Проблемы с VPN (DI-804HV -DSL-500T -- DS-601 client)
Конфигурация сети
DI-804HV --Internet -- DSL-500T (pass-through (multicast,
Port Forwarding – IPSec)) -> PC (WinXP) -- DS-601 client
Установки роутера и DS-601 согласно FAQ (
www.dlink.com )
“How do I configure DS-601/605 VPN software client to connect to my VPN router?”
Отличия: DI-804HV Вместо Dynamic VPN -> “Static” VPN
==============================================
CONFIGURING DI-804HV
VPN Settings
Tunnel Name DSb_804br
Aggressive Mode
Local Subnet 192.168.12.0
Local Netmask 255.255.255.0
Remote Subnet 192.168.101.112
Remote Netmask 255.255.255.255
Remote Gateway 83.237.vvv.vvv
IKE Keep Alive
(Ping IP Address)
Preshare Key xxxxxxxxxxxx
Extended Authentication
(xAUTH)
IPSec NAT Traversal
IKE Pro..--> Group 1 3DES SHA-1 ->Lifet. 28800 Sec.
IPSec Pro.. -> Group 1 ESP -> 3DES -> SHA-1->Lifet.28800 Sec.
============================
CONFIGURING THE DS-601/605 client VPN software
Configuration -> Profile Settings
Select the profile --> Configure.
General
<Name>
Comm. media --> LAN.
IPSec General Settings
Gateway WAN IP address xxx.xxx.xxx.xxx
IKE pol. 3DES-SHA-DH2.
IPSec pol. ESP-3DES-SHA.
Advance options
Exch. mode -- Main mode.
PFS group -- DH-Group 1(768Bit).
Enable -- Disabled DPD(Dead Peer Detection).
Identities .
preshare key -- xxxxxxxxxxxxx
IP Address Assignment
default settings.
Remote Networks
<Network addresses> <Subnet masks>
Firewall Settings --> Enable Stateful Inspection to OFF
===================================
VPN тоннель не устанавливается ( даже с учетом некоторых изменений)
Log (клиента):
20.06.2006 21:55:01 IPSDIALCHAN::start building connection
20.06.2006 21:55:01 NCPIKE-phase1:name(DI-804HVbr_DSb) - outgoing connect request - main mode.
20.06.2006 21:55:01 XMIT_MSG1_MAIN - DI-804HVbr_DSb
20.06.2006 21:55:01 RECV_MSG2_MAIN - DI-804HVbr_DSb
20.06.2006 21:55:01 XMIT_MSG3_MAIN - DI-804HVbr_DSb
20.06.2006 21:55:01 IPSDIAL->FINAL_TUNNEL_ENDPOINT:083.069.zzz.zzz
20.06.2006 21:55:01 RECV_MSG4_MAIN - DI-804HVbr_DSb
20.06.2006 21:55:01 XMIT_MSG5_MAIN - DI-804HVbr_DSb
20.06.2006 21:55:01 RECV_MSG6_MAIN - DI-804HVbr_DSb
20.06.2006 21:55:01 NCPIKE-phase1:name(DI-804HVbr_DSb) - connected
20.06.2006 21:55:01 XMIT_MSG1_QUICK - DI-804HVbr_DSb
20.06.2006 21:55:13 NCPIKE-phase2:name(DI-804HVbr_DSb) - error - retry timeout - max retries
Какие изменения необходимы в настройках DS-601?
Спасибо
Вход
Регистрация
FAQ
Поиск
