PDA

View Full Version : VPN Client not connecting


dagreco
August 7th, 2013, 01:15 PM
Hello and thank you in advance for any help you can give me. Here is the current situation:
I am using a UTM50 with firmware version 1.3.15-21 and client VPN software version 4.66. The VPN works fine for users that are connecting with the VPN lite client that came with the UTM 50. I would prefer not to update the firmware as things other than these new VPN clients is working perfect as well as a site to site VPN. The following are the logs from the UTM50:

2013 Aug 7 20:03:43 [UTM50] [IKE] Purged IPsec-SA with proto_id=ESP and spi=235714255(0xe0cb6cf)._

2013 Aug 7 20:03:43 [UTM50] [IKE] Purged IPsec-SA with proto_id=ESP and spi=197342740(0xbc33614)._

2013 Aug 7 20:03:43 [UTM50] [IKE] no iph2 found: ESP 173.12.18.149->74.92.232.78 with spi=235714255(0xe0cb6cf)_

2013 Aug 7 20:03:46 [UTM50] [IKE] Configuration found for 74.92.232.78._

2013 Aug 7 20:03:46 [UTM50] [IKE] Initiating new phase 2 negotiation: 173.12.18.149[500]<=>74.92.232.78[0]_

2013 Aug 7 20:03:46 [UTM50] [IKE] Adjusting encryption mode to use UDP encapsulation_

2013 Aug 7 20:03:46 [UTM50] [IKE] Adjusting peer's encmode 3(3)->Tunnel(1)_

2013 Aug 7 20:03:46 [UTM50] [IKE] IPsec-SA established[UDP encap 4500->4500]: ESP/Tunnel 74.92.232.78->173.12.18.149 with spi=266433462(0xfe173b6)_

2013 Aug 7 20:03:46 [UTM50] [IKE] IPsec-SA established[UDP encap 4500->4500]: ESP/Tunnel 173.12.18.149->74.92.232.78 with spi=51262752(0x30e3520)_

2013 Aug 7 20:04:06 [UTM50] [IKE] Failed 3 of 3 times to get DPD R-U-THERE-ACK from peer "74.92.232.78[4500]"_

2013 Aug 7 20:04:06 [UTM50] [IKE] Peer 74.92.232.78 is detected as Dead, Tearing down the connection_

2013 Aug 7 20:04:06 [UTM50] [IKE] an undead schedule has been deleted: 'pk_recvupdate'._

2013 Aug 7 20:04:06 [UTM50] [IKE] Purged IPsec-SA with spi=51262752(0x30e3520)._

2013 Aug 7 20:04:06 [UTM50] [IKE] an undead schedule has been deleted: 'pk_recvupdate'._

2013 Aug 7 20:04:06 [UTM50] [IKE] Purged IPsec-SA with spi=193697432(0xb8b9698)._

2013 Aug 7 20:04:06 [UTM50] [IKE] Purged IPsec-SA with spi=266433462(0xfe173b6)._

2013 Aug 7 20:04:06 [UTM50] [IKE] Purged IPsec-SA with spi=120219667(0x72a6813)._

2013 Aug 7 20:04:06 [UTM50] [IKE] Purged ISAKMP-SA with spi=67c7c6f24e978bc8:85ea0f65587a1086._

2013 Aug 7 20:04:07 [UTM50] [IKE] ISAKMP-SA deleted for 173.12.18.149[4500]-74.92.232.78[4500] with spi:67c7c6f24e978bc8:85ea0f65587a1086_

2013 Aug 7 20:04:07 [UTM50] [IKE] Deleting PH1, Disable the sacreate lock_

2013 Aug 7 20:04:07 [UTM50] [IKE] Configuration found for 74.92.232.78[500]._

2013 Aug 7 20:04:07 [UTM50] [IKE] local port: 500_

2013 Aug 7 20:04:07 [UTM50] [IKE] Received request for new phase 1 negotiation: 173.12.18.149[500]<=>74.92.232.78[500]_

2013 Aug 7 20:04:07 [UTM50] [IKE] Beginning Identity Protection mode._

2013 Aug 7 20:04:07 [UTM50] [IKE] Received Vendor ID: RFC XXXX_

2013 Aug 7 20:04:07 [UTM50] [IKE] Received Vendor ID: DPD_

2013 Aug 7 20:04:07 [UTM50] [IKE] DPD is Enabled_

2013 Aug 7 20:04:07 [UTM50] [IKE] For 74.92.232.78[500], Selected NAT-T version: RFC XXXX_

2013 Aug 7 20:04:07 [UTM50] [IKE] Setting DPD Vendor ID_

2013 Aug 7 20:04:07 [UTM50] [IKE] Received Vendor ID: KAME/racoon_

2013 Aug 7 20:04:07 [UTM50] [IKE] NAT-D payload matches for 173.12.18.149[500]_

2013 Aug 7 20:04:07 [UTM50] [IKE] NAT-D payload does not match for 74.92.232.78[500]_

2013 Aug 7 20:04:07 [UTM50] [IKE] NAT detected: PEER_

2013 Aug 7 20:04:07 [UTM50] [IKE] Floating ports for NAT-T with peer 74.92.232.78[4500]_

2013 Aug 7 20:04:07 [UTM50] [IKE] ISAKMP-SA established for 173.12.18.149[4500]-74.92.232.78[4500] with spi:b308407eb83e4e17:2d5dc1f0910fcd39_

2013 Aug 7 20:04:07 [UTM50] [IKE] Sending Informational Exchange: notify payload[INITIAL-CONTACT]_

2013 Aug 7 20:04:08 [UTM50] [IKE] Responding to new phase 2 negotiation: 173.12.18.149[0]<=>74.92.232.78[0]_

2013 Aug 7 20:04:08 [UTM50] [IKE] Using IPsec SA configuration: 192.168.0.0/24<->192.168.1.0/24_

2013 Aug 7 20:04:08 [UTM50] [IKE] Adjusting peer's encmode 3(3)->Tunnel(1)_

2013 Aug 7 20:04:08 [UTM50] [IKE] IPsec-SA established[UDP encap 4500->4500]: ESP/Tunnel 74.92.232.78->173.12.18.149 with spi=124545139(0x76c6873)_

2013 Aug 7 20:04:08 [UTM50] [IKE] IPsec-SA established[UDP encap 4500->4500]: ESP/Tunnel 173.12.18.149->74.92.232.78 with spi=242189188(0xe6f8384)_

2013 Aug 7 20:04:12 [UTM50] [IKE] Configuration found for 74.92.232.78._

2013 Aug 7 20:04:12 [UTM50] [IKE] Initiating new phase 2 negotiation: 173.12.18.149[500]<=>74.92.232.78[0]_

2013 Aug 7 20:04:12 [UTM50] [IKE] Adjusting encryption mode to use UDP encapsulation_

2013 Aug 7 20:04:12 [UTM50] [IKE] Adjusting peer's encmode 3(3)->Tunnel(1)_

2013 Aug 7 20:04:13 [UTM50] [IKE] IPsec-SA established[UDP encap 4500->4500]: ESP/Tunnel 74.92.232.78->173.12.18.149 with spi=107091662(0x66216ce)_

2013 Aug 7 20:04:13 [UTM50] [IKE] IPsec-SA established[UDP encap 4500->4500]: ESP/Tunnel 173.12.18.149->74.92.232.78 with spi=40876152(0x26fb878)_

2013 Aug 7 20:04:13 [UTM50] [IKE] Sending Informational Exchange: delete payload[]_

2013 Aug 7 20:04:13 [UTM50] [IKE] an undead schedule has been deleted: 'pk_recvupdate'._

2013 Aug 7 20:04:13 [UTM50] [IKE] Purged IPsec-SA with proto_id=ESP and spi=124545139(0x76c6873)._

Thank you for your help!