Linux за българи: Форуми

Linux секция за напреднали => Хардуерни и софтуерни проблеми => Темата е започната от: skate в Feb 17, 2010, 14:07



Титла: IPSec VPN Tunnel Помощ за Свръзка > .....
Публикувано от: skate в Feb 17, 2010, 14:07
Здравейте, получавам тази грешка при опит за вдигнае на тунел .. може ли някой да помогне, благодаря....

Код:
[Starting connection with command /usr/sbin/ipsec auto --up 'paycode-to-vivacom' ..

104 "paycode-to-vivacom" #7: STATE_MAIN_I1: initiate
003 "paycode-to-vivacom" #7: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
003 "paycode-to-vivacom" #7: ignoring Vendor ID payload [FRAGMENTATION c0000000]
106 "paycode-to-vivacom" #7: STATE_MAIN_I2: sent MI2, expecting MR2
003 "paycode-to-vivacom" #7: received Vendor ID payload [Cisco-Unity]
003 "paycode-to-vivacom" #7: received Vendor ID payload [XAUTH]
003 "paycode-to-vivacom" #7: ignoring unknown Vendor ID payload [c5e228ecee81618df6d2cd7eef3b0bb4]
003 "paycode-to-vivacom" #7: ignoring Vendor ID payload [Cisco VPN 3000 Series]
003 "paycode-to-vivacom" #7: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected
108 "paycode-to-vivacom" #7: STATE_MAIN_I3: sent MI3, expecting MR3
010 "paycode-to-vivacom" #7: STATE_MAIN_I3: retransmission; will wait 20s for response
003 "paycode-to-vivacom" #7: discarding duplicate packet; already STATE_MAIN_I3
003 "paycode-to-vivacom" #7: discarding duplicate packet; already STATE_MAIN_I3
003 "paycode-to-vivacom" #7: discarding duplicate packet; already STATE_MAIN_I3
010 "paycode-to-vivacom" #7: STATE_MAIN_I3: retransmission; will wait 40s for response
003 "paycode-to-vivacom" #7: next payload type of ISAKMP Hash Payload has an unknown value: 31
003 "paycode-to-vivacom" #7: malformed payload in packet
031 "paycode-to-vivacom" #7: max number of retransmissions (2) reached STATE_MAIN_I3.  Possible authentication failure: no acceptable response to our first encrypted message
000 "paycode-to-vivacom" #7: starting keying attempt 2 of at most 3, but releasing whack

ipsec.conf >>>>>

Код:
conn paycode-to-vivacom
        auth=esp
        authby=secret
        auto=start
        esp=3des-168
        ike=3des-md5
        ikelifetime=8h
        keyexchange=ike
        keyingtries=3
        keylife=1h
        left=95.43.208.250
        leftid=95.43.208.250
        leftnexthop=95.43.208.249
        pfs=yes
        right=212.39.72.21
        rightsubnet=10.16.0.0/24
        type=tunnel

config setup
        interfaces=%defaultroute
        nat_traversal=yes
        OE=off
        protostack=netkey


конфигурацията каквато трябва да бъде: http://i48.tinypic.com/1823ba.jpg