Даны 2а реальных апишника, нужно соединить 2а офиса используя туннели lan-to-lan по протоколу IPsec. В каждом офисе находится DFL-800
1) Установил на железо одинаковую прошивку DFL-800-2.12.00.44-upgrade.img
2) Сконфигурил DNS Relay как написано на FTP сервере DLINK
ftp://ftp.dlink.ru/pub/FireWall/How%20t ... 0Relay.doc
3) Настроил тунель как написано на FTP сервере DLINK
ftp://ftp.dlink.ru/pub/FireWall/_rus_%2 ... tunnel.pdf
В итоге тунель живет меньше минуты и дропается, немогу понять изз-за чего, прилогаю логи. Буду благодарен за помощь.
Date Severity Category/ID Rule Proto Src/DstIf Src/DstIP Src/DstPort Event/Action
2007-08-29
05:42:46 Warning RULE
06000051 Default_Access_Rule TCP wan1 78.107.24.179
78.107.28.77 1837
139 ruleset_drop_packet
drop
rev=1 ipdatalen=44 tcphdrlen=44 syn=1
2007-08-29
05:42:32 Info IPSEC
01800317 peer_is_dead
IPsec_tunnel_disabled
rev=1 peer=81.22.194.27
2007-08-29
05:42:32 Info IPSEC
01802708 ike_sa_destroyed
ike_sa_killed
Bad logmsg: [2007-08-29 05:42:32] <6>FW: IPSEC: prio=1 id=01802708 rev=1 event=ike_sa_destroyed action=ike_sa_killed ike_sa= Initiator SPI ESP=0x1211f9b3, AH=0x3571c2d3 Responder SPI
2007-08-29
05:42:32 Warning IPSEC
01802022 ike_sa_failed
no_ike_sa
rev=2 statusmsg="Timeout" local_peer=127.0.0.1 ID No Id remote_peer=81.22.194.27 ID No Id initiator_spi=ESP=0x1211f9b3, AH=0x3571c2d3
2007-08-29
05:42:32 Warning IPSEC
01802715 event_on_ike_sa
rev=1 side=Initiator msg="failed" int_severity=6
2007-08-29
05:42:04 Warning RULE
06000051 Default_Access_Rule TCP wan1 78.107.24.179
78.107.28.77 2688
139 ruleset_drop_packet
drop
rev=1 ipdatalen=44 tcphdrlen=44 syn=1
2007-08-29
05:40:32 Info IPSEC
01800317 peer_is_dead
IPsec_tunnel_disabled
rev=1 peer=81.22.194.27
2007-08-29
05:40:32 Info IPSEC
01802708 ike_sa_destroyed
ike_sa_killed
Bad logmsg: [2007-08-29 05:40:32] <6>FW: IPSEC: prio=1 id=01802708 rev=1 event=ike_sa_destroyed action=ike_sa_killed ike_sa= Initiator SPI ESP=0x3cd21bc6, AH=0xc9aee745 Responder SPI
2007-08-29
05:40:32 Warning IPSEC
01802022 ike_sa_failed
no_ike_sa
rev=2 statusmsg="Timeout" local_peer=127.0.0.1 ID No Id remote_peer=81.22.194.27 ID No Id initiator_spi=ESP=0x3cd21bc6, AH=0xc9aee745
2007-08-29
05:40:32 Warning IPSEC
01802715 event_on_ike_sa
rev=1 side=Initiator msg="failed" int_severity=6
2007-08-29
05:38:32 Info IPSEC
01800317 peer_is_dead
IPsec_tunnel_disabled
rev=1 peer=81.22.194.27
2007-08-29
05:38:32 Info IPSEC
01802708 ike_sa_destroyed
ike_sa_killed
Bad logmsg: [2007-08-29 05:38:32] <6>FW: IPSEC: prio=1 id=01802708 rev=1 event=ike_sa_destroyed action=ike_sa_killed ike_sa= Initiator SPI ESP=0xff312a69, AH=0x400cffb6 Responder SPI
2007-08-29
05:38:32 Warning IPSEC
01802022 ike_sa_failed
no_ike_sa
rev=2 statusmsg="Timeout" local_peer=127.0.0.1 ID No Id remote_peer=81.22.194.27 ID No Id initiator_spi=ESP=0xff312a69, AH=0x400cffb6
2007-08-29
05:38:32 Warning IPSEC
01802715 event_on_ike_sa
rev=1 side=Initiator msg="failed" int_severity=6
2007-08-29
05:36:53 Notice SYSTEM
03203000 admin_login
rev=1 authsystem=HTTP username=admin access_level=administrator userdb=AdminUsers server_ip=192.168.0.77 server_port=80 client_ip=192.168.0.66 client_port=1039
2007-08-29
05:36:53 Notice SESMGR
04900001 sesmgr_session_created
none
rev=1 user=admin database=AdminUsers ip=192.168.0.66 type=HTTP
2007-08-29
05:36:47 Notice SYSTEM
03202001 startup_echo
rev=1 delay=15 corever=2.12.00.44-1874 build="Apr 27 2007" uptime=15 cfgfile="core.cfg" cfgver=7 previous_shutdown="Unknown reason ('shutdown.txt' is empty)"
2007-08-29
05:36:37 Notice SYSTEM
03202001 startup_echo
rev=1 delay=5 corever=2.12.00.44-1874 build="Apr 27 2007" uptime=5 cfgfile="core.cfg" cfgver=7 previous_shutdown="Unknown reason ('shutdown.txt' is empty)"
2007-08-29
05:36:32 Notice SYSTEM
03202000 startup_normal
rev=1 corever=2.12.00.44-1874 build="Apr 27 2007" uptime=0 cfgfile="core.cfg" cfgver=7 previous_shutdown="Unknown reason ('shutdown.txt' is empty)"
Вход
Регистрация
FAQ
Поиск
