VPN RV 016 with Stonegate

edusilveira · ‎01-29-2010

Hi, good afternoon.

My vpn site-to-site not connect.

Following the logs:

Jan 29 10:24:18 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet  
Jan 29 10:24:18 2010     VPN Log    Ignoring Vendor ID payload [645af885467f08a6...]  
Jan 29 10:24:18 2010     VPN Log    Ignoring Vendor ID payload [baeb239037e17787...]  
Jan 29 10:24:18 2010     VPN Log    Ignoring Vendor ID payload [c573b056d7faca36...]  
Jan 29 10:24:18 2010     VPN Log    Ignoring Vendor ID payload [431cfc9292a0595d...]  
Jan 29 10:24:18 2010     VPN Log    Received Vendor ID payload Type = [Dead Peer Detection]  
Jan 29 10:24:18 2010     VPN Log    Ignoring Vendor ID payload Type = [Cisco-Unity]  
Jan 29 10:24:18 2010     VPN Log    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet  
Jan 29 10:24:18 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet  
Jan 29 10:24:18 2010     VPN Log    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet  
Jan 29 10:24:18 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet  
Jan 29 10:24:18 2010     VPN Log    Discarding duplicate packet; already STATE_MAIN_I3  
Jan 29 10:24:18 2010     VPN Log    Received informational payload, type INVALID_PAYLOAD_TYPE  
Jan 29 10:24:18 2010     VPN Log    Received informational payload, type INVALID_PAYLOAD_TYPE  
Jan 29 10:24:18 2010     VPN Log    Received informational payload, type INVALID_PAYLOAD_TYPE  
Jan 29 10:24:21 2010     VPN Log    Initiating Main Mode  
Jan 29 10:24:21 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet  
Jan 29 10:24:21 2010     VPN Log    Ignoring Vendor ID payload [645af885467f08a6...]  
Jan 29 10:24:21 2010     VPN Log    Ignoring Vendor ID payload [baeb239037e17787...]  
Jan 29 10:24:21 2010     VPN Log    Ignoring Vendor ID payload [c573b056d7faca36...]  
Jan 29 10:24:21 2010     VPN Log    Ignoring Vendor ID payload [431cfc9292a0595d...]  
Jan 29 10:24:21 2010     VPN Log    Received Vendor ID payload Type = [Dead Peer Detection]  
Jan 29 10:24:21 2010     VPN Log    Ignoring Vendor ID payload Type = [Cisco-Unity]  
Jan 29 10:24:21 2010     VPN Log    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet  
Jan 29 10:24:21 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet  
Jan 29 10:24:21 2010     VPN Log    [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet  
Jan 29 10:24:21 2010     VPN Log    [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet  
Jan 29 10:24:22 2010     VPN Log    Received informational payload, type INVALID_PAYLOAD_TYPE  
Jan 29 10:24:22 2010     VPN Log    Received informational payload, type INVALID_PAYLOAD_TYPE

The config of the client part:

FASE 1 (IKE)
Crypto	3DES
Pre-Shared Key	senha de criptografia (a ser definida em cjto)
Auth	MD5
Diffie Hellmann	Group 2
LifeTime	28800
FASE 2
Crypto	3DES
Auth	MD5
LifeTime	28800

PFS

Disable

PEER: X.X.X.X

REMOTE NETWORK 10.0.0.0 / 255.255.0.0

IN ANNEX my config:

 Thanks

edusilveira · ‎01-29-2010

I configured the lifetimes corretly but this problem continue.

NAT-T is enable.

Logs:

Jan 29 13:17:22 2010 VPN Log Initiating Main Mode

Jan 29 13:17:22 2010 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet

Jan 29 13:17:22 2010 VPN Log Ignoring Vendor ID payload [645af885467f08a6...]

Jan 29 13:17:22 2010 VPN Log Ignoring Vendor ID payload [baeb239037e17787...]

Jan 29 13:17:22 2010 VPN Log Ignoring Vendor ID payload [c573b056d7faca36...]

Jan 29 13:17:22 2010 VPN Log Ignoring Vendor ID payload [431cfc9292a0595d...]

Jan 29 13:17:22 2010 VPN Log Received Vendor ID payload Type = [Dead Peer Detection]

Jan 29 13:17:22 2010 VPN Log Ignoring Vendor ID payload Type = [Cisco-Unity]

Jan 29 13:17:22 2010 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet

Jan 29 13:17:22 2010 VPN Log [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet

Jan 29 13:17:22 2010 VPN Log [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet

Jan 29 13:17:22 2010 VPN Log [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet

Jan 29 13:17:22 2010 VPN Log Received informational payload, type INVALID_PAYLOAD_TYPE

edusilveira · ‎01-29-2010

More information,

Thanks

pudawat · ‎01-29-2010

Halt at Main mode message 5 clearly indicates PRE-SHARED KEY MISMATCH!