09-13-2012 10:02 PM
Hi All
I am trying to get up an point to point VPN between a Cisco DPC3925 and a netscreen 5GT Firewall
I have configured up everything as i think it should, i belive the phase one and phase two are both configured ok, if i change the phase one settings to something different then i will get a different error
on the cisco I am using Auto Ike, with a shared key and PFS - both phase one and phase two are set the same at both ends cisco / netscreen
I'm pretty savy with the netscreen so I can pretty much pull out what ever data is needed, not so much with the cisco as the config options seem quite limited
When I try to connect, the VPN log on the CISCO shows the below, but on the netscreen it thinks that phase one Negotiations are complete (in logs etc)
The netscreen seems to be much more configurable than the CISCO, so i guess i need to change something on that but im not sure what
I know I haven't provdided much info on my config, but I was hoping someone may be able to give me abit more of an idea of what the cisco is expecting to receive ftom the netscreen that its not getting from the logs, I have chaged the external IP's in this log, the log goes from the bottom up as thats how the cisco dumps it
Anything obvios stand out to anyone?
1.1.1.1 is the Cisco,, 2.2.2.2 is the netscreen
Thu Sep 13 14:49:53 2012 IKE Phase 1 Negotiation FAILED 1.1.1.1==>2.2.2.2
Thu Sep 13 14:49:47 2012 phase2 negotiation failed due to time up waiting for phase1. 02.2.2.2 ==>1.1.1.1
Thu Sep 13 14:49:43 2012 error -1 process rcvd packet
Thu Sep 13 14:49:43 2012 Bad IKE packet received 2.2.2.2 ==>1.1.1.1
(origCookie=e3 4e 2c 81 b7 2a 40 e3 , respCookie=58 0a 56 24 e8 3d 78 f4 )
Thu Sep 13 14:49:32 2012 error -1 process rcvd packet
Thu Sep 13 14:49:32 2012 Bad IKE packet received 2.2.2.2 ==>1.1.1.1 (origCookie=e3 4e 2c 81 b7 2a 40 e3 , respCookie=58 0a 56 24 e8 3d 78 f4 )
Thu Sep 13 14:49:26 2012 Bad IKE packet received 2.2.2.2 ==>1.1.1.1 (origCookie=16 60 41 e5 51 8e b9 43 , respCookie=39 0e 63 70 48 49 36 7b )
Thu Sep 13 14:49:26 2012 unknown Informational exchange received.
Thu Sep 13 14:49:21 2012 error -1 process rcvd packet
Thu Sep 13 14:49:21 2012 Bad IKE packet received 2.2.2.2 ==>1.1.1.1 (origCookie=e3 4e 2c 81 b7 2a 40 e3 , respCookie=58 0a 56 24 e8 3d 78 f4 )
Thu Sep 13 14:49:11 2012 error -1 process rcvd packet
Thu Sep 13 14:49:11 2012 Bad IKE packet received 2.2.2.2 ==>1.1.1.1 (origCookie=e3 4e 2c 81 b7 2a 40 e3 , respCookie=58 0a 56 24 e8 3d 78 f4 )
Thu Sep 13 14:49:01 2012 error -1 process rcvd packet
Thu Sep 13 14:49:01 2012 Bad IKE packet received 2.2.2.2 ==>1.1.1.1 (origCookie=e3 4e 2c 81 b7 2a 40 e3 , respCookie=58 0a 56 24 e8 3d 78 f4 )
Thu Sep 13 14:48:50 2012 error -1 process rcvd packet
Thu Sep 13 14:48:50 2012 Bad IKE packet received 2.2.2.2 ==>1.1.1.1(origCookie=e3 4e 2c 81 b7 2a 40 e3 , respCookie=58 0a 56 24 e8 3d 78 f4 )
Thu Sep 13 14:48:50 2012 invalid ID payload.
Thu Sep 13 14:48:49 2012 IKE Phase 1 Negotiation Started 1.1.1.1==>2.2.2.2
09-14-2012 12:56 AM
Hi Tony,
Thank you for your question. However this community is for Cisco Small Business Products and the DPC3925 is not a Cisco Small Business Product.
Your product is an internet service provider (ISP) supported product. In other words you need to contact your ISP or technology reseller that you purchased this from to help you with your question.
I did some research and found the following links on the DPC3925 that may be of help.
http://www.cisco.com/web/consumer/support/modem_DPC3925.html
http://www.cisco.com/web/consumer/support/prod_modems.html
http://www.cisco.com/web/consumer/support/modem_DPC3925.html#~drivers
Regards,
Cindy Toy
Cisco Small Business Community Manager
for Cisco Small Business Products
www.cisco.com/go/smallbizsupport
twitter: CiscoSBsupport
09-16-2012 05:45 PM
Hi Cindy, thanks for your respopnse, perhaps i should have posted in the VPN section, i saw other questions for my router in here so thought it was approprate
are you able to move the thread or should i re-post?
Cheers
09-16-2012 11:53 PM
Hi Tony,
Per your request I have moved it to the VPN section.
Regards,
Cindy Toy
Cisco Small Business Community Manager
for Cisco Small Business Products
www.cisco.com/go/smallbizsupport
twitter: CiscoSBsupport
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: