Сделал Все по инструкции больше полугода назад все работало.
Недели 3 назад разорвалась связь. и не востонавливается больше.

В логах 824:

WAN Type: Static IP Address (v2.00)
Display time: Friday December 04, 2009 09:16:43

Friday December 04, 2009 09:10:34 Blocked access attempt from 188.162.176.165:1763 to TCP port 63911
Friday December 04, 2009 09:10:35 IKED re-TX : AINIT to IP DFL-210
Friday December 04, 2009 09:10:35 Receive IKE INFO : "IP DFL-210" --> 10.46.75.23

10.46.75.23-это ip рутера 824 но в внутренней сети провайдера и соответственно не совпадает его публичным IP.

в 210 :

2009-12-04
09:17:42 Информация IPSEC
1802708


ike_sa_destroyed
ike_sa_killed
ike_sa=" Initiator SPI ESP=0x0174b0b6, AH=0xcbbdaf8e, IPComp=0x5155756"
2009-12-04
09:17:42 Предупреждение IPSEC
1802022


ike_sa_failed
no_ike_sa
statusmsg="No proposal chosen" local_peer="IP DFL-210 ID No Id" remote_peer="89.223.25.102 ID 10.46.75.23" initiator_spi="ESP=0x0174b0b6, AH=0xcbbdaf8e, IPComp=0x5155756d"
2009-12-04
09:17:42 Предупреждение IPSEC
1802715


event_on_ike_sa
side=Responder msg="failed" int_severity=6
2009-12-04
09:17:42 Предупреждение IPSEC
1800107


ike_invalid_proposal
local_ip=IP DFL-210 remote_ip=89.223.25.102 cookies=0174b0b6cbbdaf8e5155756d28b80d3c reason="Could not find acceptable proposal"
2009-12-04
09:17:42 Примечание IPSEC
1802300


rule_selection_failed
info="Peer IP address mismatch" int_severity=6
2009-12-04
09:17:42 Информация IPSEC
1803001


failed_to_select_policy_rule
2009-12-04
09:17:42 Предупреждение IPSEC
1802715


event_on_ike_sa
side=Responder msg="failed" int_severity=6

Видимо не все. Судя по логам, устройства не могут договориться о методе шифрования. Приведите настройки на обоих устройствах.

_________________
Сообщения в PM игнорируются, задавайте вопросы на форуме.

все из инструкции http://www.dlink.ru/ru/faq/92/520.html

IPsecTunnel LocalNetwork="InterfaceAddresses/lannet" RemoteNetwork="InterfaceAddresses/IpSec_remote_net" RemoteEndpoint="InterfaceAddresses/IpSec_remote_endpoint" IKEAlgorithms="Medium" IPsecAlgorithms="Medium" AuthMethod="PSK" PSK="IpSec_key" Name="Tunel" />
<IPsecTunnel LocalNetwork="InterfaceAddresses/lannet" RemoteNetwork="InterfaceAddresses/IpSec_remote_net1" RemoteEndpoint="InterfaceAddresses/IpSec_Remote_EndPoint1" IKEAlgorithms="Medium" IPsecAlgorithms="Medium" AuthMethod="PSK" PSK="ipSec_key2" Name="tunel2" disabled="1" />
<IKEAlgorithms Name="High" DES3Enabled="True" AESEnabled="True" BlowfishEnabled="True" MD5Enabled="True" SHA1Enabled="True" Comments="High security" />
<IPsecAlgorithms Name="High" DES3Enabled="True" AESEnabled="True" BlowfishEnabled="True" MD5Enabled="True" SHA1Enabled="True" Comments="High security" />
<IKEAlgorithms Name="Medium" DESEnabled="True" DES3Enabled="True" AESEnabled="True" BlowfishEnabled="True" TwofishEnabled="True" CAST128Enabled="True" MD5Enabled="True" SHA1Enabled="True" Comments="High compatibility" />
<IPsecAlgorithms Name="Medium" DES3Enabled="True" AESEnabled="True" BlowfishEnabled="True" TwofishEnabled="True" CAST128Enabled="True" MD5Enabled="True" SHA1Enabled="True" Comments="High compatibility" />
<PSK Name="IpSec_key" Type="ASCII" PSKAscii="******

еще лог с 824

Friday December 04, 2009 12:29:34 IKE phase1 (ISAKMP SA) remove : 10.46.75.23 <-> ip DFL-210
Friday December 04, 2009 12:29:34 Send IKE A1(AINIT) : 10.46.75.23 --> ip DFL-210
Friday December 04, 2009 12:29:34 Receive IKE INFO : ip DFL-210 --> 10.46.75.23
Friday December 04, 2009 12:29:39 IKED re-TX : AINIT to ip DFL-210
Friday December 04, 2009 12:29:39 Receive IKE INFO : ip DFL-210 --> 10.46.75.23
Friday December 04, 2009 12:29:44 IKED re-TX : AINIT to ip DFL-210
Friday December 04, 2009 12:29:44 Receive IKE INFO : ip DFL-210 --> 10.46.75.23
Friday December 04, 2009 12:29:54 IKED re-TX : AINIT to ip DFL-210
Friday December 04, 2009 12:29:54 Receive IKE INFO : ip DFL-210 --> 10.46.75.23
Friday December 04, 2009 12:30:04 IKED re-TX : AINIT to ip DFL-210
Friday December 04, 2009 12:30:04 Receive IKE INFO : ip DFL-210 --> 10.46.75.23
Friday December 04, 2009 12:30:24 IKED re-TX : AINIT to ip DFL-210
Friday December 04, 2009 12:30:24 Receive IKE INFO : ip DFL-210 --> 10.46.75.23
Friday December 04, 2009 12:30:25 IKE phase1 (ISAKMP SA) remove : 10.46.75.23 <-> ip DFL-210
Friday December 04, 2009 12:30:25 Send IKE A1(AINIT) : 10.46.75.23 --> ip DFL-210
Friday December 04, 2009 12:30:25 Receive IKE INFO : ip DFL-210 --> 10.46.75.23

Help

HELP!