LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 02-21-2011, 01:00 PM   #1
mhkhalqani
LQ Newbie
 
Registered: Sep 2005
Location: Karachi-Pakistan
Posts: 5

Rep: Reputation: 0
Openswan VPN with windows using L2TP


Hi,
I am trying to create a VPN connection using openswan on RHEL5 64 bit machine between linux_1 to linux_2 and linux_1 to Windows XP environments, my first envoironment linux to linux is working fine but I am unable to connect the VPN using Windows XP. Basically that one is a "Roadwarrior" type of connection.
My ipsec.conf file has following connection for linux_1 to windows:
conn roadwarrior
pfs=no
left=31.120.56.220
leftnexthop=31.120.56.193
leftsubnet=31.120.56.192/27
right=%any
rightsubnet=vhost:%no,%priv
leftprotoport=17/1701
rightprotoport=17/1701
auto=add

"109.251.xxx.xx" is a public IP address associated with linux_1 machine, when I am trying to connect using that IP on windows xp I am getting following error:

Error 678: The remote computer did not respond. For Further assistance, click more....

At linux ent I am seeing following line in log file

"IPsec SA established tunnel mode {ESP=>0x21a24605 <0xeb541ed3 xfrm=3DES_0-HMAC_MD5 ...."


I found following messages in Oaklay Log file:

2-21: 11:46:16:375:b60 Initialization OK
2-21: 11:46:32:734:14d8 QM PolicyName: L2TP Optional Encryption Quick Mode Policy dwFlags 0
2-21: 11:46:32:734:14d8 QMOffer[0] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[0] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: MD5
2-21: 11:46:32:734:14d8 QMOffer[1] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[1] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: SHA
2-21: 11:46:32:734:14d8 QMOffer[2] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[2] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: AH Algo: SHA
2-21: 11:46:32:734:14d8 Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: 0
2-21: 11:46:32:734:14d8 QMOffer[3] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[3] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: AH Algo: MD5
2-21: 11:46:32:734:14d8 Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: 0
2-21: 11:46:32:734:14d8 QMOffer[4] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[4] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: AH Algo: SHA
2-21: 11:46:32:734:14d8 Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: SHA
2-21: 11:46:32:734:14d8 QMOffer[5] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[5] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: AH Algo: MD5
2-21: 11:46:32:734:14d8 Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: MD5
2-21: 11:46:32:734:14d8 QMOffer[6] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[6] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: ESP Algo: DES CBC HMAC: MD5
2-21: 11:46:32:734:14d8 QMOffer[7] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[7] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: ESP Algo: DES CBC HMAC: SHA
2-21: 11:46:32:734:14d8 QMOffer[8] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[8] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: AH Algo: SHA
2-21: 11:46:32:734:14d8 Algo[1] Operation: ESP Algo: DES CBC HMAC: 0
2-21: 11:46:32:734:14d8 QMOffer[9] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[9] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: AH Algo: MD5
2-21: 11:46:32:734:14d8 Algo[1] Operation: ESP Algo: DES CBC HMAC: 0
2-21: 11:46:32:734:14d8 QMOffer[10] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[10] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: AH Algo: SHA
2-21: 11:46:32:734:14d8 Algo[1] Operation: ESP Algo: DES CBC HMAC: SHA
2-21: 11:46:32:734:14d8 QMOffer[11] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[11] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: AH Algo: MD5
2-21: 11:46:32:734:14d8 Algo[1] Operation: ESP Algo: DES CBC HMAC: MD5
2-21: 11:46:32:734:14d8 QMOffer[12] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[12] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: ESP Algo: NULL DES HMAC: SHA
2-21: 11:46:32:734:14d8 QMOffer[13] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[13] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: ESP Algo: NULL DES HMAC: MD5
2-21: 11:46:32:734:14d8 QMOffer[14] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[14] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: AH Algo: SHA
2-21: 11:46:32:734:14d8 QMOffer[15] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:14d8 QMOffer[15] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:14d8 Algo[0] Operation: AH Algo: MD5
2-21: 11:46:32:734:14d8 Internal Acquire: op=00000001 src=192.169.1.10.1701 dst=109.251.xxx.xx.1701 proto = 17, SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 0, TunnelEndpt=0.0.0.0 Inbound TunnelEndpt=0.0.0.0, InitiateEvent=000004CC, IKE SrcPort=500 IKE DstPort=500
2-21: 11:46:32:734:164c Filter to match: Src 109.251.xxx.xx Dst 192.169.1.10
2-21: 11:46:32:734:164c MM PolicyName: L2TP Main Mode Policy
2-21: 11:46:32:734:164c MMPolicy dwFlags 8 SoftSAExpireTime 28800
2-21: 11:46:32:734:164c MMOffer[0] LifetimeSec 28800 QMLimit 0 DHGroup 268435457
2-21: 11:46:32:734:164c MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
2-21: 11:46:32:734:164c MMOffer[1] LifetimeSec 28800 QMLimit 0 DHGroup 2
2-21: 11:46:32:734:164c MMOffer[1] Encrypt: Triple DES CBC Hash: SHA
2-21: 11:46:32:734:164c MMOffer[2] LifetimeSec 28800 QMLimit 0 DHGroup 2
2-21: 11:46:32:734:164c MMOffer[2] Encrypt: Triple DES CBC Hash: MD5
2-21: 11:46:32:734:164c MMOffer[3] LifetimeSec 28800 QMLimit 0 DHGroup 1
2-21: 11:46:32:734:164c MMOffer[3] Encrypt: DES CBC Hash: SHA
2-21: 11:46:32:734:164c MMOffer[4] LifetimeSec 28800 QMLimit 0 DHGroup 1
2-21: 11:46:32:734:164c MMOffer[4] Encrypt: DES CBC Hash: MD5
2-21: 11:46:32:734:164c Auth[0]:PresharedKey KeyLen 78
2-21: 11:46:32:734:164c QM PolicyName: L2TP Optional Encryption Quick Mode Policy dwFlags 0
2-21: 11:46:32:734:164c QMOffer[0] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:164c QMOffer[0] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:164c Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: MD5
2-21: 11:46:32:734:164c QMOffer[1] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:164c QMOffer[1] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:164c Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: SHA
2-21: 11:46:32:734:164c QMOffer[2] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:164c QMOffer[2] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:164c Algo[0] Operation: AH Algo: SHA
2-21: 11:46:32:734:164c Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: 0
2-21: 11:46:32:734:164c QMOffer[3] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:164c QMOffer[3] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:164c Algo[0] Operation: AH Algo: MD5
2-21: 11:46:32:734:164c Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: 0
2-21: 11:46:32:734:164c QMOffer[4] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:164c QMOffer[4] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:164c Algo[0] Operation: AH Algo: SHA
2-21: 11:46:32:734:164c Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: SHA
2-21: 11:46:32:734:164c QMOffer[5] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:164c QMOffer[5] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:164c Algo[0] Operation: AH Algo: MD5
2-21: 11:46:32:734:164c Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: MD5
2-21: 11:46:32:734:164c QMOffer[6] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:164c QMOffer[6] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:164c Algo[0] Operation: ESP Algo: DES CBC HMAC: MD5
2-21: 11:46:32:734:164c QMOffer[7] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:164c QMOffer[7] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:164c Algo[0] Operation: ESP Algo: DES CBC HMAC: SHA
2-21: 11:46:32:734:164c QMOffer[8] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:164c QMOffer[8] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:164c Algo[0] Operation: AH Algo: SHA
2-21: 11:46:32:734:164c Algo[1] Operation: ESP Algo: DES CBC HMAC: 0
2-21: 11:46:32:734:164c QMOffer[9] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:164c QMOffer[9] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:164c Algo[0] Operation: AH Algo: MD5
2-21: 11:46:32:734:164c Algo[1] Operation: ESP Algo: DES CBC HMAC: 0
2-21: 11:46:32:734:164c QMOffer[10] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:734:164c QMOffer[10] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:734:164c Algo[0] Operation: AH Algo: SHA
2-21: 11:46:32:734:164c Algo[1] Operation: ESP Algo: DES CBC HMAC: SHA
2-21: 11:46:32:750:164c QMOffer[11] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:750:164c QMOffer[11] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:750:164c Algo[0] Operation: AH Algo: MD5
2-21: 11:46:32:750:164c Algo[1] Operation: ESP Algo: DES CBC HMAC: MD5
2-21: 11:46:32:750:164c QMOffer[12] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:750:164c QMOffer[12] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:750:164c Algo[0] Operation: ESP Algo: NULL DES HMAC: SHA
2-21: 11:46:32:750:164c QMOffer[13] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:750:164c QMOffer[13] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:750:164c Algo[0] Operation: ESP Algo: NULL DES HMAC: MD5
2-21: 11:46:32:750:164c QMOffer[14] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:750:164c QMOffer[14] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:750:164c Algo[0] Operation: AH Algo: SHA
2-21: 11:46:32:750:164c QMOffer[15] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:32:750:164c QMOffer[15] dwFlags 0 dwPFSGroup 0
2-21: 11:46:32:750:164c Algo[0] Operation: AH Algo: MD5
2-21: 11:46:32:750:164c Starting Negotiation: src = 192.169.1.10.0500, dst = 109.251.xxx.xx.0500, proto = 17, context = 00000000, ProxySrc = 192.169.1.10.1701, ProxyDst = 109.251.xxx.xx.1701 SrcMask = 0.0.0.0 DstMask = 0.0.0.0
2-21: 11:46:32:750:164c constructing ISAKMP Header
2-21: 11:46:32:750:164c constructing SA (ISAKMP)
2-21: 11:46:32:750:164c Constructing Vendor MS NT5 ISAKMPOAKLEY
2-21: 11:46:32:750:164c Constructing Vendor FRAGMENTATION
2-21: 11:46:32:750:164c Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
2-21: 11:46:32:750:164c Constructing Vendor Vid-Initial-Contact
2-21: 11:46:32:750:164c
2-21: 11:46:32:750:164c Sending: SA = 0x0014CDE0 to 109.251.xxx.xx:Type 2.500
2-21: 11:46:32:750:164c ISAKMP Header: (V1.0), len = 312
2-21: 11:46:32:750:164c I-COOKIE 65357c759ec52902
2-21: 11:46:32:750:164c R-COOKIE 0000000000000000
2-21: 11:46:32:750:164c exchange: Oakley Main Mode
2-21: 11:46:32:750:164c flags: 0
2-21: 11:46:32:750:164c next payload: SA
2-21: 11:46:32:750:164c message ID: 00000000
2-21: 11:46:32:750:164c Ports S:f401 D:f401
2-21: 11:46:32:750:164c Activating InitiateEvent 000004CC
2-21: 11:46:32:812:164c
2-21: 11:46:32:812:164c Receive: (get) SA = 0x0014cde0 from 109.251.xxx.xx.500
2-21: 11:46:32:812:164c ISAKMP Header: (V1.0), len = 140
2-21: 11:46:32:812:164c I-COOKIE 65357c759ec52902
2-21: 11:46:32:812:164c R-COOKIE c97881c2f158f310
2-21: 11:46:32:812:164c exchange: Oakley Main Mode
2-21: 11:46:32:812:164c flags: 0
2-21: 11:46:32:812:164c next payload: SA
2-21: 11:46:32:812:164c message ID: 00000000
2-21: 11:46:32:812:164c processing payload SA
2-21: 11:46:32:812:164c Received Phase 1 Transform 1
2-21: 11:46:32:812:164c Encryption Alg Triple DES CBC(5)
2-21: 11:46:32:812:164c Hash Alg SHA(2)
2-21: 11:46:32:812:164c Oakley Group 14
2-21: 11:46:32:812:164c Auth Method Preshared Key(1)
2-21: 11:46:32:812:164c Life type in Seconds
2-21: 11:46:32:812:164c Life duration of 28800
2-21: 11:46:32:812:164c Phase 1 SA accepted: transform=1
2-21: 11:46:32:812:164c SA - Oakley proposal accepted
2-21: 11:46:32:812:164c processing payload VENDOR ID
2-21: 11:46:32:812:164c processing payload VENDOR ID
2-21: 11:46:32:812:164c processing payload VENDOR ID
2-21: 11:46:32:812:164c Received VendorId draft-ietf-ipsec-nat-t-ike-02
2-21: 11:46:32:812:164c ClearFragList
2-21: 11:46:32:812:164c constructing ISAKMP Header
2-21: 11:46:32:937:164c constructing KE
2-21: 11:46:32:937:164c constructing NONCE (ISAKMP)
2-21: 11:46:32:937:164c Constructing NatDisc
2-21: 11:46:32:937:164c
2-21: 11:46:32:937:164c Sending: SA = 0x0014CDE0 to 109.251.xxx.xx:Type 2.500
2-21: 11:46:32:937:164c ISAKMP Header: (V1.0), len = 360
2-21: 11:46:32:937:164c I-COOKIE 65357c759ec52902
2-21: 11:46:32:937:164c R-COOKIE c97881c2f158f310
2-21: 11:46:32:937:164c exchange: Oakley Main Mode
2-21: 11:46:32:937:164c flags: 0
2-21: 11:46:32:937:164c next payload: KE
2-21: 11:46:32:937:164c message ID: 00000000
2-21: 11:46:32:937:164c Ports S:f401 D:f401
2-21: 11:46:33:0:164c
2-21: 11:46:33:0:164c Receive: (get) SA = 0x0014cde0 from 109.251.xxx.xx.500
2-21: 11:46:33:0:164c ISAKMP Header: (V1.0), len = 356
2-21: 11:46:33:0:164c I-COOKIE 65357c759ec52902
2-21: 11:46:33:0:164c R-COOKIE c97881c2f158f310
2-21: 11:46:33:0:164c exchange: Oakley Main Mode
2-21: 11:46:33:0:164c flags: 0
2-21: 11:46:33:0:164c next payload: KE
2-21: 11:46:33:0:164c message ID: 00000000
2-21: 11:46:33:0:164c processing payload KE
2-21: 11:46:33:31:164c processing payload NONCE
2-21: 11:46:33:31:164c processing payload NATDISC
2-21: 11:46:33:31:164c Processing NatHash
2-21: 11:46:33:31:164c Nat hash a0b2c7336174a2c9a9acd04edfbcc394
2-21: 11:46:33:31:164c 38eab0cf
2-21: 11:46:33:31:164c SA StateMask2 1e
2-21: 11:46:33:31:164c processing payload NATDISC
2-21: 11:46:33:31:164c Processing NatHash
2-21: 11:46:33:31:164c Nat hash db7fdab04d61b1910cd7a14bd0f20889
2-21: 11:46:33:31:164c 2a5aec41
2-21: 11:46:33:31:164c SA StateMask2 5e
2-21: 11:46:33:31:164c ClearFragList
2-21: 11:46:33:31:164c Peer behind NAT
2-21: 11:46:33:31:164c Floated Ports Orig Me:f401 Peer:f401
2-21: 11:46:33:31:164c Floated Ports Me:9411 Peer:9411
2-21: 11:46:33:31:164c constructing ISAKMP Header
2-21: 11:46:33:31:164c constructing ID
2-21: 11:46:33:31:164c MM ID Type 2
2-21: 11:46:33:31:164c MM ID 4c454e4f564f2d3044413342454631
2-21: 11:46:33:31:164c constructing HASH
2-21: 11:46:33:31:164c
2-21: 11:46:33:31:164c Sending: SA = 0x0014CDE0 to 109.251.xxx.xx:Type 2.4500
2-21: 11:46:33:31:164c ISAKMP Header: (V1.0), len = 76
2-21: 11:46:33:31:164c I-COOKIE 65357c759ec52902
2-21: 11:46:33:31:164c R-COOKIE c97881c2f158f310
2-21: 11:46:33:31:164c exchange: Oakley Main Mode
2-21: 11:46:33:31:164c flags: 1 ( encrypted )
2-21: 11:46:33:31:164c next payload: ID
2-21: 11:46:33:31:164c message ID: 00000000
2-21: 11:46:33:31:164c Ports S:9411 D:9411
2-21: 11:46:33:93:164c
2-21: 11:46:33:93:164c Receive: (get) SA = 0x0014cde0 from 109.251.xxx.xx.4500
2-21: 11:46:33:93:164c ISAKMP Header: (V1.0), len = 76
2-21: 11:46:33:93:164c I-COOKIE 65357c759ec52902
2-21: 11:46:33:93:164c R-COOKIE c97881c2f158f310
2-21: 11:46:33:93:164c exchange: Oakley Main Mode
2-21: 11:46:33:93:164c flags: 1 ( encrypted )
2-21: 11:46:33:93:164c next payload: ID
2-21: 11:46:33:93:164c message ID: 00000000
2-21: 11:46:33:93:164c processing payload ID
2-21: 11:46:33:93:164c processing payload HASH
2-21: 11:46:33:93:164c AUTH: Phase I authentication accepted
2-21: 11:46:33:93:164c processing payload VENDOR ID
2-21: 11:46:33:93:164c ClearFragList
2-21: 11:46:33:93:164c MM established. SA: 0014CDE0
2-21: 11:46:33:93:164c QM PolicyName: L2TP Optional Encryption Quick Mode Policy dwFlags 0
2-21: 11:46:33:93:164c QMOffer[0] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:33:93:164c QMOffer[0] dwFlags 0 dwPFSGroup 0
2-21: 11:46:33:93:164c Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: MD5
2-21: 11:46:33:93:164c QMOffer[1] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:33:93:164c QMOffer[1] dwFlags 0 dwPFSGroup 0
2-21: 11:46:33:93:164c Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: SHA
2-21: 11:46:33:93:164c QMOffer[2] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:33:93:164c QMOffer[2] dwFlags 0 dwPFSGroup 0
2-21: 11:46:33:93:164c Algo[0] Operation: ESP Algo: DES CBC HMAC: MD5
2-21: 11:46:33:93:164c QMOffer[3] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:33:93:164c QMOffer[3] dwFlags 0 dwPFSGroup 0
2-21: 11:46:33:93:164c Algo[0] Operation: ESP Algo: DES CBC HMAC: SHA
2-21: 11:46:33:93:164c QMOffer[4] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:33:93:164c QMOffer[4] dwFlags 0 dwPFSGroup 0
2-21: 11:46:33:93:164c Algo[0] Operation: ESP Algo: NULL DES HMAC: SHA
2-21: 11:46:33:93:164c QMOffer[5] LifetimeKBytes 250000 LifetimeSec 3600
2-21: 11:46:33:93:164c QMOffer[5] dwFlags 0 dwPFSGroup 0
2-21: 11:46:33:93:164c Algo[0] Operation: ESP Algo: NULL DES HMAC: MD5
2-21: 11:46:33:93:164c GetSpi: src = 109.251.xxx.xx.1701, dst = 192.169.1.10.1701, proto = 17, context = 00000000, srcMask = 255.255.255.255, destMask = 255.255.255.255, TunnelFilter 0
2-21: 11:46:33:93:164c Setting SPI 2783324868
2-21: 11:46:33:93:164c constructing ISAKMP Header
2-21: 11:46:33:93:164c constructing HASH (null)
2-21: 11:46:33:93:164c constructing SA (IPSEC)
2-21: 11:46:33:93:164c constructing NONCE (IPSEC)
2-21: 11:46:33:93:164c constructing ID (proxy)
2-21: 11:46:33:93:164c FQDN ID 4c454e4f564f2d3044413342454631
2-21: 11:46:33:93:164c constructing ID (proxy)
2-21: 11:46:33:93:164c Construct NATOA
2-21: 11:46:33:93:164c constructing HASH (QM)
2-21: 11:46:33:93:164c
2-21: 11:46:33:93:164c Sending: SA = 0x0014CDE0 to 109.251.xxx.xx:Type 2.4500
2-21: 11:46:33:93:164c ISAKMP Header: (V1.0), len = 388
2-21: 11:46:33:93:164c I-COOKIE 65357c759ec52902
2-21: 11:46:33:93:164c R-COOKIE c97881c2f158f310
2-21: 11:46:33:93:164c exchange: Oakley Quick Mode
2-21: 11:46:33:93:164c flags: 1 ( encrypted )
2-21: 11:46:33:93:164c next payload: HASH
2-21: 11:46:33:93:164c message ID: 3421caf6
2-21: 11:46:33:93:164c Ports S:9411 D:9411
2-21: 11:46:33:156:164c
2-21: 11:46:33:156:164c Receive: (get) SA = 0x0014cde0 from 109.251.xxx.xx.4500
2-21: 11:46:33:156:164c ISAKMP Header: (V1.0), len = 172
2-21: 11:46:33:156:164c I-COOKIE 65357c759ec52902
2-21: 11:46:33:156:164c R-COOKIE c97881c2f158f310
2-21: 11:46:33:156:164c exchange: Oakley Quick Mode
2-21: 11:46:33:156:164c flags: 1 ( encrypted )
2-21: 11:46:33:156:164c next payload: HASH
2-21: 11:46:33:156:164c message ID: 3421caf6
2-21: 11:46:33:156:164c processing HASH (QM)
2-21: 11:46:33:156:164c ClearFragList
2-21: 11:46:33:156:164c processing payload NONCE
2-21: 11:46:33:156:164c processing payload ID
2-21: 11:46:33:156:164c processing payload ID
2-21: 11:46:33:156:164c processing payload SA
2-21: 11:46:33:156:164c Negotiated Proxy ID: Src 192.169.1.10.1701 Dst 109.251.xxx.xx.1701
2-21: 11:46:33:156:164c Checking Proposal 1: Proto= ESP(3), num trans=1 Next=0
2-21: 11:46:33:156:164c Checking Transform # 1: ID=Triple DES CBC(3)
2-21: 11:46:33:156:164c SA life type in seconds
2-21: 11:46:33:156:164c SA life duration 00000e10
2-21: 11:46:33:156:164c SA life type in kilobytes
2-21: 11:46:33:156:164c SA life duration 0003d090
2-21: 11:46:33:156:164c tunnel mode is 61444(61444)
2-21: 11:46:33:156:164c HMAC algorithm is MD5(1)
2-21: 11:46:33:156:164c Phase 2 SA accepted: proposal=1 transform=1
2-21: 11:46:33:156:164c constructing ISAKMP Header
2-21: 11:46:33:156:164c constructing HASH (QM)
2-21: 11:46:33:156:164c Adding QMs: src = 192.169.1.10.1701, dst = 109.251.xxx.xx.1701, proto = 17, context = 0000002B, my tunnel = 0.0.0.0, peer tunnel = 0.0.0.0, SrcMask = 0.0.0.0, DestMask = 0.0.0.0 Lifetime = 3600 LifetimeKBytes 250000 dwFlags 380 Direction 2 EncapType 3
2-21: 11:46:33:156:164c Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: MD5
2-21: 11:46:33:156:164c Algo[0] MySpi: 2783324868 PeerSpi: 3609761456
2-21: 11:46:33:156:164c Encap Ports Src 4500 Dst 4500
2-21: 11:46:33:156:164c Skipping Outbound SA add
2-21: 11:46:33:156:164c Adding QMs: src = 192.169.1.10.1701, dst = 109.251.xxx.xx.1701, proto = 17, context = 0000002B, my tunnel = 0.0.0.0, peer tunnel = 0.0.0.0, SrcMask = 0.0.0.0, DestMask = 0.0.0.0 Lifetime = 3600 LifetimeKBytes 250000 dwFlags 380 Direction 3 EncapType 3
2-21: 11:46:33:156:164c Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: MD5
2-21: 11:46:33:156:164c Algo[0] MySpi: 2783324868 PeerSpi: 3609761456
2-21: 11:46:33:156:164c Encap Ports Src 4500 Dst 4500
2-21: 11:46:33:156:164c Skipping Inbound SA add
2-21: 11:46:33:156:164c Leaving adjust_peer_list entry 0015FFE8 MMCount 0 QMCount 1
2-21: 11:46:33:156:164c isadb_set_status sa:0014CDE0 centry:001519E0 status 0
2-21: 11:46:33:156:164c isadb_set_status InitiateEvent 000004CC: Setting Status 0
2-21: 11:46:33:156:164c Clearing centry 001519E0 InitiateEvent 000004CC
2-21: 11:46:33:156:164c
2-21: 11:46:33:156:164c Sending: SA = 0x0014CDE0 to 109.251.xxx.xx:Type 4.4500
2-21: 11:46:33:156:164c ISAKMP Header: (V1.0), len = 52
2-21: 11:46:33:156:164c I-COOKIE 65357c759ec52902
2-21: 11:46:33:156:164c R-COOKIE c97881c2f158f310
2-21: 11:46:33:156:164c exchange: Oakley Quick Mode
2-21: 11:46:33:156:164c flags: 1 ( encrypted )
2-21: 11:46:33:156:164c next payload: HASH
2-21: 11:46:33:156:164c message ID: 3421caf6
2-21: 11:46:33:156:164c Ports S:9411 D:9411
2-21: 11:46:33:156:14d8 CloseNegHandle 000004CC
2-21: 11:46:33:156:14d8 SE cookie 65357c759ec52902
2-21: 11:47:08:171:164c QM Deleted. Notify from driver: Src 192.169.1.10 Dest 109.251.xxx.xx InSPI 2783324868 OutSpi 3609761456 Tunnel 0 TunnelFilter 0
2-21: 11:47:08:171:164c Leaving adjust_peer_list entry 0015FFE8 MMCount 0 QMCount 0
2-21: 11:47:08:171:164c constructing ISAKMP Header
2-21: 11:47:08:171:164c constructing HASH (null)
2-21: 11:47:08:171:164c Construct QM Delete Spi 2783324868
2-21: 11:47:08:171:164c constructing HASH (Notify/Delete)
2-21: 11:47:08:171:164c Not setting retransmit to downlevel client. SA 0014CDE0 Centry 00000000
2-21: 11:47:08:171:164c
2-21: 11:47:08:171:164c Sending: SA = 0x0014CDE0 to 109.251.xxx.xx:Type 1.4500
2-21: 11:47:08:171:164c ISAKMP Header: (V1.0), len = 68
2-21: 11:47:08:171:164c I-COOKIE 65357c759ec52902
2-21: 11:47:08:171:164c R-COOKIE c97881c2f158f310
2-21: 11:47:08:171:164c exchange: ISAKMP Informational Exchange
2-21: 11:47:08:171:164c flags: 1 ( encrypted )
2-21: 11:47:08:171:164c next payload: HASH
2-21: 11:47:08:171:164c message ID: 4122d98c
2-21: 11:47:08:171:164c Ports S:9411 D:9411
2-21: 11:47:08:171:164c PrivatePeerAddr 0
2-21: 11:47:08:171:1658 isadb_schedule_kill_oldPolicy_sas: 0e78f7c3-c17a-4bc6-956da89ef1ddf5d8 4
2-21: 11:47:08:171:5e8 isadb_schedule_kill_oldPolicy_sas: cb1d04f3-a7fb-4415-8ecabdc1a92ff733 3
2-21: 11:47:08:171:14d8 isadb_schedule_kill_oldPolicy_sas: db241027-3793-4bfe-bbed12a05668ada6 2
2-21: 11:47:08:171:1658 isadb_schedule_kill_oldPolicy_sas: f30c3874-747f-4700-8989c1649ae05ba7 1
2-21: 11:47:08:171:164c entered kill_old_policy_sas 4
2-21: 11:47:08:171:164c SA Dead. sa:0014CDE0 status:3619
2-21: 11:47:08:171:164c isadb_set_status sa:0014CDE0 centry:00000000 status 3619
2-21: 11:47:08:171:164c constructing ISAKMP Header
2-21: 11:47:08:171:164c constructing HASH (null)
2-21: 11:47:08:171:164c constructing DELETE. MM 0014CDE0
2-21: 11:47:08:171:164c constructing HASH (Notify/Delete)
2-21: 11:47:08:171:164c Not setting retransmit to downlevel client. SA 0014CDE0 Centry 00000000
2-21: 11:47:08:171:164c
2-21: 11:47:08:171:164c Sending: SA = 0x0014CDE0 to 109.251.xxx.xx:Type 1.4500
2-21: 11:47:08:171:164c ISAKMP Header: (V1.0), len = 84
2-21: 11:47:08:171:164c I-COOKIE 65357c759ec52902
2-21: 11:47:08:171:164c R-COOKIE c97881c2f158f310
2-21: 11:47:08:171:164c exchange: ISAKMP Informational Exchange
2-21: 11:47:08:171:164c flags: 1 ( encrypted )
2-21: 11:47:08:171:164c next payload: HASH
2-21: 11:47:08:171:164c message ID: cab13a13
2-21: 11:47:08:171:164c Ports S:9411 D:9411
2-21: 11:47:08:171:164c entered kill_old_policy_sas 3
2-21: 11:47:08:171:164c entered kill_old_policy_sas 1
2-21: 11:47:08:171:9b4 entered kill_old_policy_sas 2
2-21: 11:47:08:218:9b4
2-21: 11:47:08:218:9b4 Receive: (get) SA = 0x0014cde0 from 109.251.xxx.xx.4500
2-21: 11:47:08:218:9b4 ISAKMP Header: (V1.0), len = 68
2-21: 11:47:08:218:9b4 I-COOKIE 65357c759ec52902
2-21: 11:47:08:218:9b4 R-COOKIE c97881c2f158f310
2-21: 11:47:08:218:9b4 exchange: ISAKMP Informational Exchange
2-21: 11:47:08:218:9b4 flags: 1 ( encrypted )
2-21: 11:47:08:218:9b4 next payload: HASH
2-21: 11:47:08:218:9b4 message ID: c21d1f13
2-21: 11:47:08:218:9b4 processing HASH (Notify/Delete)
2-21: 11:47:08:218:9b4 processing payload DELETE
2-21: 11:47:08:218:9b4 Asked to delete phase2 SPI we don't own: 3609761456 proto=3
2-21: 11:47:08:234:9b4
2-21: 11:47:08:234:9b4 Receive: (get) SA = 0x0014cde0 from 109.251.xxx.xx.4500
2-21: 11:47:08:234:9b4 ISAKMP Header: (V1.0), len = 84
2-21: 11:47:08:234:9b4 I-COOKIE 65357c759ec52902
2-21: 11:47:08:234:9b4 R-COOKIE c97881c2f158f310
2-21: 11:47:08:234:9b4 exchange: ISAKMP Informational Exchange
2-21: 11:47:08:234:9b4 flags: 1 ( encrypted )
2-21: 11:47:08:234:9b4 next payload: HASH
2-21: 11:47:08:234:9b4 message ID: 8526bf2a
2-21: 11:47:08:234:9b4 processing HASH (Notify/Delete)
2-21: 11:47:08:234:9b4 processing payload DELETE


Please advice me that is there any settings that I am missing either at linux side or windows side.

Thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenSWAN, L2TP/IPSEC on CentOS 5.5 bderry71 Linux - Server 1 10-05-2010 09:33 PM
L2TP/IPSec/openswan server for iphone help ShadowHywind Linux - Server 3 01-25-2010 04:31 PM
L2TP/OpenSWAN Installation on Centos 5 blackmetal Linux - Networking 0 05-18-2009 11:54 AM
Not working properly with openswan/l2tp khuongdp Linux - Networking 1 05-24-2007 08:57 PM
Connecting to VPN using l2tp Artik Linux - Networking 0 05-22-2006 05:06 AM


All times are GMT -5. The time now is 02:47 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration