cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

337
Views
0
Helpful
1
Replies
Beginner

IPSEC negotiation error message on VPN Concentrator 3030

I am trying to connect to my VPN 3030 thorough a client. Everything goes along fine until the start of Phase 2's Quick mode negotiation when, after starting Quick mode response, VPN Concentrator spits out FSM errors.

I tried to search for their meanings but could not find them. Can anyone point out what is wrong here?

Log snippet:

===========

262 05/05/2005 18:56:27.160 SEV=9 IKEDBG/1 RPT=78

Processing cfg Request attributes

263 05/05/2005 18:56:27.160 SEV=9 IKEDBG/53 RPT=13

MODE_CFG: Received request for IPV4 address!

264 05/05/2005 18:56:27.160 SEV=9 IKEDBG/53 RPT=14

MODE_CFG: Received request for IPV4 net mask!

265 05/05/2005 18:56:27.160 SEV=9 IKEDBG/31 RPT=7 70.0.0.1

Group [70.0.0.1] User [jiva1]

Obtained IP addr (22.0.0.1) prior to initiating Mode Cfg (XAuth enabled)

267 05/05/2005 18:56:27.160 SEV=9 IKEDBG/0 RPT=297 70.0.0.1

Group [70.0.0.1] User [jiva1]

constructing blank hash

268 05/05/2005 18:56:27.160 SEV=4 IKE/149 RPT=13

Hardware client security attribute SECURE UNIT was enabled but not requested.

269 05/05/2005 18:56:27.160 SEV=4 IKE/149 RPT=14

Hardware client security attribute INDIVIDUAL USER AUTH was enabled but not requ

ested.

271 05/05/2005 18:56:27.160 SEV=9 IKEDBG/0 RPT=298 70.0.0.1

0000: 00010004 16000001 ........

272 05/05/2005 18:56:27.160 SEV=9 IKEDBG/0 RPT=299 70.0.0.1

Group [70.0.0.1] User [jiva1]

constructing qm hash

273 05/05/2005 18:56:27.160 SEV=8 IKEDBG/0 RPT=300 70.0.0.1

SENDING Message (msgid=d2309ef5) with payloads :

HDR + HASH (8) + ATTR (14)

total length : 64

275 05/05/2005 18:56:27.160 SEV=8 IKEDECODE/0 RPT=108 70.0.0.1

ISAKMP HEADER : ( Version 1.0 )

Initiator Cookie(8): 3A FE 4F 4B 62 53 9D 29

Responder Cookie(8): 31 D2 B6 A7 45 77 B2 10

Next Payload : HASH (8)

Exchange Type : Oakley Quick Mode

Flags : 1 (ENCRYPT )

Message ID : bddcc8bb

Length : 148

282 05/05/2005 18:56:27.160 SEV=12 IKEDECODE/3 RPT=7 70.0.0.1

IKE Responder starting QM: msg id = bddcc8bb

283 05/05/2005 18:56:27.160 SEV=9 IKEDBG/21 RPT=7 70.0.0.1

Group [70.0.0.1] User [jiva1]

Delay Quick Mode processing, Cert/Trans Exch/RM DSID in progress

285 05/05/2005 18:56:27.160 SEV=7 IKEDBG/65 RPT=9 70.0.0.1

Group [70.0.0.1] User [jiva1]

IKE AM Responder FSM error history (struct &0x7e03ac8)

<state>, <event>:

AM_DONE, EV_ERROR_CONT

AM_DONE, EV_ERROR

AM_TM_PEND_QM, EV_TM_OK

AM_TM_PEND_QM, NullEvent

290 05/05/2005 18:56:27.160 SEV=9 IKEDBG/0 RPT=301 70.0.0.1

1 REPLY 1
Highlighted
Beginner

Re: IPSEC negotiation error message on VPN Concentrator 3030

Hi,

Upgrade your concentrator image to 4.1.7.F. It will relove your problum

Regards,

Mustafa