: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:29:02: [rv220w][IKE] INFO: ISAKMP-SA established for 197.127.128.1[500]-197.143
.198.1[500
] with spi:ed4a08158ec9e2d6:728b8
2b6fd1f4ac
8
2012-01-14 09:29:02: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:29:02: [rv220w][IKE] INFO: ISAKMP-SA expired 197.127.128.1[500]-197.143
.198.1[500
] spi:ed4a08158ec9e2d6:728b8
2b6fd1f4ac
8
2012-01-14 09:29:02: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:29:03: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.127.128.1[500]-197.143
.198.1[500
] with spi:ed4a08158ec9e2d6:728b8
2b6fd1f4ac
8
2012-01-14 09:29:32: [rv220w][IKE] ERROR: Phase 2 negotiation failed due to time up waiting for phase1. ESP 197.143.198.1->197.127.128
.1
2012-01-14 09:29:53: [rv220w][IKE] INFO: Using IPsec SA configuration: 10.0.0.0/24<->192.168.100.
0/24
2012-01-14 09:29:53: [rv220w][IKE] INFO: remote configuration for identifier "router1.vpn.com" found
2012-01-14 09:29:53: [rv220w][IKE] INFO: Initiating new phase 1 negotiation: 197.127.128.1[500]<=>197.1
43.198.1[5
00]
2012-01-14 09:29:53: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:29:53: [rv220w][IKE] INFO: [ident_i1send:180]: XXX: NUMNATTVENDORIDS: 3
2012-01-14 09:29:53: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 4
2012-01-14 09:29:53: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 8
2012-01-14 09:29:53: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 9
2012-01-14 09:29:53: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:29:53: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:29:53: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:29:53: [rv220w][IKE] INFO: For 197.143.198.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:29:53: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:29:53: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:29:53: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:29:53: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:29:53: [rv220w][IKE] INFO: ISAKMP-SA established for 197.127.128.1[500]-197.143
.198.1[500
] with spi:d18758312c138e74:463cf
cd4bc16eb8
9
2012-01-14 09:29:53: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:29:53: [rv220w][IKE] INFO: ISAKMP-SA expired 197.127.128.1[500]-197.143
.198.1[500
] spi:d18758312c138e74:463cf
cd4bc16eb8
9
2012-01-14 09:29:53: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:29:54: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.127.128.1[500]-197.143
.198.1[500
] with spi:d18758312c138e74:463cf
cd4bc16eb8
9
2012-01-14 09:30:24: [rv220w][IKE] ERROR: Phase 2 negotiation failed due to time up waiting for phase1. ESP 197.143.198.1->197.127.128
.1
2012-01-14 09:31:00: [rv220w][IKE] INFO: Using IPsec SA configuration: 10.0.0.0/24<->192.168.100.
0/24
2012-01-14 09:31:00: [rv220w][IKE] INFO: remote configuration for identifier "router1.vpn.com" found
2012-01-14 09:31:00: [rv220w][IKE] INFO: Initiating new phase 1 negotiation: 197.127.128.1[500]<=>197.1
43.198.1[5
00]
2012-01-14 09:31:00: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:31:00: [rv220w][IKE] INFO: [ident_i1send:180]: XXX: NUMNATTVENDORIDS: 3
2012-01-14 09:31:00: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 4
2012-01-14 09:31:00: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 8
2012-01-14 09:31:00: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 9
2012-01-14 09:31:00: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:31:00: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:31:00: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:31:00: [rv220w][IKE] INFO: For 197.143.198.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:31:00: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:31:00: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:31:00: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:31:00: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:31:01: [rv220w][IKE] INFO: ISAKMP-SA established for 197.127.128.1[500]-197.143
.198.1[500
] with spi:037f625ec85cd352:36ffa
9dd66151db
5
2012-01-14 09:31:01: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:31:01: [rv220w][IKE] INFO: ISAKMP-SA expired 197.127.128.1[500]-197.143
.198.1[500
] spi:037f625ec85cd352:36ffa
9dd66151db
5
2012-01-14 09:31:01: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:31:02: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.127.128.1[500]-197.143
.198.1[500
] with spi:037f625ec85cd352:36ffa
9dd66151db
5
2012-01-14 09:31:31: [rv220w][IKE] ERROR: Phase 2 negotiation failed due to time up waiting for phase1. ESP 197.143.198.1->197.127.128
.1
2012-01-14 09:31:51: [rv220w][IKE] INFO: remote configuration for identifier "router1.vpn.com" found
2012-01-14 09:31:51: [rv220w][IKE] INFO: Received request for new phase 1 negotiation: 197.127.128.1[500]<=>197.1
43.198.1[5
00]
2012-01-14 09:31:51: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:31:51: [rv220w][IKE] INFO: Received Vendor ID: RFC XXXX
2012-01-14 09:31:51: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike
-02
I
01-14-2012 03:42 PM
Router 2 Log
2012-01-14 09:23:04: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.143.198.1[500]-197.127
.128.1[500
] with spi:9dd3d5f20fabee3d:2bc2b
c5c6660437
f
2012-01-14 09:23:12: [rv220w][IKE] INFO: Using IPsec SA configuration: 192.168.100.0/24<->10.0.0.
0/24
2012-01-14 09:23:12: [rv220w][IKE] INFO: remote configuration for identifier "router2.vpn.com" found
2012-01-14 09:23:12: [rv220w][IKE] INFO: Initiating new phase 1 negotiation: 197.143.198.1[500]<=>197.1
27.128.1[5
00]
2012-01-14 09:23:12: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:23:12: [rv220w][IKE] INFO: [ident_i1send:180]: XXX: NUMNATTVENDORIDS: 3
2012-01-14 09:23:12: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 4
2012-01-14 09:23:12: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 8
2012-01-14 09:23:12: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 9
2012-01-14 09:23:13: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:23:13: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:23:13: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:23:13: [rv220w][IKE] INFO: For 197.127.128.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:23:13: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:23:13: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:23:13: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:23:13: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:23:13: [rv220w][IKE] INFO: ISAKMP-SA established for 197.143.198.1[500]-197.127
.128.1[500
] with spi:43e947c9f4344673:8059b
360776508e
9
2012-01-14 09:23:13: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:23:13: [rv220w][IKE] INFO: ISAKMP-SA expired 197.143.198.1[500]-197.127
.128.1[500
] spi:43e947c9f4344673:8059b
360776508e
9
2012-01-14 09:23:13: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:23:14: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.143.198.1[500]-197.127
.128.1[500
] with spi:43e947c9f4344673:8059b
360776508e
9
2012-01-14 09:23:43: [rv220w][IKE] ERROR: Phase 2 negotiation failed due to time up waiting for phase1. ESP 197.127.128.1->197.143.198
.1
2012-01-14 09:24:02: [rv220w][IKE] INFO: remote configuration for identifier "router2.vpn.com" found
2012-01-14 09:24:02: [rv220w][IKE] INFO: Received request for new phase 1 negotiation: 197.143.198.1[500]<=>197.1
27.128.1[5
00]
2012-01-14 09:24:02: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:24:02: [rv220w][IKE] INFO: Received Vendor ID: RFC XXXX
2012-01-14 09:24:02: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike
-02
2012-01-14 09:24:02: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:24:02: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:24:02: [rv220w][IKE] INFO: For 197.127.128.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:24:02: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:24:02: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:24:02: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:24:02: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:24:03: [rv220w][IKE] INFO: ISAKMP-SA established for 197.143.198.1[500]-197.127
.128.1[500
] with spi:3e55c80741ba280c:dd313
67ffdf353b
8
2012-01-14 09:24:03: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:24:03: [rv220w][IKE] INFO: ISAKMP-SA expired 197.143.198.1[500]-197.127
.128.1[500
] spi:3e55c80741ba280c:dd313
67ffdf353b
8
2012-01-14 09:24:03: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:24:04: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.143.198.1[500]-197.127
.128.1[500
] with spi:3e55c80741ba280c:dd313
67ffdf353b
8
2012-01-14 09:24:27: [rv220w][IKE] INFO: Using IPsec SA configuration: 192.168.100.0/24<->10.0.0.
0/24
2012-01-14 09:24:27: [rv220w][IKE] INFO: remote configuration for identifier "router2.vpn.com" found
2012-01-14 09:24:27: [rv220w][IKE] INFO: Initiating new phase 1 negotiation: 197.143.198.1[500]<=>197.1
27.128.1[5
00]
2012-01-14 09:24:27: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:24:27: [rv220w][IKE] INFO: [ident_i1send:180]: XXX: NUMNATTVENDORIDS: 3
2012-01-14 09:24:27: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 4
2012-01-14 09:24:27: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 8
2012-01-14 09:24:27: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 9
2012-01-14 09:24:27: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:24:27: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:24:27: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:24:27: [rv220w][IKE] INFO: For 197.127.128.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:24:27: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:24:27: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:24:27: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:24:27: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:24:27: [rv220w][IKE] INFO: ISAKMP-SA established for 197.143.198.1[500]-197.127
.128.1[500
] with spi:bf736f5e71444cab:30d24
12dc75cb60
2
2012-01-14 09:24:27: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:24:27: [rv220w][IKE] INFO: ISAKMP-SA expired 197.143.198.1[500]-197.127
.128.1[500
] spi:bf736f5e71444cab:30d24
12dc75cb60
2
2012-01-14 09:24:27: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:24:28: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.143.198.1[500]-197.127
.128.1[500
] with spi:bf736f5e71444cab:30d24
12dc75cb60
2
2012-01-14 09:24:43: [rv220w][IKE] INFO: remote configuration for identifier "router2.vpn.com" found
2012-01-14 09:24:43: [rv220w][IKE] INFO: Received request for new phase 1 negotiation: 197.143.198.1[500]<=>197.1
27.128.1[5
00]
2012-01-14 09:24:43: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:24:43: [rv220w][IKE] INFO: Received Vendor ID: RFC XXXX
2012-01-14 09:24:43: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike
-02
2012-01-14 09:24:43: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:24:43: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:24:43: [rv220w][IKE] INFO: For 197.127.128.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:24:43: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:24:43: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:24:43: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:24:43: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:24:44: [rv220w][IKE] INFO: ISAKMP-SA established for 197.143.198.1[500]-197.127
.128.1[500
] with spi:01055a0e8b3c2d3c:ecbef
bd9ed57340
3
2012-01-14 09:24:44: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:24:44: [rv220w][IKE] INFO: ISAKMP-SA expired 197.143.198.1[500]-197.127
.128.1[500
] spi:01055a0e8b3c2d3c:ecbef
bd9ed57340
3
2012-01-14 09:24:44: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:24:45: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.143.198.1[500]-197.127
.128.1[500
] with spi:01055a0e8b3c2d3c:ecbef
bd9ed57340
3
2012-01-14 09:24:58: [rv220w][IKE] ERROR: Phase 2 negotiation failed due to time up waiting for phase1. ESP 197.127.128.1->197.143.198
.1
2012-01-14 09:26:02: [rv220w][IKE] INFO: remote configuration for identifier "router2.vpn.com" found
2012-01-14 09:26:02: [rv220w][IKE] INFO: Received request for new phase 1 negotiation: 197.143.198.1[500]<=>197.1
27.128.1[5
00]
2012-01-14 09:26:02: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:26:02: [rv220w][IKE] INFO: Received Vendor ID: RFC XXXX
2012-01-14 09:26:02: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike
-02
2012-01-14 09:26:02: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:26:02: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:26:02: [rv220w][IKE] INFO: For 197.127.128.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:26:02: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:26:02: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:26:02: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:26:02: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:26:03: [rv220w][IKE] INFO: ISAKMP-SA established for 197.143.198.1[500]-197.127
.128.1[500
] with spi:bee67d28e1abcb44:8154b
5e19a4d737
f
2012-01-14 09:26:03: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:26:03: [rv220w][IKE] INFO: ISAKMP-SA expired 197.143.198.1[500]-197.127
.128.1[500
] spi:bee67d28e1abcb44:8154b
5e19a4d737
f
2012-01-14 09:26:03: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:26:04: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.143.198.1[500]-197.127
.128.1[500
] with spi:bee67d28e1abcb44:8154b
5e19a4d737
f
2012-01-14 09:26:22: [rv220w][IKE] INFO: Using IPsec SA configuration: 192.168.100.0/24<->10.0.0.
0/24
2012-01-14 09:26:22: [rv220w][IKE] INFO: remote configuration for identifier "router2.vpn.com" found
2012-01-14 09:26:22: [rv220w][IKE] INFO: Initiating new phase 1 negotiation: 197.143.198.1[500]<=>197.1
27.128.1[5
00]
2012-01-14 09:26:22: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:26:22: [rv220w][IKE] INFO: [ident_i1send:180]: XXX: NUMNATTVENDORIDS: 3
2012-01-14 09:26:22: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 4
2012-01-14 09:26:22: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 8
2012-01-14 09:26:22: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 9
2012-01-14 09:26:22: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:26:22: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:26:22: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:26:22: [rv220w][IKE] INFO: For 197.127.128.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:26:22: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:26:22: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:26:22: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:26:22: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:26:22: [rv220w][IKE] INFO: ISAKMP-SA established for 197.143.198.1[500]-197.127
.128.1[500
] with spi:8608af37edbabe3c:7c9a4
0fe6f8c5a1
d
2012-01-14 09:26:22: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:26:22: [rv220w][IKE] INFO: ISAKMP-SA expired 197.143.198.1[500]-197.127
.128.1[500
] spi:8608af37edbabe3c:7c9a4
0fe6f8c5a1
d
2012-01-14 09:26:22: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:26:23: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.143.198.1[500]-197.127
.128.1[500
] with spi:8608af37edbabe3c:7c9a4
0fe6f8c5a1
d
2012-01-14 09:26:53: [rv220w][IKE] ERROR: Phase 2 negotiation failed due to time up waiting for phase1. ESP 197.127.128.1->197.143.198
.1
2012-01-14 09:28:14: [rv220w][IKE] INFO: remote configuration for identifier "router2.vpn.com" found
2012-01-14 09:28:14: [rv220w][IKE] INFO: Received request for new phase 1 negotiation: 197.143.198.1[500]<=>197.1
27.128.1[5
00]
2012-01-14 09:28:14: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:28:14: [rv220w][IKE] INFO: Received Vendor ID: RFC XXXX
2012-01-14 09:28:14: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike
-02
2012-01-14 09:28:14: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:28:14: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:28:14: [rv220w][IKE] INFO: For 197.127.128.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:28:14: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:28:14: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:28:14: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:28:14: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:28:14: [rv220w][IKE] INFO: ISAKMP-SA established for 197.143.198.1[500]-197.127
.128.1[500
] with spi:6e3e37112f726505:d538c
7b380d1bb7
b
2012-01-14 09:28:14: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:28:14: [rv220w][IKE] INFO: ISAKMP-SA expired 197.143.198.1[500]-197.127
.128.1[500
] spi:6e3e37112f726505:d538c
7b380d1bb7
b
2012-01-14 09:28:14: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:28:15: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.143.198.1[500]-197.127
.128.1[500
] with spi:6e3e37112f726505:d538c
7b380d1bb7
b
2012-01-14 09:29:01: [rv220w][IKE] INFO: remote configuration for identifier "router2.vpn.com" found
2012-01-14 09:29:01: [rv220w][IKE] INFO: Received request for new phase 1 negotiation: 197.143.198.1[500]<=>197.1
27.128.1[5
00]
2012-01-14 09:29:01: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:29:01: [rv220w][IKE] INFO: Received Vendor ID: RFC XXXX
2012-01-14 09:29:01: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike
-02
2012-01-14 09:29:01: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:29:01: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:29:01: [rv220w][IKE] INFO: For 197.127.128.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:29:01: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:29:01: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:29:01: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:29:01: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:29:02: [rv220w][IKE] INFO: ISAKMP-SA established for 197.143.198.1[500]-197.127
.128.1[500
] with spi:ed4a08158ec9e2d6:728b8
2b6fd1f4ac
8
2012-01-14 09:29:02: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:29:02: [rv220w][IKE] INFO: ISAKMP-SA expired 197.143.198.1[500]-197.127
.128.1[500
] spi:ed4a08158ec9e2d6:728b8
2b6fd1f4ac
8
2012-01-14 09:29:02: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:29:03: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.143.198.1[500]-197.127
.128.1[500
] with spi:ed4a08158ec9e2d6:728b8
2b6fd1f4ac
8
2012-01-14 09:29:53: [rv220w][IKE] INFO: remote configuration for identifier "router2.vpn.com" found
2012-01-14 09:29:53: [rv220w][IKE] INFO: Received request for new phase 1 negotiation: 197.143.198.1[500]<=>197.1
27.128.1[5
00]
2012-01-14 09:29:53: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:29:53: [rv220w][IKE] INFO: Received Vendor ID: RFC XXXX
2012-01-14 09:29:53: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike
-02
2012-01-14 09:29:53: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:29:53: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:29:53: [rv220w][IKE] INFO: For 197.127.128.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:29:53: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:29:53: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:29:53: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:29:53: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:29:53: [rv220w][IKE] INFO: ISAKMP-SA established for 197.143.198.1[500]-197.127
.128.1[500
] with spi:d18758312c138e74:463cf
cd4bc16eb8
9
2012-01-14 09:29:53: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:29:53: [rv220w][IKE] INFO: ISAKMP-SA expired 197.143.198.1[500]-197.127
.128.1[500
] spi:d18758312c138e74:463cf
cd4bc16eb8
9
2012-01-14 09:29:53: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:29:54: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.143.198.1[500]-197.127
.128.1[500
] with spi:d18758312c138e74:463cf
cd4bc16eb8
9
2012-01-14 09:31:00: [rv220w][IKE] INFO: remote configuration for identifier "router2.vpn.com" found
2012-01-14 09:31:00: [rv220w][IKE] INFO: Received request for new phase 1 negotiation: 197.143.198.1[500]<=>197.1
27.128.1[5
00]
2012-01-14 09:31:00: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:31:00: [rv220w][IKE] INFO: Received Vendor ID: RFC XXXX
2012-01-14 09:31:00: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike
-02
2012-01-14 09:31:00: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:31:00: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:31:00: [rv220w][IKE] INFO: For 197.127.128.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:31:00: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:31:00: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:31:00: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:31:00: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:31:00: [rv220w][IKE] INFO: ISAKMP-SA established for 197.143.198.1[500]-197.127
.128.1[500
] with spi:037f625ec85cd352:36ffa
9dd66151db
5
2012-01-14 09:31:00: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:31:01: [rv220w][IKE] INFO: ISAKMP-SA expired 197.143.198.1[500]-197.127
.128.1[500
] spi:037f625ec85cd352:36ffa
9dd66151db
5
2012-01-14 09:31:01: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:31:02: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.143.198.1[500]-197.127
.128.1[500
] with spi:037f625ec85cd352:36ffa
9dd66151db
5
2012-01-14 09:31:51: [rv220w][IKE] INFO: Using IPsec SA configuration: 192.168.100.0/24<->10.0.0.
0/24
2012-01-14 09:31:51: [rv220w][IKE] INFO: remote configuration for identifier "router2.vpn.com" found
2012-01-14 09:31:51: [rv220w][IKE] INFO: Initiating new phase 1 negotiation: 197.143.198.1[500]<=>197.1
27.128.1[5
00]
2012-01-14 09:31:51: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:31:51: [rv220w][IKE] INFO: [ident_i1send:180]: XXX: NUMNATTVENDORIDS: 3
2012-01-14 09:31:51: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 4
2012-01-14 09:31:51: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 8
2012-01-14 09:31:51: [rv220w][IKE] INFO: [ident_i1send:184]: XXX: setting vendorid: 9
2012-01-14 09:31:51: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2012-01-14 09:31:51: [rv220w][IKE] INFO: Received Vendor ID: DPD
2012-01-14 09:31:51: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:31:51: [rv220w][IKE] INFO: For 197.127.128.1[500], Selected NAT-T version: RFC 3947
2012-01-14 09:31:51: [rv220w][IKE] INFO: Received Vendor ID: KAME/racoon
2012-01-14 09:31:51: [rv220w][IKE] INFO: NAT-D payload matches for 197.143.198.1[500]
2012-01-14 09:31:51: [rv220w][IKE] INFO: NAT-D payload matches for 197.127.128.1[500]
2012-01-14 09:31:51: [rv220w][IKE] INFO: NAT not detected
2012-01-14 09:31:51: [rv220w][IKE] INFO: ISAKMP-SA established for 197.143.198.1[500]-197.127
.128.1[500
] with spi:b53bcc4e7c091dea:8c46f
c704d34634
6
2012-01-14 09:31:51: [rv220w][IKE] INFO: Sending Informational Exchange: notify payload[INITIAL-CONTACT]
2012-01-14 09:31:51: [rv220w][IKE] INFO: ISAKMP-SA expired 197.143.198.1[500]-197.127
.128.1[500
] spi:b53bcc4e7c091dea:8c46f
c704d34634
6
2012-01-14 09:31:51: [rv220w][IKE] INFO: Sending Informational Exchange: delete payload[]
2012-01-14 09:31:52: [rv220w][IKE] INFO: ISAKMP-SA deleted for 197.143.198.1[500]-197.127
.128.1[500
] with spi:b53bcc4e7c091dea:8c46f
c704d34634
6
2012-01-14 09:32:01: [rv220w][IKE] INFO: remote configuration for identifier "router2.vpn.com" found
2012-01-14 09:32:01: [rv220w][IKE] INFO: Received request for new phase 1 negotiation: 197.143.198.1[500]<=>197.1
27.128.1[5
00]
2012-01-14 09:32:01: [rv220w][IKE] INFO: Beginning Identity Protection mode.
2012-01-14 09:32:01: [rv220w][IKE] INFO: Received Vendor ID: RFC XXXX
2012-01-14 09:32:01: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike
-02
01-14-2012 03:47 PM
I have also attached the word format of both policies as copy and paste didnt paste the whole info I hope someone can help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide