cancelar
Mostrar resultados para 
Pesquisar em vez de 
Queria dizer: 
cancel
3305
Apresentações
15
Útil
22
Respostas

VPN entre RV340 e RV320 com ip dinâmico

Saudações!

 

Estou enfrentando um problema e não sei como solucionar.

 

Eu tinha uma VPN entre um RV320 e um RV42 que utilizava IP dinâmico, com DynDNS e geralmente funcionava bem.

 

Troquei o RV042 por um RV340 e não estou conseguindo configurar a VPN, estou tentando desde que o RV340 chegou, há duas semanas.

 

Gostei muito do RV340, mas esse problema está me desanimando.

 

Alguma sugestão?

 

Segue um trecho do log e obrigado pela atenção.

 

2019-12-12T02:36:03-03:00 <info>charon: 05[NET] sending packet: from 179.34.225.183[500] to 179.34.198.193[500] (84 bytes)
2019-12-12T02:36:03-03:00 <info>charon: 05[ENC] generating INFORMATIONAL_V1 request 3599251864 [ HASH N(AUTH_FAILED) ]
2019-12-12T02:36:03-03:00 <info>charon: 05[IKE] no peer config found
2019-12-12T02:36:03-03:00 <info>charon: 05[CFG] looking for pre-shared key peer configs matching 179.34.225.183...179.34.198.193[179.34.198.193]
2019-12-12T02:36:03-03:00 <info>charon: 05[ENC] parsed ID_PROT request 0 [ ID HASH ]
2019-12-12T02:36:03-03:00 <info>charon: 05[NET] received packet: from 179.34.198.193[500] to 179.34.225.183[500] (60 bytes)
2019-12-12T02:36:03-03:00 <info>charon: 14[NET] sending packet: from 179.34.225.183[500] to 179.34.198.193[500] (196 bytes)
2019-12-12T02:36:03-03:00 <info>charon: 14[ENC] generating ID_PROT response 0 [ KE No ]
2019-12-12T02:36:03-03:00 <info>charon: 14[IKE] FSLDBG: Now searching for PSK with :my_id,me,other_id,other: '179.34.225.183'[179.34.225.183] - 'carijos1.dyndns.org'[179.34.198.193]
2019-12-12T02:36:03-03:00 <info>charon: 14[ENC] parsed ID_PROT request 0 [ KE No ]
2019-12-12T02:36:03-03:00 <info>charon: 14[NET] received packet: from 179.34.198.193[500] to 179.34.225.183[500] (180 bytes)
2019-12-12T02:36:03-03:00 <info>charon: 10[NET] sending packet: from 179.34.225.183[500] to 179.34.198.193[500] (132 bytes)
2019-12-12T02:36:03-03:00 <info>charon: 10[ENC] generating ID_PROT response 0 [ SA V V V ]
2019-12-12T02:36:03-03:00 <info>charon: Last message '10[IKE] 179.34.198.1' repeated 1 times, supressed by syslog-ng on gw
2019-12-12T02:36:03-03:00 <info>charon: 10[IKE] 179.34.198.193 is initiating a Main Mode IKE_SA
2019-12-12T02:36:03-03:00 <info>charon: 10[IKE] received DPD vendor ID
2019-12-12T02:36:03-03:00 <info>charon: 10[ENC] parsed ID_PROT request 0 [ SA V ]
2019-12-12T02:36:03-03:00 <info>charon: 10[NET] received packet: from 179.34.198.193[500] to 179.34.225.183[500] (100 bytes)
2019-12-12T02:35:22-03:00 <info>charon: 15[NET] sending packet: from 179.34.225.183[500] to 179.34.198.193[500] (84 bytes)
2019-12-12T02:35:22-03:00 <info>charon: 15[ENC] generating INFORMATIONAL_V1 request 2330386382 [ HASH N(AUTH_FAILED) ]
2019-12-12T02:35:22-03:00 <info>charon: 15[IKE] no peer config found
2019-12-12T02:35:22-03:00 <info>charon: 15[CFG] looking for pre-shared key peer configs matching 179.34.225.183...179.34.198.193[179.34.198.193]
2019-12-12T02:35:22-03:00 <info>charon: 15[ENC] parsed ID_PROT request 0 [ ID HASH ]
2019-12-12T02:35:22-03:00 <info>charon: 15[NET] received packet: from 179.34.198.193[500] to 179.34.225.183[500] (60 bytes)
2019-12-12T02:35:21-03:00 <info>charon: 12[NET] sending packet: from 179.34.225.183[500] to 179.34.198.193[500] (196 bytes)
2019-12-12T02:35:21-03:00 <info>charon: 12[ENC] generating ID_PROT response 0 [ KE No ]
2019-12-12T02:35:21-03:00 <info>charon: 12[IKE] FSLDBG: Now searching for PSK with :my_id,me,other_id,other: '179.34.225.183'[179.34.225.183] - 'carijos1.dyndns.org'[179.34.198.193]
2019-12-12T02:35:21-03:00 <info>charon: 12[ENC] parsed ID_PROT request 0 [ KE No ]
2019-12-12T02:35:21-03:00 <info>charon: 12[NET] received packet: from 179.34.198.193[500] to 179.34.225.183[500] (180 bytes)
2019-12-12T02:35:21-03:00 <info>charon: 16[NET] sending packet: from 179.34.225.183[500] to 179.34.198.193[500] (132 bytes)
2019-12-12T02:35:21-03:00 <info>charon: 16[ENC] generating ID_PROT response 0 [ SA V V V ]
2019-12-12T02:35:21-03:00 <info>charon: Last message '16[IKE] 179.34.198.1' repeated 1 times, supressed by syslog-ng on gw
2019-12-12T02:35:21-03:00 <info>charon: 16[IKE] 179.34.198.193 is initiating a Main Mode IKE_SA
2019-12-12T02:35:21-03:00 <info>charon: 16[IKE] received DPD vendor ID
2019-12-12T02:35:21-03:00 <info>charon: 16[ENC] parsed ID_PROT request 0 [ SA V ]
2019-12-12T02:35:21-03:00 <info>charon: 16[NET] received packet: from 179.34.198.193[500] to 179.34.225.183[500] (100 bytes)
2019-12-12T02:35:12-03:00 <info>charon: 10[NET] sending packet: from 179.34.225.183[500] to 179.34.198.193[500] (84 bytes)
2019-12-12T02:35:12-03:00 <info>charon: 10[ENC] generating INFORMATIONAL_V1 request 3067456157 [ HASH N(AUTH_FAILED) ]
2019-12-12T02:35:12-03:00 <info>charon: 10[IKE] no peer config found
2019-12-12T02:35:12-03:00 <info>charon: 10[CFG] looking for pre-shared key peer configs matching 179.34.225.183...179.34.198.193[179.34.198.193]
2019-12-12T02:35:12-03:00 <info>charon: 10[ENC] parsed ID_PROT request 0 [ ID HASH ]
2019-12-12T02:35:12-03:00 <info>charon: 10[NET] received packet: from 179.34.198.193[500] to 179.34.225.183[500] (60 bytes)
2019-12-12T02:35:12-03:00 <info>charon: 06[NET] sending packet: from 179.34.225.183[500] to 179.34.198.193[500] (236 bytes)
2019-12-12T02:35:12-03:00 <info>charon: 06[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
2019-12-12T02:35:12-03:00 <info>charon: 06[IKE] FSLDBG: Now searching for PSK with :my_id,me,other_id,other: '179.34.225.183'[179.34.225.183] - 'carijos1.dyndns.org'[179.34.198.193]
2019-12-12T02:35:12-03:00 <info>charon: 06[ENC] parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
2019-12-12T02:35:12-03:00 <info>charon: 06[NET] received packet: from 179.34.198.193[500] to 179.34.225.183[500] (220 bytes)

 

 

22 RESPOSTAS 22

Jaderson Pessoa
VIP Alumni
VIP Alumni

@ariobarlimapontes bom dia,

 

Pelo logs iniciais pode ser erro de configuração de senha/ipsec profile. Você confirmou se todas as informações estão corretas?

 

2019-12-12T02:36:03-03:00 <info>charon: 05[ENC] generating INFORMATIONAL_V1 request 3599251864 [ HASH N(AUTH_FAILED) ]

 

Nos seus prints em uma das phases a senha está como "teste", está correto?  Em contra partida, se você puder compartilha os detalhes avançados de suas configurações para que possamos analisar melhor.

 

Exemplo de configuração VPN Site-to-Site RV320 e RV325:https://www.cisco.com/c/pt_br/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4176-configure-dynamic-domain-name-server-on-rv320-and-rv325-vpn.html

 

Exemplo de configuração VPN Site-to-Site RV340 ou RV345:https://www.cisco.com/c/pt_br/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5513-configure-a-site-to-site-virtual-private-network-vpn-connect.html

 

Saudações,

 

Jaderson Pessoa

Jaderson Pessoa
*** Rate All Helpful Responses ***

Está correto, é "teste" mesmo, eu coloquei para testar e quando funcionar
eu invento outra chave melhor.

Já tentei configurar com base nesses tutoriais, mas não tive sucesso, lembrando que tenho dois dispositivos diferentes, um RV 340 e outro RV320.

 

Quanto tinha um RV320 com RV042, a VPN funcionava perfeitamente.

 

A configuração de DNS dinâmico está funcionando perfeitamente.

Eu ainda acredito que seja negociação de credenciais, se você puder compartilhar as configurações para que possamos analisar.
Jaderson Pessoa
*** Rate All Helpful Responses ***

De fato esqueci disso

Você poderia anexa o log da vpn de ambos os routers?
Jaderson Pessoa
*** Rate All Helpful Responses ***

RV 320:

 

2019-12-13, 19:09:10VPN Log[g2gips0] #25735: [Tunnel Authorize Fail] IDEA_CBC is not enabled for this connection. Attribute OAKLEY_HASH_ALGORITHM
2019-12-13, 19:09:10VPN Log[g2gips0] #25736: [Tunnel Established] sent MR3, ISAKMP SA established
2019-12-13, 19:09:20VPN Log[g2gips0] #25737: [Tunnel Authorize Fail] AES_CBC is not enabled for this connection. Attribute OAKLEY_ENCRYPTION_ALGORITHM
2019-12-13, 19:09:20Kernellast message repeated 3 times
2019-12-13, 19:09:20VPN Log[g2gips0] #25737: [Tunnel Authorize Fail] IDEA_CBC is not enabled for this connection. Attribute OAKLEY_HASH_ALGORITHM
2019-12-13, 19:09:20VPN Log[g2gips0] #25738: [Tunnel Established] sent MR3, ISAKMP SA established
2019-12-13, 19:09:30VPN Log[g2gips0] #25739: [Tunnel Authorize Fail] AES_CBC is not enabled for this connection. Attribute OAKLEY_ENCRYPTION_ALGORITHM
2019-12-13, 19:09:30Kernellast message repeated 3 times
2019-12-13, 19:09:30VPN Log[g2gips0] #25739: [Tunnel Authorize Fail] IDEA_CBC is not enabled for this connection. Attribute OAKLEY_HASH_ALGORITHM
2019-12-13, 19:09:30VPN Log[g2gips0] #25740: [Tunnel Established] sent MR3, ISAKMP SA established
2019-12-13, 19:09:40VPN Log[g2gips0] #25741: [Tunnel Authorize Fail] AES_CBC is not enabled for this connection. Attribute OAKLEY_ENCRYPTION_ALGORITHM
2019-12-13, 19:09:40Kernellast message repeated 3 times
2019-12-13, 19:09:40VPN Log[g2gips0] #25741: [Tunnel Authorize Fail] IDEA_CBC is not enabled for this connection. Attribute OAKLEY_HASH_ALGORITHM
2019-12-13, 19:09:40VPN Log[g2gips0] #25742: [Tunnel Established] sent MR3, ISAKMP SA established
2019-12-13, 19:09:50VPN Log[g2gips0] #25743: [Tunnel Authorize Fail] AES_CBC is not enabled for this connection. Attribute OAKLEY_ENCRYPTION_ALGORITHM
2019-12-13, 19:09:50Kernellast message repeated 3 times
2019-12-13, 19:09:50VPN Log[g2gips0] #25743: [Tunnel Authorize Fail] IDEA_CBC is not enabled for this connection. Attribute OAKLEY_HASH_ALGORITHM
2019-12-13, 19:09:50VPN Log[g2gips0] #25744: [Tunnel Established] sent MR3, ISAKMP SA established
2019-12-13, 19:10:00VPN Log[g2gips0] #25746: [Tunnel Authorize Fail] AES_CBC is not enabled for this connection. Attribute OAKLEY_ENCRYPTION_ALGORITHM
2019-12-13, 19:10:00Kernellast message repeated 3 times
2019-12-13, 19:10:00VPN Log[g2gips0] #25746: [Tunnel Authorize Fail] IDEA_CBC is not enabled for this connection. Attribute OAKLEY_HASH_ALGORITHM
2019-12-13, 19:10:01VPN Log[g2gips0] #25747: [Tunnel Established] sent MR3, ISAKMP SA established
2019-12-13, 19:10:10VPN Log[g2gips0] #25748: [Tunnel Authorize Fail] AES_CBC is not enabled for this connection. Attribute OAKLEY_ENCRYPTION_ALGORITHM
2019-12-13, 19:10:10Kernellast message repeated 3 times
2019-12-13, 19:10:10VPN Log[g2gips0] #25748: [Tunnel Authorize Fail] IDEA_CBC is not enabled for this connection. Attribute OAKLEY_HASH_ALGORITHM
2019-12-13, 19:10:10VPN Log[g2gips0] #25749: [Tunnel Established] sent MR3, ISAKMP SA established
2019-12-13, 19:10:20VPN Log[g2gips0] #25750: [Tunnel Authorize Fail] AES_CBC is not enabled for this connection. Attribute OAKLEY_ENCRYPTION_ALGORITHM
2019-12-13, 19:10:20Kernellast message repeated 3 times
2019-12-13, 19:10:20VPN Log[g2gips0] #25750: [Tunnel Authorize Fail] IDEA_CBC is not enabled for this connection. Attribute OAKLEY_HASH_ALGORITHM
2019-12-13, 19:10:20VPN Log[g2gips0] #25751: [Tunnel Established] sent MR3, ISAKMP SA established
2019-12-13, 19:10:31VPN Log[g2gips0] #25752: [Tunnel Authorize Fail] AES_CBC is not enabled for this connection. Attribute OAKLEY_ENCRYPTION_ALGORITHM
2019-12-13, 19:10:31Kernellast message repeated 3 times
2019-12-13, 19:10:31VPN Log[g2gips0] #25752: [Tunnel Authorize Fail] IDEA_CBC is not enabled for this connection. Attribute OAKLEY_HASH_ALGORITHM
2019-12-13, 19:10:31VPN Log[g2gips0] #25753: [Tunnel Established] sent MR3, ISAKMP SA established
2019-12-13, 19:10:40VPN Log[g2gips0] #25754: [Tunnel Authorize Fail] AES_CBC is not enabled for this connection. Attribute OAKLEY_ENCRYPTION_ALGORITHM
2019-12-13, 19:10:40Kernellast message repeated 3 times
2019-12-13, 19:10:40VPN Log[g2gips0] #25754: [Tunnel Authorize Fail] IDEA_CBC is not enabled for this connection. Attribute OAKLEY_HASH_ALGORITHM
2019-12-13, 19:10:41VPN Log[g2gips0] #25755: [Tunnel Established] sent MR3, ISAKMP SA established
2019-12-13, 19:10:50VPN Log[g2gips0] #25756: [Tunnel Authorize Fail] AES_CBC is not enabled for this connection. Attribute OAKLEY_ENCRYPTION_ALGORITHM
2019-12-13, 19:10:50Kernellast message repeated 3 times
2019-12-13, 19:10:50VPN Log[g2gips0] #25756: [Tunnel Authorize Fail] IDEA_CBC is not enabled for this connection. Attribute OAKLEY_HASH_ALGORITHM
2019-12-13, 19:10:51VPN Log[g2gips0] #25757: [Tunnel Established] sent MR3, ISAKMP SA established
2019-12-13, 19:11:01VPN Log[g2gips0] #25758: [Tunnel Authorize Fail] AES_CBC is not enabled for this connection. Attribute OAKLEY_ENCRYPTION_ALGORITHM
2019-12-13, 19:11:01Kernellast message repeated 3 times
2019-12-13, 19:11:01VPN Log[g2gips0] #25758: [Tunnel Authorize Fail] IDEA_CBC is not enabled for this connection. Attribute OAKLEY_HASH_ALGORITHM
2019-12-13, 19:11:01VPN Log[g2gips0] #25759: [Tunnel Established] sent MR3, ISAKMP SA established
2019-12-13, 19:11:10VPN Log[g2gips0] #25761: [Tunnel Authorize Fail] AES_CBC is not enabled for this connection. Attribute OAKLEY_ENCRYPTION_ALGORITHM
2019-12-13, 19:11:10Kernellast message repeated 3 times
2019-12-13, 19:11:10VPN Log[g2gips0] #25761: [Tunnel Authorize Fail] IDEA_CBC is not enabled for this connection. Attribute OAKLEY_HASH_ALGORITHM
2019-12-13, 19:11:11VPN Log

[g2gips0] #25762: [Tunnel Established] sent MR3, ISAKMP SA established

 

 

RV 340:

 

2019-12-13T19:11:11-03:00 <info>charon: 09[IKE] IKE_SA s2s_Murundu[2606] state change: DELETING => DESTROYING
2019-12-13T19:11:11-03:00 <info>charon: 09[NET] sending packet: from 179.34.225.183[500] to 179.34.200.251[500] (84 bytes)
2019-12-13T19:11:11-03:00 <info>charon: 09[ENC] generating INFORMATIONAL_V1 request 1566077914 [ HASH D ]
2019-12-13T19:11:11-03:00 <info>charon: 09[IKE] IKE_SA s2s_Murundu[2606] state change: CONNECTING => DELETING
2019-12-13T19:11:11-03:00 <info>charon: 09[IKE] sending DELETE for IKE_SA s2s_Murundu[2606]
2019-12-13T19:11:11-03:00 <info>charon: Last message '09[IKE] deleting IKE' repeated 1 times, supressed by syslog-ng on gw
2019-12-13T19:11:11-03:00 <info>charon: 09[IKE] deleting IKE_SA s2s_Murundu[2606] between 179.34.225.183[179.34.225.183]...179.34.200.251[%any]
2019-12-13T19:11:11-03:00 <info>charon: 09[IKE] activating ISAKMP_DELETE task
2019-12-13T19:11:11-03:00 <info>charon: 09[IKE] activating new tasks
2019-12-13T19:11:11-03:00 <info>charon: 09[IKE] queueing ISAKMP_DELETE task
2019-12-13T19:11:11-03:00 <info>charon: 09[IKE] IDir '179.34.200.251' does not match to 'carijos1.dyndns.org'
2019-12-13T19:11:11-03:00 <info>charon: 09[ENC] parsed ID_PROT response 0 [ ID HASH ]
2019-12-13T19:11:11-03:00 <info>charon: 09[NET] received packet: from 179.34.200.251[500] to 179.34.225.183[500] (60 bytes)
2019-12-13T19:11:11-03:00 <info>charon: 15[NET] sending packet: from 179.34.225.183[500] to 179.34.200.251[500] (92 bytes)
2019-12-13T19:11:11-03:00 <info>charon: 15[ENC] generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
2019-12-13T19:11:11-03:00 <info>charon: 15[IKE] MAIN_MODE task
2019-12-13T19:11:11-03:00 <info>charon: 15[IKE] ISAKMP_VENDOR task
2019-12-13T19:11:11-03:00 <info>charon: 15[IKE] reinitiating already active tasks
2019-12-13T19:11:11-03:00 <info>charon: 15[IKE] Searching for PSK with :my_id,me,other_id,other: '179.34.225.183'[179.34.225.183] - 'carijos1.dyndns.org'[179.34.200.251]
2019-12-13T19:11:11-03:00 <info>charon: 15[ENC] parsed ID_PROT response 0 [ KE No ]
2019-12-13T19:11:11-03:00 <info>charon: 15[NET] received packet: from 179.34.200.251[500] to 179.34.225.183[500] (180 bytes)
2019-12-13T19:11:11-03:00 <info>charon: 10[NET] sending packet: from 179.34.225.183[500] to 179.34.200.251[500] (196 bytes)
2019-12-13T19:11:11-03:00 <info>charon: 10[ENC] generating ID_PROT request 0 [ KE No ]
2019-12-13T19:11:11-03:00 <info>charon: 10[IKE] MAIN_MODE task
2019-12-13T19:11:11-03:00 <info>charon: 10[IKE] ISAKMP_VENDOR task
2019-12-13T19:11:11-03:00 <info>charon: 10[IKE] reinitiating already active tasks
2019-12-13T19:11:11-03:00 <info>charon: 10[IKE] received DPD vendor ID
2019-12-13T19:11:11-03:00 <info>charon: 10[ENC] parsed ID_PROT response 0 [ SA V ]
2019-12-13T19:11:11-03:00 <info>charon: 10[NET] received packet: from 179.34.200.251[500] to 179.34.225.183[500] (100 bytes)
2019-12-13T19:11:11-03:00 <info>charon: 06[NET] sending packet: from 179.34.225.183[500] to 179.34.200.251[500] (196 bytes)
2019-12-13T19:11:11-03:00 <info>charon: 06[ENC] generating ID_PROT request 0 [ SA V V V V V V ]
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] IKE_SA s2s_Murundu[2606] state change: CREATED => CONNECTING
2019-12-13T19:11:11-03:00 <info>charon: Last message '06[IKE] initiating M' repeated 1 times, supressed by syslog-ng on gw
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] initiating Main Mode IKE_SA s2s_Murundu[2606] to 179.34.200.251
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] sending draft-ietf-ipsec-nat-t-ike-02\n vendor ID
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] sending NAT-T (RFC 3947) vendor ID
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] sending FRAGMENTATION vendor ID
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] sending Cisco Unity vendor ID
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] sending DPD vendor ID
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] sending XAuth vendor ID
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] activating ISAKMP_NATD task
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] activating ISAKMP_CERT_POST task
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] activating MAIN_MODE task
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] activating ISAKMP_CERT_PRE task
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] activating ISAKMP_VENDOR task
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] activating new tasks
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] queueing QUICK_MODE task
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] queueing ISAKMP_NATD task
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] queueing ISAKMP_CERT_POST task
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] queueing MAIN_MODE task
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] queueing ISAKMP_CERT_PRE task
2019-12-13T19:11:11-03:00 <info>charon: 06[IKE] queueing ISAKMP_VENDOR task
2019-12-13T19:11:11-03:00 <info>charon: 16[CFG] received stroke: initiate 's2s_Murundu-1'
2019-12-13T19:11:10-03:00 <info>charon: 13[CFG] no IKE_SA named 's2s_Murundu_bkp' found
2019-12-13T19:11:10-03:00 <info>charon: 13[CFG] received stroke: terminate 's2s_Murundu_bkp'
2019-12-13T19:11:10-03:00 <notice>VPN-timer: Timer event for s2s_Murundu. Bringing up primary connection...
2019-12-13T19:11:05-03:00 <info>charon: 09[NET] sending packet: from 179.34.225.183[500] to 179.34.200.251[500] (84 bytes)
2019-12-13T19:11:05-03:00 <info>charon: 09[ENC] generating INFORMATIONAL_V1 request 1933213409 [ HASH N(AUTH_FAILED) ]
2019-12-13T19:11:05-03:00 <info>charon: 09[IKE] no peer config found
2019-12-13T19:11:05-03:00 <info>charon: 09[CFG] looking for pre-shared key peer configs matching 179.34.225.183...179.34.200.251[179.34.200.251]
2019-12-13T19:11:05-03:00 <info>charon: 09[ENC] parsed ID_PROT request 0 [ ID HASH ]
2019-12-13T19:11:05-03:00 <info>charon: 09[NET] received packet: from 179.34.200.251[500] to 179.34.225.183[500] (60 bytes)
2019-12-13T19:11:05-03:00 <info>charon: 15[NET] sending packet: from 179.34.225.183[500] to 179.34.200.251[500] (196 bytes)
2019-12-13T19:11:05-03:00 <info>charon: 15[ENC] generating ID_PROT response 0 [ KE No ]
2019-12-13T19:11:05-03:00 <info>charon: 15[IKE] FSLDBG: Now searching for PSK with :my_id,me,other_id,other: '179.34.225.183'[179.34.225.183] - 'carijos1.dyndns.org'[179.34.200.251]
2019-12-13T19:11:05-03:00 <info>charon: 15[ENC] parsed ID_PROT request 0 [ KE No ]
2019-12-13T19:11:05-03:00 <info>charon: 15[NET] received packet: from 179.34.200.251[500] to 179.34.225.183[500] (180 bytes)
2019-12-13T19:11:05-03:00 <info>charon: 10[NET] sending packet: from 179.34.225.183[500] to 179.34.200.251[500] (132 bytes)
2019-12-13T19:11:05-03:00 <info>charon: 10[ENC] generating ID_PROT response 0 [ SA V V V ]
2019-12-13T19:11:05-03:00 <info>charon: Last message '10[IKE] 179.34.200.2' repeated 1 times, supressed by syslog-ng on gw
2019-12-13T19:11:05-03:00 <info>charon: 10[IKE] 179.34.200.251 is initiating a Main Mode IKE_SA
2019-12-13T19:11:05-03:00 <info>charon: 10[IKE] received DPD vendor ID
2019-12-13T19:11:05-03:00 <info>charon: 10[ENC] parsed ID_PROT request 0 [ SA V ]
2019-12-13T19:11:05-03:00 <info>charon: 10[NET] received packet: from 179.34.200.251[500] to 179.34.225.183[500] (100 bytes)
2019-12-13T19:11:01-03:00 <info>charon: 05[IKE] IKE_SA s2s_Murundu[2604] state change: DELETING => DESTROYING
2019-12-13T19:11:01-03:00 <info>charon: 05[NET] sending packet: from 179.34.225.183[500] to 179.34.200.251[500] (84 bytes)
2019-12-13T19:11:01-03:00 <info>charon: 05[ENC] generating INFORMATIONAL_V1 request 2675671072 [ HASH D ]
2019-12-13T19:11:01-03:00 <info>charon: 05[IKE] IKE_SA s2s_Murundu[2604] state change: CONNECTING => DELETING
2019-12-13T19:11:01-03:00 <info>charon: 05[IKE] sending DELETE for IKE_SA s2s_Murundu[2604]
2019-12-13T19:11:01-03:00 <info>charon: Last message '05[IKE] deleting IKE' repeated 1 times, supressed by syslog-ng on gw
2019-12-13T19:11:01-03:00 <info>charon: 05[IKE] deleting IKE_SA s2s_Murundu[2604] between 179.34.225.183[179.34.225.183]...179.34.200.251[%any]
2019-12-13T19:11:01-03:00 <info>charon: 05[IKE] activating ISAKMP_DELETE task
2019-12-13T19:11:01-03:00 <info>charon: 05[IKE] activating new tasks
2019-12-13T19:11:01-03:00 <info>charon: 05[IKE] queueing ISAKMP_DELETE task
2019-12-13T19:11:01-03:00 <info>charon: 05[IKE] IDir '179.34.200.251' does not match to 'carijos1.dyndns.org'
2019-12-13T19:11:01-03:00 <info>charon: 05[ENC] parsed ID_PROT response 0 [ ID HASH ]
2019-12-13T19:11:01-03:00 <info>charon: 05[NET] received packet: from 179.34.200.251[500] to 179.34.225.183[500] (60 bytes)
2019-12-13T19:11:01-03:00 <info>charon: 14[NET] sending packet: from 179.34.225.183[500] to 179.34.200.251[500] (92 bytes)
2019-12-13T19:11:01-03:00 <info>charon: 14[ENC] generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
2019-12-13T19:11:01-03:00 <info>charon: 14[IKE] MAIN_MODE task
2019-12-13T19:11:01-03:00 <info>charon: 14[IKE] ISAKMP_VENDOR task
2019-12-13T19:11:01-03:00 <info>charon: 14[IKE] reinitiating already active tasks
2019-12-13T19:11:01-03:00 <info>charon: 14[IKE] Searching for PSK with :my_id,me,other_id,other: '179.34.225.183'[179.34.225.183] - 'carijos1.dyndns.org'[179.34.200.251]
2019-12-13T19:11:01-03:00 <info>charon: 14[ENC] parsed ID_PROT response 0 [ KE No ]
2019-12-13T19:11:01-03:00 <info>charon: 14[NET] received packet: from 179.34.200.251[500] to 179.34.225.183[500] (180 bytes)
2019-12-13T19:11:01-03:00 <info>charon: 12[NET] sending packet: from 179.34.225.183[500] to 179.34.200.251[500] (196 bytes)
2019-12-13T19:11:01-03:00 <info>charon: 12[ENC] generating ID_PROT request 0 [ KE No ]
2019-12-13T19:11:01-03:00 <info>charon: 12[IKE] MAIN_MODE task
2019-12-13T19:11:01-03:00 <info>charon: 12[IKE] ISAKMP_VENDOR task
2019-12-13T19:11:01-03:00 <info>charon: 12[IKE] reinitiating already active tasks
2019-12-13T19:11:01-03:00 <info>charon: 12[IKE] received DPD vendor ID
2019-12-13T19:11:01-03:00 <info>charon: 12[ENC] parsed ID_PROT response 0 [ SA V ]
2019-12-13T19:11:01-03:00 <info>charon: 12[NET] received packet: from 179.34.200.251[500] to 179.34.225.183[500] (100 bytes)
2019-12-13T19:11:01-03:00 <info>charon: 09[NET] sending packet: from 179.34.225.183[500] to 179.34.200.251[500] (196 bytes)
2019-12-13T19:11:01-03:00 <info>charon: 09[ENC] generating ID_PROT request 0 [ SA V V V V V V ]
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] IKE_SA s2s_Murundu[2604] state change: CREATED => CONNECTING
2019-12-13T19:11:01-03:00 <info>charon: Last message '09[IKE] initiating M' repeated 1 times, supressed by syslog-ng on gw
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] initiating Main Mode IKE_SA s2s_Murundu[2604] to 179.34.200.251
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] sending draft-ietf-ipsec-nat-t-ike-02\n vendor ID
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] sending NAT-T (RFC 3947) vendor ID
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] sending FRAGMENTATION vendor ID
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] sending Cisco Unity vendor ID
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] sending DPD vendor ID
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] sending XAuth vendor ID
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] activating ISAKMP_NATD task
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] activating ISAKMP_CERT_POST task
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] activating MAIN_MODE task
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] activating ISAKMP_CERT_PRE task
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] activating ISAKMP_VENDOR task
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] activating new tasks
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] queueing QUICK_MODE task
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] queueing ISAKMP_NATD task
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] queueing ISAKMP_CERT_POST task
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] queueing MAIN_MODE task
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] queueing ISAKMP_CERT_PRE task
2019-12-13T19:11:01-03:00 <info>charon: 09[IKE] queueing ISAKMP_VENDOR task
2019-12-13T19:11:01-03:00 <info>charon: 08[CFG] received stroke: initiate 's2s_Murundu-1'
2019-12-13T19:11:01-03:00 <info>charon: 06[CFG] no IKE_SA named 's2s_Murundu_bkp' found
2019-12-13T19:11:01-03:00 <info>charon: 06[CFG] received stroke: terminate 's2s_Murundu_bkp'
2019-12-13T19:11:01-03:00 <notice>VPN-timer: Timer event for s2s_Murundu. Bringing up primary connection...
2019-12-13T19:10:51-03:00 <info>charon: 11[IKE] IKE_SA s2s_Murundu[2603] state change: DELETING => DESTROYING
2019-12-13T19:10:51-03:00 <info>charon: 11[NET] sending packet: from 179.34.225.183[500] to 179.34.200.251[500] (84 bytes)
2019-12-13T19:10:51-03:00 <info>charon: 11[ENC] generating INFORMATIONAL_V1 request 678830103 [ HASH D ]
2019-12-13T19:10:51-03:00 <info>charon: 11[IKE] IKE_SA s2s_Murundu[2603] state change: CONNECTING => DELETING
2019-12-13T19:10:51-03:00 <info>charon: 11[IKE] sending DELETE for IKE_SA s2s_Murundu[2603]
2019-12-13T19:10:51-03:00 <info>charon: Last message '11[IKE] deleting IKE' repeated 1 times, supressed by syslog-ng on gw
2019-12-13T19:10:51-03:00 <info>charon: 11[IKE] deleting IKE_SA s2s_Murundu[2603] between 179.34.225.183[179.34.225.183]...179.34.200.251[%any]
2019-12-13T19:10:51-03:00 <info>charon: 11[IKE] activating ISAKMP_DELETE task

Então, alguma sugestão?

 

Estou quase vendendo esse roteador e comprando um RV 320 usado.

Sim, continuo na mesma linha inicial de que as credenciais não batem. Qual versão do IKE está usando em ambos routers?

tente usar a versão 1. Mude o encryption para aes em ambos routers, mude o hash para md5, coloque o lifetime 86400 em ambos os routers, tente deixar um padrão... ambos estão dando erro de sincronização de auth.
Jaderson Pessoa
*** Rate All Helpful Responses ***

Eu coloquei 3DES pq é o que o manual recomenda, mas já testei com AES 128 e
não funcionou também.

Eu já tinha isso funcionando antes do RV 340, com um RV 320 e um RV 042.

Me parece que um dos roteadores não consegue encontrar a vpn no outro
roteador, mas eu não sei pq isso acontece.
[image: image.png]

[image: image.png]


[image: image.png]




Bruno Rangel
Spotlight
Spotlight

Team

Adicionando a resposta do Jaderson, importante atentar a seguinte linha de Logs:

[IKE] IDir '179.34.200.251' does not match to 'carijos1.dyndns.org'
no peer config found

 

Um teste de ping pode auxiliar na resolução de Name to IP:

ping -a carijos1.dyndns.org

ping -a murundu.dyndns.org

Cheers
Bruno Rangel
Please remember to rate helpful responses using the star bellow and identify helpful or correct answers

O DNS dinâmico está funcionando perfeitamente.

 

registra nos dois roteadores.

Alguma sugestão?

 

Bom dia,

Não sei se é o melhor teste, mas neste caso é o mais válido, tire a conexão vpn por dns dinamico e faça por ip estático (apenas para verificar se a mesma sobe corretamente), sei que seu ip publico é alterado, mas para fazer o teste com certeza dará tempo. Neste caso irá revelar que seu problema não é com o dns dinâmico e sim com o "match" das caractierísticas de configuração da vpn.
Jaderson Pessoa
*** Rate All Helpful Responses ***
Primeiros Passos

Encontre respostas, faça perguntas e conecte-se com nossa comunidade de especialistas da Cisco de todo o mundo.

Estamos felizes por você estar aqui! Participe de conversas e conecte-se com sua comunidade.