I'm trying to set up VPN with RSV4000. I'm trying to connect from Snow Leopard through it's inbuilt Cisco IPSec. So when I try to connect from a machine within the network I get something like this:
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [RFC 3947] method set to=109
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike] method set to=110
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 110
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 110
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [XAUTH]
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [Cisco-Unity]
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [Dead Peer Detection]
Nov 21 17:03:06 - [VPN Log]: packet from 192.168.10.52:500: initial Main Mode message received on xx.xxx.xx.xxx:500 but no connection has been authorized
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [RFC 3947] method set to=109
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike] method set to=110
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 110
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 110
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [XAUTH]
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [Cisco-Unity]
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [Dead Peer Detection]
Nov 21 17:03:09 - [VPN Log]: packet from 192.168.10.52:500: initial Main Mode message received on xx.xxx.xx.xxx:500 but no connection has been authorized
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [RFC 3947] method set to=109
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike] method set to=110
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 110
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 110
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [XAUTH]
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [Cisco-Unity]
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [Dead Peer Detection]
Nov 21 17:03:12 - [VPN Log]: packet from 192.168.10.52:500: initial Main Mode message received on xx.xxx.xx.xxx:500 but no connection has been authorized
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [RFC 3947] method set to=109
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike] method set to=110
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 110
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 110
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [XAUTH]
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [Cisco-Unity]
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: received Vendor ID payload [Dead Peer Detection]
Nov 21 17:03:15 - [VPN Log]: packet from 192.168.10.52:500: initial Main Mode message received on xx.xxx.xx.xxx:500 but no connection has been authorized
Nov 21 17:03:15 - [VPN Log]: initiate on demand from 192.168.10.16:0 to 192.168.20.255:0 proto=0 state: fos_start because: acquire
Nov 21 17:03:29 - [VPN Log]: "LG" #1: max number of retransmissions (2) reached STATE_AGGR_I1
I'm no VPN expert but one has to assume that it should be possible to test VPN from the same newtork. RVS400 is actually connected to a modem that handles all the connecting to internet stuff.
Maybe I set it up wrong, I have couple of accounts and IPSec tunnel set up with following settings:
Local Group Setup
Local Security Gateway Type: IP Only
IP address: Routers' external ip (which is static)
Local Security Group Type: Subnet
IP Address: 192.168.10.1 (router internal ip)
Subnet Mask: 255.255.255.0
Remote Group Setup
Remote Security Gateway Type: IP Only
IP Address: 192.168.20.1
Remote Security Group Type: Subnet
IP Address: 192.168.20.10 (suppose that's the IP that should be assigned remotly)
Subnet Mask: 255.255.255.0
IPSec Setup
Keying Mode: IKE with Preshared key
Phase 1:
Encryption: 3DES
Authentication: MD5
Group: 1024bit
Key Lifetime: 28800
Phase 2:
Encryption: 3DES
Authentication: SHA1
Perfect Forward Secrecy: Enable
Preshared Key: somekey
Group: 1024bit
Key Lifetime: 3600
Advanced:
NetBios Broadcast (enabled)
Should tunnel's status change from Down when pressing Coonect button under Test Tunnel?
Thanks.