Prev: Cisco MTBF
Next: Reason 401: An unrecognized error occurred while establishing the VPN connection.
From: Merv on 14 Feb 2006 08:41

Have you always been getting as far as getting the messages:

Negotiating security policies...
Securing communications channel...

post the firewall config and the contents of the client VPN profile for
the connection

post the contents of the PIX firewall log - use command "show log"

is the IP address 80.177.223.54. for your firewall ?

From: Merv on 14 Feb 2006 09:56

BTW is this a new VPN server setup or are there other users that are
able to connect to the VPN server sucessfully?

From: James on 14 Feb 2006 10:14
This is a new setup - and only one person (myself) will be allowed in.
Also forgot to say that the Negotiating security etc is new to me!!
Must be getting somewhere, right. Trouble is that was from within the
site and all previous tests have been from outside. Not sure what diff
that makes...

From: Merv on 14 Feb 2006 10:41

On your VPN client profile setup, please confirm that the groupname is
set to"groupname" and the password is set to "key"

BTW I would suggest for clarity during testing that you change these
settings on both the 837W and your PC.
For example use a captilized groupname and password

clear the logging buffer ("clear log") , attempt a connection, and then
post the contents of the 857's logging buffer (" show log')

From: James on 14 Feb 2006 11:33
lost the last response!

I can only see the 857 log, I have no text equivalent to copy and
paste. It only has 5 info records the last being:

Processing of Quick mode failed with peer at "my pc's ip"

But here is the log of the client with IKE set to medium. I changed
the group key on both.
Cisco Systems VPN Client Version 4.6.00.0045
Copyright (C) 1998-2004 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 5.1.2600 Service Pack 2

1 16:12:21.348 02/14/06 Sev=Warning/3 GUI/0xE3B00003
GI EnumPPP callback timed out.

Cisco Systems VPN Client Version 4.6.00.0045
Copyright (C) 1998-2004 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 5.1.2600 Service Pack 2
Config file directory: C:\Program Files\Cisco Systems\VPN Client

1 16:14:50.652 02/14/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd),
VID(Nat-T), VID(Frag), VID(Unity)) to 80.177.223.54

2 16:14:50.732 02/14/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (SA, VID(Unity), VID(dpd), VID(?),
VID(Xauth), VID(Nat-T), KE, ID, NON, HASH, NAT-D, NAT-D) from
80.177.223.54

3 16:14:50.742 02/14/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, NAT-D,
NAT-D, VID(?), VID(Unity)) to 80.177.223.54

4 16:14:50.742 02/14/06 Sev=Info/4 IKE/0x63000082
IKE Port in use - Local Port = 0x01F4, Remote Port = 0x01F4

5 16:14:50.752 02/14/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:STATUS_RESP_LIFETIME) from
80.177.223.54

6 16:14:50.752 02/14/06 Sev=Warning/2 IKE/0xA3000062
Attempted incoming connection from 80.177.223.54. Inbound connections
are not allowed.

7 16:14:50.762 02/14/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 80.177.223.54

8 16:14:55.750 02/14/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(Retransmission) from 80.177.223.54

9 16:14:57.172 02/14/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 80.177.223.54

10 16:14:57.182 02/14/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 80.177.223.54

11 16:14:57.192 02/14/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 80.177.223.54

12 16:14:57.212 02/14/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 80.177.223.54

13 16:14:57.222 02/14/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 80.177.223.54

14 16:14:57.532 02/14/06 Sev=Info/4 IKE/0x63000055
Received a key request from Driver: Local IP = 192.168.36.55, GW IP =
80.177.223.54, Remote IP = 0.0.0.0

15 16:14:57.532 02/14/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK QM *(HASH, SA, NON, ID, ID) to 80.177.223.54

16 16:14:57.542 02/14/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:NO_PROPOSAL_CHOSEN) from
80.177.223.54

17 16:14:57.552 02/14/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 80.177.223.54

18 16:14:57.552 02/14/06 Sev=Info/4 IKE/0x63000048
Discarding IPsec SA negotiation, MsgID=CABD5A7C

19 16:14:57.552 02/14/06 Sev=Info/4 IKE/0x63000017
Marking IKE SA for deletion (I_Cookie=5ED0E3343207D013
R_Cookie=E82601E7412816C6) reason = DEL_REASON_IKE_NEG_FAILED

20 16:15:00.957 02/14/06 Sev=Info/4 IKE/0x6300004A
Discarding IKE SA negotiation (I_Cookie=5ED0E3343207D013
R_Cookie=E82601E7412816C6) reason = DEL_REASON_IKE_NEG_FAILED

21 16:15:01.037 02/14/06 Sev=Info/4 IKE/0x63000001
IKE received signal to terminate VPN connection

First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4 5
Prev: Cisco MTBF
Next: Reason 401: An unrecognized error occurred while establishing the VPN connection.