1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

VPN Config on WRVS4400N

Discussion in 'Networking' started by walepiper, Jan 6, 2011.

Thread Status:
Not open for further replies.
  1. walepiper

    walepiper Thread Starter

    Joined:
    Aug 4, 2010
    Messages:
    19
    Good day,

    I am new to VPN configuration but i am presently configuring a site-site VPN connection to a network provider using Cisco LinkSys WRVS4400N. I configured the VPN Gateway Peer as our Internet Public IP and the host IPs as our private LAN IPs 192.168.1.0/24. I realised the VPN connection is not coming up.

    Here is the network diagram:

    [​IMG]

    here is the configuration:

    [​IMG]

    [​IMG]

    On trying to connect the VPN, below is the log:

    Jan 5 13:05:49 - [VPN Log]: shutting down
    Jan 5 13:05:49 - [VPN Log]: forgetting secrets
    Jan 5 13:05:49 - [VPN Log]: "XXXXX": deleting connection
    Jan 5 13:05:49 - [VPN Log]: ERROR: "XXXXX": pfkey write() of SADB_X_DELFLOW message 9 for flow [email protected] failed. Errno 14: Bad address
    Jan 5 13:05:49 - [VPN Log]: | 02 0f 00 0b 0e 00 00 00 09 00 00 00 d2 2d 00 00
    Jan 5 13:05:49 - [VPN Log]: | 03 00 15 00 00 00 00 00 02 00 00 00 c0 a8 01 00
    Jan 5 13:05:49 - [VPN Log]: | 00 00 00 00 84 0b 00 40 03 00 16 00 00 00 00 00
    Jan 5 13:05:49 - [VPN Log]: | 02 00 00 00 29 ce 04 2a b0 25 01 00 23 00 00 00
    Jan 5 13:05:49 - [VPN Log]: | 03 00 17 00 00 00 00 00 02 00 00 00 ff ff ff 00
    Jan 5 13:05:49 - [VPN Log]: | 45 56 45 4e 54 5f 52 45 03 00 18 00 00 00 00 00
    Jan 5 13:05:49 - [VPN Log]: | 02 00 00 00 ff ff ff ff 20 28 73 65 00 00 00 00
    Jan 5 13:05:51 - [VPN Log]: "XXXXX": unroute-client output: 0
    Jan 5 13:05:51 - [VPN Log]: shutting down interface ipsec0/eth1 41.189.8.236:4500
    Jan 5 13:05:51 - [VPN Log]: shutting down interface ipsec0/eth1 41.189.8.236:500
    Jan 5 13:05:54 - [VPN Log]: Starting Pluto (Openswan Version cvs2006Jan12_11:29:56 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID [email protected])
    Jan 5 13:05:54 - [VPN Log]: @(#) built on Aug 13 2009:02:39:00:
    Jan 5 13:05:54 - [VPN Log]: Setting NAT-Traversal port-4500 floating to on
    Jan 5 13:05:54 - [VPN Log]: port floating activation criteria nat_t=1/port_fload=1
    Jan 5 13:05:54 - [VPN Log]: including NAT-Traversal patch (Version 0.6c)
    Jan 5 13:05:54 - [VPN Log]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
    Jan 5 13:05:54 - [VPN Log]: starting up 1 cryptographic helpers
    Jan 5 13:05:54 - [VPN Log]: started helper pid=12205 (fd:5)
    Jan 5 13:05:54 - [VPN Log]: Using KLIPS IPsec interface code on 2.4.27-star
    Jan 5 13:05:54 - [VPN Log]: Changing to directory '/etc/ipsec.d/cacerts'
    Jan 5 13:05:54 - [VPN Log]: Changing to directory '/etc/ipsec.d/aacerts'
    Jan 5 13:05:54 - [VPN Log]: Changing to directory '/etc/ipsec.d/ocspcerts'
    Jan 5 13:05:54 - [VPN Log]: Changing to directory '/etc/ipsec.d/crls'
    Jan 5 13:05:54 - [VPN Log]: Warning: empty directory
    Jan 5 13:05:54 - [VPN Log]: added connection description "XXXXX"
    Jan 5 13:05:54 - [VPN Log]: listening for IKE messages
    Jan 5 13:05:54 - [VPN Log]: adding interface ipsec0/eth1 41.189.8.236:500
    Jan 5 13:05:54 - [VPN Log]: adding interface ipsec0/eth1 41.189.8.236:4500
    Jan 5 13:05:54 - [VPN Log]: loading secrets from "/etc/ipsec.secrets"
    Jan 5 13:05:56 - [VPN Log]: "XXXXX": route-client output: 0
    Jan 5 13:05:56 - [VPN Log]: "XXXXX" #1: initiating Main Mode
    Jan 5 13:05:56 - [VPN Log]: "XXXXX" #1: received Vendor ID payload [RFC 3947] method set to=109
    Jan 5 13:05:56 - [VPN Log]: "XXXXX" #1: enabling possible NAT-traversal with method 3
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: STATE_MAIN_I2: sent MI2, expecting MR2
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: received Vendor ID payload [Cisco-Unity]
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: received Vendor ID payload [Dead Peer Detection]
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: ignoring unknown Vendor ID payload [6ea71f174f112259d22bd3048a78d627]
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: received Vendor ID payload [XAUTH]
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: I did not send a certificate because I do not have one.
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: NAT-Traversal: Result using 3: no NAT detected
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: STATE_MAIN_I3: sent MI3, expecting MR3
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: Main mode peer ID is ID_IPV4_ADDR: '41.220.79.242'
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #2: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK+UP {using isakmp#1}
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: ignoring informational payload, type IPSEC_RESPONDER_LIFETIME
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: received and ignored informational message
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN
    Jan 5 13:05:57 - [VPN Log]: "XXXXX" #1: received and ignored informational message
    Jan 5 13:06:14 - [VPN Log]: initiate on demand from 192.168.1.110:0 to 41.206.4.42:0 proto=0 state: fos_start because: acquire
    Jan 5 13:06:14 - [VPN Log]: "XXXXX" #3: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK+UP {using isakmp#1}
    Jan 5 13:06:14 - [VPN Log]: "XXXXX" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN
    Jan 5 13:06:14 - [VPN Log]: "XXXXX" #1: received and ignored informational message
    Jan 5 13:06:33 - [VPN Log]: "XXXXX" #4: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK+UP {using isakmp#1}
    Jan 5 13:06:33 - [VPN Log]: "XXXXX" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN
    Jan 5 13:06:33 - [VPN Log]: "XXXXX" #1: received and ignored informational message
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/973006

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice