Connect. Communicate. Collaborate. Securely.

Domů » Česky » Kerio Control » IPSec a ZyXel USG
  •  
Viki je nyní offline Viki

Příspěvky: 89
Odeslat poštu tomuto uživateli
Zdravím všechny,
neustále mám boje s VPN tunelama mezi Keriem a ZyXelima USG,
zyxel jako Server, Kerio aktivni (pripojuje se na server),
na zyxelu pro Phase 1:
3DES/MD5/DH5
AES128/MD5/DH5
AES128/SHA1/DH5
proo Phase 2

3DES/MD5
AES128/MD5
AES128/SHA1

myslim si, ze ma Kerio dostatek kombinaci na vyber jake sifrovani pouzit,
avsak i tak mi hlasi ze zadna z navrhovanych sad nebyla pouzitelna a pak chvili na to, ze se nejde pripojit ke vzdalenemu konci tunelu...WTF? proc?
tady je debug log se zapnutyma vsema IPsec zpravama... Tohle jede porad dokola...
Obcas napise, ze peer is not responding, ale peer does respond, protoze proti nemu jedou dalsi 3 tunely...
Tunel Kerio-Kerio funguje bez jedineho problemu, jen IPsec proti jinym zarizenim je porad boj...

[24/Aug/2013 22:14:33] {IPsec} TunnelsList|thread: Tunnel 'Vikino Home' will be checked in 10s.
[24/Aug/2013 22:14:33] {IPsec} TunnelsList|thread: Going to sleep for 10s.
[24/Aug/2013 22:14:43] {IPsec} TunnelsList|thread: Tunnel 'Vikino Home' should be up.
[24/Aug/2013 22:14:43] {charon} charon: 07[CFG] received stroke: initiate 'tunnel_2_1_1_1'
[24/Aug/2013 22:14:43] {charon} charon: 08[IKE] initiating Main Mode IKE_SA tunnel_2_1_1_1[3226] to 91.218.xxx.xxx
[24/Aug/2013 22:14:43] {charon} charon: 08[IKE] initiating Main Mode IKE_SA tunnel_2_1_1_1[3226] to 91.218.xxx.xxx
[24/Aug/2013 22:14:43] {charon} charon: 08[ENC] generating ID_PROT request 0 [ SA V V V ]
[24/Aug/2013 22:14:43] {charon} charon: 08[NET] sending packet: from 91.218.xxx.xxx[500] to 91.218.xxx.xxx[500]
[24/Aug/2013 22:14:47] {charon} charon: 12[IKE] sending retransmit 1 of request message ID 0, seq 1
[24/Aug/2013 22:14:47] {charon} charon: 12[NET] sending packet: from 91.218.xxx.xxx[500] to 91.218.xxx.xxx[500]
[24/Aug/2013 22:14:54] {charon} charon: 04[IKE] giving up after 1 retransmits
[24/Aug/2013 22:14:54] {charon} charon: 04[IKE] establishing IKE_SA failed, peer not responding
[24/Aug/2013 22:14:54] {IPsec} TunnelsList|thread: 'ipsec up tunnel_2_1_1_1' returned 0
[24/Aug/2013 22:14:54] {charon} charon: 02[CFG] received stroke: initiate 'tunnel_2_2_1_1'
[24/Aug/2013 22:14:54] {charon} charon: 03[IKE] initiating Main Mode IKE_SA tunnel_2_1_1_1[3227] to 91.218.xxx.xxx
[24/Aug/2013 22:14:54] {charon} charon: 03[IKE] initiating Main Mode IKE_SA tunnel_2_1_1_1[3227] to 91.218.xxx.xxx
[24/Aug/2013 22:14:54] {charon} charon: 03[ENC] generating ID_PROT request 0 [ SA V V V ]
[24/Aug/2013 22:14:54] {charon} charon: 03[NET] sending packet: from 91.218.xxx.xxx[500] to 91.218.xxx.xxx[500]
[24/Aug/2013 22:14:54] {charon} charon: 16[NET] received packet: from 91.218.xxx.xxx[500] to 91.218.xxx.xxx[500]
[24/Aug/2013 22:14:54] {charon} charon: 16[ENC] parsed INFORMATIONAL_V1 request 688030821 [ N(NO_PROP) ]
[24/Aug/2013 22:14:54] {charon} charon: 16[IKE] received NO_PROPOSAL_CHOSEN error notify
[24/Aug/2013 22:14:54] {IPsec} TunnelsList|thread: 'ipsec up tunnel_2_2_1_1' returned 0
[24/Aug/2013 22:14:54] {charon} charon: 08[CFG] received stroke: initiate 'tunnel_2_3_1_1'
[24/Aug/2013 22:14:54] {charon} charon: 12[IKE] initiating Main Mode IKE_SA tunnel_2_1_1_1[3228] to 91.218.xxx.xxx
[24/Aug/2013 22:14:54] {charon} charon: 12[IKE] initiating Main Mode IKE_SA tunnel_2_1_1_1[3228] to 91.218.xxx.xxx
[24/Aug/2013 22:14:54] {charon} charon: 12[ENC] generating ID_PROT request 0 [ SA V V V ]
[24/Aug/2013 22:14:54] {charon} charon: 12[NET] sending packet: from 91.218.xxx.xxx[500] to 91.218.xxx.xxx[500]
[24/Aug/2013 22:14:54] {charon} charon: 04[NET] received packet: from 91.218.xxx.xxx[500] to 91.218.xxx.xxx[500]
[24/Aug/2013 22:14:54] {charon} charon: 04[ENC] parsed INFORMATIONAL_V1 request 1140166465 [ N(NO_PROP) ]
[24/Aug/2013 22:14:54] {charon} charon: 04[IKE] received NO_PROPOSAL_CHOSEN error notify
[24/Aug/2013 22:14:54] {IPsec} TunnelsList|thread: 'ipsec up tunnel_2_3_1_1' returned 0
[24/Aug/2013 22:14:54] {charon} charon: 07[CFG] received stroke: initiate 'tunnel_2_4_1_1'
[24/Aug/2013 22:14:54] {charon} charon: 03[IKE] initiating Main Mode IKE_SA tunnel_2_1_1_1[3229] to 91.218.xxx.xxx
[24/Aug/2013 22:14:54] {charon} charon: 03[IKE] initiating Main Mode IKE_SA tunnel_2_1_1_1[3229] to 91.218.xxx.xxx
[24/Aug/2013 22:14:54] {charon} charon: 03[ENC] generating ID_PROT request 0 [ SA V V V ]
[24/Aug/2013 22:14:54] {charon} charon: 03[NET] sending packet: from 91.218.xxx.xxx[500] to 91.218.xxx.xxx[500]
[24/Aug/2013 22:14:56] {charon} charon: 16[IKE] sending DPD request
[24/Aug/2013 22:14:56] {charon} charon: 16[ENC] generating INFORMATIONAL_V1 request 862122665 [ HASH N(DPD) ]
[24/Aug/2013 22:14:58] {charon} charon: 04[NET] sending packet: from 91.218.xxx.xxx[500] to 91.218.xxx.xxx[500]
[24/Aug/2013 22:15:05] {charon} charon: 08[IKE] giving up after 1 retransmits
[24/Aug/2013 22:15:05] {charon} charon: 08[IKE] establishing IKE_SA failed, peer not responding
[24/Aug/2013 22:15:05] {IPsec} TunnelsList|thread: 'ipsec up tunnel_2_4_1_1' returned 0
[24/Aug/2013 22:15:05] {charon} charon: 01[CFG] received stroke: initiate 'tunnel_2_5_1_1'
[24/Aug/2013 22:15:05] {charon} charon: 16[IKE] initiating Main Mode IKE_SA tunnel_2_1_1_1[3230] to 91.218.xxx.xxx
[24/Aug/2013 22:15:05] {charon} charon: 16[IKE] initiating Main Mode IKE_SA tunnel_2_1_1_1[3230] to 91.218.xxx.xxx
[24/Aug/2013 22:15:05] {charon} charon: 16[ENC] generating ID_PROT request 0 [ SA V V V ]
[24/Aug/2013 22:15:05] {charon} charon: 16[NET] sending packet: from 91.218.xxx.xxx[500] to 91.218.xxx.xxx[500]
[24/Aug/2013 22:15:05] {charon} charon: 02[NET] received packet: from 91.218.xxx.xxx[500] to 91.218.xxx.xxx[500]
[24/Aug/2013 22:15:05] {charon} charon: 02[ENC] parsed INFORMATIONAL_V1 request 4270763595 [ N(NO_PROP) ]
[24/Aug/2013 22:15:05] {charon} charon: 02[IKE] received NO_PROPOSAL_CHOSEN error notify
[24/Aug/2013 22:15:05] {IPsec} TunnelsList|thread: 'ipsec up tunnel_2_5_1_1' returned 0
[24/Aug/2013 22:15:05] {IPsec} TunnelsList|thread: Tunnel 'Vikino Home' will be checked in 10s.
[24/Aug/2013 22:15:05] {IPsec} TunnelsList|thread: Going to sleep for 10s.

[Aktualizováno: So, 24 srpen 2013 22:29]

Předchozí téma: Přesun KWF na nové PC
Další téma: Ako povoliť port 2500 v komunikačných pravidlách
Jít na fórum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Aktuální čas: Ne říj 22 15:33:02 CEST 2017

Celkový čas potřebný k vygenerování této stránky: 0.00340 vteřin
.:: Kontakt :: Domů ::.
Běží na: FUDforum 3.0.4.