08-23-2011 03:31 PM
I recieved the following message:
[Firewall Log-PptpPass Fail] TCP Packet - 66.36.230.100:443 --> 192.168.x.x:1723.
I then check the RVS4000 to check over things. I remember that I started to create a VPN tunnel sometime ago but never enabled it.
I deleted the entry and saved the configuration. Minutes later I received the following message:
Aug 23 16:10:40 - Configuration changed!
Aug 23 16:12:56 - [VPN Log]: Starting Pluto (Openswan Version cvs2006Jan12_11:29:56 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OE@ECqImzhFD)
Aug 23 16:12:56 - [VPN Log]: @(#) built on Oct 27 2009:16:21:09: Aug 23 16:12:56 - [VPN Log]: Setting NAT-Traversal port-4500 floating to on Aug 23 16:12:56 - [VPN Log]: port floating activation criteria nat_t=1/port_fload=1
Aug 23 16:12:56 - [VPN Log]: including NAT-Traversal patch (Version 0.6c)
Aug 23 16:12:57 - [VPN Log]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Aug 23 16:12:57 - [VPN Log]: starting up 1 cryptographic helpers
Aug 23 16:12:57 - [VPN Log]: started helper pid$643 (fd:5) Aug 23 16:12:57 - [VPN Log]: Using KLIPS IPsec interface code on 2.4.27-star
Aug 23 16:12:57 - [VPN Log]: Changing to directory '/etc/ipsec.d/cacerts' Aug 23 16:12:57 - [VPN Log]: Changing to directory '/etc/ipsec.d/aacerts' Aug 23 16:12:57 - [VPN Log]: Changing to directory '/etc/ipsec.d/ocspcerts' Aug 23 16:12:57 - [VPN Log]: Changing to directory '/etc/ipsec.d/crls' Aug 23 16:12:57 - [VPN Log]: Warning: empty directory Aug 23 16:13:05 - ipsec0: no IPv6 routers present
Aug 23 16:13:57 - Configuration changed!
Q1: Is the second message because I deleted the VPN entry?
Q2: Is the entry Firewall Log above [Firewall Log-PptpPass Fail] normal or routine information that is logged?
Thanks
Solved! Go to Solution.
08-24-2011 06:53 AM
Hi,
Q1 - no- this is just standard vpn logs that you are seeing – no need to worry !
Q2 - The Pptppass failed is a TCP packet that was destined for port 1723 and failed to make it though the firewall, so this connection was logged.
Thanks,
Jasbryan
Cisco Support Engineer
.:|:.:|:.
08-24-2011 06:53 AM
Hi,
Q1 - no- this is just standard vpn logs that you are seeing – no need to worry !
Q2 - The Pptppass failed is a TCP packet that was destined for port 1723 and failed to make it though the firewall, so this connection was logged.
Thanks,
Jasbryan
Cisco Support Engineer
.:|:.:|:.
08-24-2011 04:22 PM
Thanks very much jasbryan...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide