RV180 VPN with Shrew VPN Client (syslog messages...)

okaegi · ‎01-26-2014

Hi all,
I was able to configure my rv180 to work with the vpn-Shrew client.
The vpn-tunnel works and I can browse my local network from the remote client.
I have some cryptic messages in the rv180 syslog maybe someone could help me:

(log from startup)

Sat Jan 01 00:00:13 2011 (GMT +0000): [RV180] [IKE] INFO: IKE started
Sat Jan 01 01:02:34 2011 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IPSec configuration with identifier "vpnxxx"
Sat Jan 01 01:02:34 2011 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IKE configuration with identifier "vpnxxx"
Sat Jan 01 01:02:59 2011 (GMT +0100): [FirewallRV180] [IKE] WARNING: no phase2 found for "vpnxxx"
Sat Jan 01 01:02:59 2011 (GMT +0100): [FirewallRV180] [IKE] INFO: IPSec configuration with identifier "vpnxxx" deleted sucessfully
Sat Jan 01 01:02:59 2011 (GMT +0100): [FirewallRV180] [IKE] WARNING: no phase1 found for "vpnxxx"
Sat Jan 01 01:02:59 2011 (GMT +0100): [FirewallRV180] [IKE] INFO: IKE configuration with identifier "vpnxxx" deleted sucessfully
Sat Jan 01 01:02:59 2011 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IPSec configuration with identifier "vpnxxx"
Sat Jan 01 01:02:59 2011 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IKE configuration with identifier "vpnxxx"
Sun Jan 26 11:14:03 2014 (GMT +0100): [FirewallRV180] [IKE] WARNING: no phase2 found for "vpnxxx"
Sun Jan 26 11:14:03 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: IPSec configuration with identifier "vpnxxx" deleted sucessfully
Sun Jan 26 11:14:03 2014 (GMT +0100): [FirewallRV180] [IKE] WARNING: no phase1 found for "vpnxxx"
Sun Jan 26 11:14:03 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: IKE configuration with identifier "vpnxxx" deleted sucessfully
Sun Jan 26 11:14:04 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IPSec configuration with identifier "vpnxxx"
Sun Jan 26 11:14:04 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IKE configuration with identifier "vpnxxx"
Sun Jan 26 11:14:17 2014 (GMT +0100): [FirewallRV180] [IKE] WARNING: no phase2 found for "vpnxxx"
Sun Jan 26 11:14:17 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: IPSec configuration with identifier "vpnxxx" deleted sucessfully
Sun Jan 26 11:14:17 2014 (GMT +0100): [FirewallRV180] [IKE] WARNING: no phase1 found for "vpnxxx"
Sun Jan 26 11:14:17 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: IKE configuration with identifier "vpnxxx" deleted sucessfully
Sun Jan 26 11:14:17 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IPSec configuration with identifier "vpnxxx"
Sun Jan 26 11:14:17 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IKE configuration with identifier "vpnxxx"
Sun Jan 26 11:14:23 2014 (GMT +0100): [FirewallRV180] [IKE] WARNING: no phase2 found for "vpnxxx"
Sun Jan 26 11:14:23 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: IPSec configuration with identifier "vpnxxx" deleted sucessfully
Sun Jan 26 11:14:23 2014 (GMT +0100): [FirewallRV180] [IKE] WARNING: no phase1 found for "vpnxxx"
Sun Jan 26 11:14:23 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: IKE configuration with identifier "vpnxxx" deleted sucessfully
Sun Jan 26 11:14:23 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IPSec configuration with identifier "vpnxxx"
Sun Jan 26 11:14:23 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IKE configuration with identifier "vpnxxx"
Sun Jan 26 11:14:29 2014 (GMT +0100): [FirewallRV180] [IKE] WARNING: no phase2 found for "vpnxxx"
Sun Jan 26 11:14:29 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: IPSec configuration with identifier "vpnxxx" deleted sucessfully
Sun Jan 26 11:14:29 2014 (GMT +0100): [FirewallRV180] [IKE] WARNING: no phase1 found for "vpnxxx"
Sun Jan 26 11:14:29 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: IKE configuration with identifier "vpnxxx" deleted sucessfully
Sun Jan 26 11:14:29 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IPSec configuration with identifier "vpnxxx"
Sun Jan 26 11:14:29 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IKE configuration with identifier "vpnxxx"
Sun Jan 26 11:21:56 2014 (GMT +0100): [FirewallRV180] [IKE] WARNING: no phase2 found for "vpnxxx"
Sun Jan 26 11:21:56 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: IPSec configuration with identifier "vpnxxx" deleted sucessfully
Sun Jan 26 11:21:56 2014 (GMT +0100): [FirewallRV180] [IKE] WARNING: no phase1 found for "vpnxxx"
Sun Jan 26 11:21:56 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: IKE configuration with identifier "vpnxxx" deleted sucessfully
Sun Jan 26 11:21:56 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IPSec configuration with identifier "vpnxxx"
Sun Jan 26 11:21:56 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Adding IKE configuration with identifier "vpnxxx"

First question: These messages ([IKE] WARNING: no phase1 and [IKE] WARNING: no phase2) are logged after startup,seems a priority problem, should I change something ?

Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Remote configuration for identifier "remote18.com" found
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received request for new phase 1 negotiation: xx.58.55.144[500]<=>xxx.197.236.5[42744]
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Beginning Aggressive mode.
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received unknown Vendor ID
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received unknown Vendor ID
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike-02

Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received unknown Vendor ID
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received Vendor ID: RFC 3947
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received Vendor ID: DPD
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received Vendor ID: DPD
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received unknown Vendor ID
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received unknown Vendor ID
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received unknown Vendor ID
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received Vendor ID: CISCO-UNITY
Sun Jan 26 11:56:12 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: For xxx.197.236.5[42744], Selected NAT-T version: RFC 3947Sun Jan 26 11:56:13 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Floating ports for NAT-T with peer xxx.197.236.5[60816]
Sun Jan 26 11:56:13 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: NAT-D payload does not match for xx.58.55.144[4500]
Sun Jan 26 11:56:13 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: NAT-D payload does not match for xxx.197.236.5[60816]
Sun Jan 26 11:56:13 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: NAT detected: Local is behind a NAT device. and alsoPeer is behind a NAT device
Sun Jan 26 11:56:13 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Sending Xauth request to xxx.197.236.5[60816]
Sun Jan 26 11:56:13 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: ISAKMP-SA established for xx.58.55.144[4500]-xxx.197.236.5[60816] with spi:a3e2c4e24e077653:dab10c5749af4581
Sun Jan 26 11:56:14 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received attribute type "ISAKMP_CFG_REPLY" from xxx.197.236.5[60816]
Sun Jan 26 11:56:14 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Login succeeded for user "vpnxxx"
Sun Jan 26 11:56:14 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: XAuthUser vpnxxx Logged In from IP Address xxx.197.236.5
Sun Jan 26 11:56:14 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Received attribute type "ISAKMP_CFG_REQUEST" from xxx.197.236.5[60816]
Sun Jan 26 11:56:14 2014 (GMT +0100): [FirewallRV180] [IKE] ERROR: Local configuration for xxx.197.236.5[60816] does not have mode config
Sun Jan 26 11:56:14 2014 (GMT +0100): [FirewallRV180] [IKE] ERROR: Local configuration for xxx.197.236.5[60816] does not have mode config
Sun Jan 26 11:56:14 2014 (GMT +0100): [FirewallRV180] [IKE] ERROR: Local configuration for xxx.197.236.5[60816] does not have mode config

Second Question: The vpn connection works, should I ignore these three error messages ?

Sun Jan 26 11:56:14 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Responding to new phase 2 negotiation: xx.58.55.144[0]<=>xxx.197.236.5[0]
Sun Jan 26 11:56:14 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Using IPsec SA configuration: 192.168.1.0/24<->0.0.0.0/0 from remote18.com
Sun Jan 26 11:56:14 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: No policy found, generating the policy : 192.168.2.1/32[0] 192.168.1.0/24[0] proto=any dir=in
Sun Jan 26 11:56:14 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Adjusting peer's encmode 3(3)->Tunnel(1)
Sun Jan 26 11:56:15 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: IPsec-SA established[UDP encap 60816->4500]: ESP/Tunnel xxx.197.236.5->xx.58.55.144 with spi=262820828(0xfaa53dc)
Sun Jan 26 11:56:15 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: IPsec-SA established[UDP encap 4500->60816]: ESP/Tunnel xx.58.55.144->xxx.197.236.5 with spi=2151071779(0x8036c023)
Sun Jan 26 11:56:18 2014 (GMT +0100): [FirewallRV180] [IKE] INFO: Sending Informational Exchange: notify payload[10381]

Thanks for your help,
Regards Oliver

mpyhala · ‎01-27-2014

Oliver,

I have learned to ignore all of the log messages as long as everything is working. I use the RV220W and see similiar logs with Shrewsoft and Gateway-to-Gateway VPN tunnels. It seems that a lot of logs are generated that are not necessary and do not indicate a problem. It is just logging the normal functions or the VPN server.

- Marty