|
Настроено всё согласно инструкции
лог из 804
hursday October 07, 2010 17:34:04 IKE Phase1 (ISAKMP SA) established : [217.70.29.53]<->[81.211.12.38]
Thursday October 07, 2010 17:34:04 Send IKE Q1(QINIT) : 192.168.0.0 --> 192.168.1.0
Thursday October 07, 2010 17:34:04 Receive XAUTH (REQUEST) : 81.211.12.38 -> 217.70.29.53, but router is not in client mode
Thursday October 07, 2010 17:34:09 IKED re-TX : QINIT to 81.211.12.38
Thursday October 07, 2010 17:34:14 IKED re-TX : QINIT to 81.211.12.38
Thursday October 07, 2010 17:34:24 IKED re-TX : QINIT to 81.211.12.38
Thursday October 07, 2010 17:34:34 IKED re-TX : QINIT to 81.211.12.38
Thursday October 07, 2010 17:34:54 IKED re-TX : QINIT to 81.211.12.38
Thursday October 07, 2010 17:34:55 Send IKE (INFO) : delete [192.168.0.0|217.70.29.53]-->[81.211.12.38|192.168.1.0] phase 2
Thursday October 07, 2010 17:34:55 IKE phase2 (IPSec SA) remove : 192.168.0.0 <-> 192.168.1.0
Thursday October 07, 2010 17:34:55 inbound SPI = 0x5e04d444, outbound SPI = 0x0
Thursday October 07, 2010 17:34:57 Send IKE Q1(QINIT) : 192.168.0.0 --> 192.168.1.0
Thursday October 07, 2010 17:35:02 IKED re-TX : QINIT to 81.211.12.38
Thursday October 07, 2010 17:35:07 IKED re-TX : QINIT to 81.211.12.38
Thursday October 07, 2010 17:35:17 IKED re-TX : QINIT to 81.211.12.38
Thursday October 07, 2010 17:35:27 IKED re-TX : QINIT to 81.211.12.38
Thursday October 07, 2010 17:35:47 IKED re-TX : QINIT to 81.211.12.38
Thursday October 07, 2010 17:35:48 Send IKE (INFO) : delete [192.168.0.0|217.70.29.53]-->[81.211.12.38|192.168.1.0] phase 2
Thursday October 07, 2010 17:35:48 IKE phase2 (IPSec SA) remove : 192.168.0.0 <-> 192.168.1.0
Thursday October 07, 2010 17:35:48 inbound SPI = 0x5f044013, outbound SPI = 0x0
Thursday October 07, 2010 17:35:50 Send IKE Q1(QINIT) : 192.168.0.0 --> 192.168.1.0
Thursday October 07, 2010 17:35:55 Receive IKE INFO : 81.211.12.38 --> 217.70.29.53
XAUTH на DFL-1600 конечно же выключен вот стату из айписека
Name: Iskra
Local IP: 192.168.1.1
Broadcast: 0.0.0.0
Local Network: 192.168.1.0/24
Remote Network: 192.168.0.0
Remote Gateway: 217.70.29.53
IKE Mode: Main
D-H modp group: 2
NAT Traversal: Enabled if needed and supported by the remote peer
SA per: Net
PFS: Disabled
Config Mode: Disabled
DHCP over IPsec: Disabled
Add Route: Disabled
XAUTH Client: Disabled
XAUTH: Disabled
Keep-alive: Disabled
Authentication: PSK: Key
MTU: 1420
Send Rate: 0 kbps
Receive Rate: 0 kbps
Лог из DFL 1600
2010-10-07
18:37:58 Info IPSEC
1803021
ipsec_sa_statistics
done=1032 success=326 failed=706
2010-10-07
18:37:58 Warning IPSEC
1800109
ike_quickmode_failed
local_ip=81.211.12.38 remote_ip=217.70.29.53 cookies=b67823304acac40eaabe4c691b51d699 reason="No proposal chosen"
2010-10-07
18:37:58 Warning IPSEC
1803020
ipsec_sa_failed
no_ipsec_sa
statusmsg="No proposal chosen"
2010-10-07
18:37:58 Info IPSEC
1800102
ipsec_event
message=" Remote Proxy ID 192.168.0.0/24 any"
2010-10-07
18:37:58 Info IPSEC
1800102
ipsec_event
message=" Local Proxy ID 192.168.1.0/24 any"
2010-10-07
18:37:58 Info IPSEC
1802703
ike_sa_negotiation_completed
ike_sa_completed
local_peer="81.211.12.38 ID 81.211.12.38" remote_peer="217.70.29.53 ID 217.70.29.53" initiator_spi="b6782330 4acac40e" responder_spi="aabe4c69 1b51d699" int_severity=6
помогите разобраться.
|
Вход
Регистрация
FAQ
Поиск
