04-29-2003 03:21 PM - edited 03-09-2019 03:05 AM
Hi, why is this failing?
(I removed all the time stamps)
1 20:55:57.438 04/23/03 Sev=Info/6 DIALER/0x63300002
Initiating connection.
2 Sev=Info/4 CM/0x63100002
Begin connection process
3 Sev=Info/4 CM/0x63100004
Establish secure connection using Ethernet
4 Sev=Info/4 CM/0x63100024
Attempt connection with server "198.107.39.35"
5 Sev=Info/6 IKE/0x6300003B
Attempting to establish a connection with 198.107.39.35.
6 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID, VID, VID, VID, VID) to 198.107.39.35
7 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
8 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
9 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID, VID, VID, VID, VID) from 198.107.39.35
10 Sev=Info/5 IKE/0x63000059
Vendor ID payload = 12F5F28C457168A9702D9FE274CC0100
11 Sev=Info/5 IKE/0x63000001
Peer is a Cisco-Unity compliant peer
12 Sev=Info/5 IKE/0x63000059
Vendor ID payload = 09002689DFD6B712
13 Sev=Info/5 IKE/0x63000001
Peer supports XAUTH
14 Sev=Info/5 IKE/0x63000059
Vendor ID payload = AFCAD71368A1F1C96B8696FC77570100
15 Sev=Info/5 IKE/0x63000001
Peer supports DPD
16 Sev=Info/5 IKE/0x63000059
Vendor ID payload = 4048B7D56EBCE88525E7DE7F00D6C2D3C0000000
17 Sev=Info/5 IKE/0x63000001
Peer supports IKE fragmentation payloads
18 Sev=Info/5 IKE/0x63000059
Vendor ID payload = 1F07F70EAA6514D3B0FA96542A500306
19 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT) to 198.107.39.35
20 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
21 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (Retransmission) from 198.107.39.35
22 Sev=Info/4 IKE/0x63000021
Retransmitting last packet!
23 3 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG *(Retransmission) to 198.107.39.35
24 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
25 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 198.107.39.35
26 Sev=Info/4 CM/0x63100015
Launch xAuth application
27 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
28 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(Retransmission) from 198.107.39.35
29 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
30 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (Retransmission) from 198.107.39.35
31 20Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
32 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (Retransmission) from 198.107.39.35
33 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
34 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(Retransmission) from 198.107.39.35
35 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
36 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(Retransmission) from 198.107.39.35
37 Sev=Info/4 CM/0x63100017
xAuth application returned
38 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 198.107.39.35
39 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
40 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 198.107.39.35
41 Sev=Info/4 CM/0x6310000E
Established Phase 1 SA. 1 Phase 1 SA in the system
42 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 198.107.39.35
43 Sev=Info/5 IKE/0x6300005D
Client sending a firewall request to concentrator
44 Sev=Info/5 IKE/0x6300005C
Firewall Policy: Product=Cisco Integrated Client, Capability= (Centralized Protection Policy).
45 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 198.107.39.35
46 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
47 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 198.107.39.35
48 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 198.107.39.35
49 Sev=Info/5 IKE/0x6300005D
Client sending a firewall request to concentrator
50 Sev=Info/5 IKE/0x6300005C
Firewall Policy: Product=Cisco Integrated Client, Capability= (Centralized Protection Policy).
51 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 198.107.39.35
52 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
53 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ) from 198.107.39.35
54 Sev=Warning/3 IKE/0xA3000058
Received malformed message or negotiation no longer active (message id: 0x8E84AD05)
55 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
56 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ) from 198.107.39.35
57 Sev=Warning/3 IKE/0xA3000058
Received malformed message or negotiation no longer active (message id: 0x8E84AD05)
58 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
59 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ) from 198.107.39.35
60 Sev=Warning/3 IKE/0xA3000058
Received malformed message or negotiation no longer active (message id: 0x8E84AD05)
61 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
62 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ) from 198.107.39.35
63 Sev=Warning/3 IKE/0xA3000058
Received malformed message or negotiation no longer active (message id: 0x8E84AD05)
64 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
65 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ) from 198.107.39.35
66 Sev=Warning/3 IKE/0xA3000058
Received malformed message or negotiation no longer active (message id: 0x8E84AD05)
67 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
68 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ) from 198.107.39.35
69 Sev=Warning/3 IKE/0xA3000058
Received malformed message or negotiation no longer active (message id: 0x8E84AD05)
70 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
71 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ) from 198.107.39.35
72 Sev=Warning/3 IKE/0xA3000058
Received malformed message or negotiation no longer active (message id: 0x8E84AD05)
73 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
74 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ) from 198.107.39.35
75 Sev=Warning/3 IKE/0xA3000058
Received malformed message or negotiation no longer active (message id: 0x8E84AD05)
76 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
77 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, DEL) from 198.107.39.35
78 Sev=Info/5 IKE/0x6300003C
Received a DELETE payload for IKE SA with Cookies = EC84690D0E68D14BED3034EC0D0EE14F
79 Sev=Info/5 IKE/0x63000017
Marking IKE SA for deletion (COOKIES = EC84690D0E68D14B ED3034EC0D0EE14F) reason = DEL_REASON_PEER_DELETION
80 Sev=Info/5 IKE/0x6300005D
Client sending a firewall request to concentrator
81 Sev=Info/5 IKE/0x6300005C
Firewall Policy: Product=Cisco Integrated Client, Capability= (Centralized Protection Policy).
82 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 198.107.39.35
83 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
84 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, DEL) from 198.107.39.35
85 Sev=Info/4 IKE/0x63000057
Received an ISAKMP message for a non-active SA
86 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
87 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO (NOTIFY:INVALID_COOKIE) from 198.107.39.35
88 Sev=Info/4 IKE/0x63000057
Received an ISAKMP message for a non-active SA
89 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 198.107.39.35
90 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO (Retransmission) from 198.107.39.35
91 Sev=Info/4 CM/0x6310000F
Phase 1 SA deleted before Mode Config is completed cause by "DEL_REASON_PEER_DELETION". 0 Phase 1 SA currently in the system
92 Sev=Info/5 CM/0x63100027
Initializing CVPNDrv
93 Sev=Warning/3 DIALER/0xE3300008
GI VPNStart callback failed "CM_IKE_RECEIVED_DELETE_NOTIFICATION" (15h).
94 04/23/03 Sev=Info/4 IPSEC/0x63700012
Delete all keys associated with peer 198.107.39.35
95 20:56:48.612 04/23/03 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
Thanks,
Gabi
05-04-2003 10:34 PM
Difficult to say why it's failing. You seem to get past XAuth, then around message 53 things go bad. Probably need to see the log from the concentrator at the same time, since the client is complaining about a packet it received from the conc.
Under Config - System - Events - classes add the following classes, all with Severity to Log of 1-13: AUTH, AUTHDBG, IKE, IKEDBG, IPSEC, IPSECDBG. Then go to Monitoring - Filterable Event Log, clear the log, try a connection then after it fails do a GetLog, look through that (probably nearer the end of the log) and see if anything's obvious.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide