12-08-2014 02:41 PM
Hi,
I am trying to use IPSecuritas and SHrew software to connect into my company's network using IPSec tunnel with my mac.
I'm able to initialise tunnel connection with both software but I don't reach any host on my network, no ping, no traceroute to anything.
The company LAN has the subnet 192.168.1.0/24 and Cisco RV220W is default gateway and dhcp server.
I need to connect from any place (like internet point, home ecc. ) to my network
Thank's in advance
(Same result with windows client)
Cisco Connection Log
Cisco Log:
2014-12-08 23:16:54: [rv220w][IKE] INFO: Remote configuration for identifier "remote.com" found
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received request for new phase 1 negotiation: XXX.XXX.XXX.XXX[500]<=>XXX.XXX.XXX.XXX[500]
2014-12-08 23:16:54: [rv220w][IKE] INFO: Beginning Aggressive mode.
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received unknown Vendor ID
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received unknown Vendor ID
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received unknown Vendor ID
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received Vendor ID: RFC 3947
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received Vendor ID: DPD
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received Vendor ID: DPD
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received unknown Vendor ID
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received unknown Vendor ID
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received unknown Vendor ID
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received Vendor ID: CISCO-UNITY
2014-12-08 23:16:54: [rv220w][IKE] INFO: Received unknown Vendor ID
2014-12-08 23:16:54: [rv220w][IKE] INFO: For XXX.XXX.XXX.XXX[500], Selected NAT-T version: RFC 39472014-12-08 23:16:55: [rv220w][IKE] INFO: Floating ports for NAT-T with peer XXX.XXX.XXX.XXX[4500]
2014-12-08 23:16:55: [rv220w][IKE] INFO: NAT-D payload does not match for XXX.XXX.XXX.XXX[4500]
2014-12-08 23:16:55: [rv220w][IKE] INFO: NAT-D payload does not match for XXX.XXX.XXX.XXX[4500]
2014-12-08 23:16:55: [rv220w][IKE] INFO: NAT detected: Local is behind a NAT device. and alsoPeer is behind a NAT device
2014-12-08 23:16:55: [rv220w][IKE] INFO: Sending Xauth request to XXX.XXX.XXX.XXX[4500]
2014-12-08 23:16:55: [rv220w][IKE] INFO: ISAKMP-SA established for XXX.XXX.XXX.XXX[4500]-XXX.XXX.XXX.XXX[4500] with spi:a38e72b0ae8609d3:6968a3e96aca7fde
2014-12-08 23:16:55: [rv220w][IKE] INFO: Received attribute type "ISAKMP_CFG_REPLY" from XXX.XXX.XXX.XXX[4500]
2014-12-08 23:16:55: [rv220w][IKE] INFO: Login succeeded for user "XXXXX"
2014-12-08 23:16:55: [rv220w][IKE] INFO: Responding to new phase 2 negotiation: XXX.XXX.XXX.XXX[0]<=>XXX.XXX.XXX.XXX[0]
2014-12-08 23:16:55: [rv220w][IKE] INFO: Using IPsec SA configuration: 192.168.2.1/24<->0.0.0.0/0 from remote.com
2014-12-08 23:16:55: [rv220w][IKE] INFO: No policy found, generating the policy : 192.168.2.0/32[0] 192.168.2.0/24[0] proto=any dir=in
2014-12-08 23:16:55: [rv220w][IKE] INFO: Adjusting peer's encmode 3(3)->Tunnel(1)
2014-12-08 23:16:55: [rv220w][IKE] INFO: IPsec-SA established[UDP encap 4500->4500]: ESP/Tunnel XXX.XXX.XXX.XXX->XXX.XXX.XXX.XXX with spi=244279887(0xe8f6a4f)
2014-12-08 23:16:55: [rv220w][IKE] INFO: IPsec-SA established[UDP encap 4500->4500]: ESP/Tunnel XXX.XXX.XXX.XXX->XXX.XXX.XXX.XXX with spi=206715361(0xc5239e1)
Shrew Log:
config loaded for site 'XX.XX:XX.XX'
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
remote id configured
pre-shared key configured
bringing up tunnel ...
network device configured
tunnel enabled
This is my router configuration
This is Shrew configuration
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide