Auf beiden Seiten ist eine entsprechende Verbindung eingerichtet. Beide nutzen die gleiche Policy (AES-128 PFS), beide sind auf RSA Key eingestellt und der jeweilige Key der anderen Box hinterlegt. Im Log der ASG 8.3 finde ich nur folgendes:
2012:02:07-13:39:01 fw-1 pluto[14962]: packet from :1023: ignoring Vendor ID payload [Cisco-Unity]
2012:02:07-13:39:01 fw-1 pluto[14962]: packet from :1023: received Vendor ID payload [XAUTH]
2012:02:07-13:39:01 fw-1 pluto[14962]: packet from :1023: received Vendor ID payload [Dead Peer Detection]
2012:02:07-13:39:01 fw-1 pluto[14962]: packet from :1023: received Vendor ID payload [RFC 3947]
2012:02:07-13:39:01 fw-1 pluto[14962]: packet from :1023: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
2012:02:07-13:39:01 fw-1 pluto[14962]: packet from :1023: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
2012:02:07-13:39:01 fw-1 pluto[14962]: packet from :1023: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2012:02:07-13:39:01 fw-1 pluto[14962]: packet from :1023: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
2012:02:07-13:39:01 fw-1 pluto[14962]: packet from :1023: initial Main Mode message received on :500 but no connection has been authorized with policy=PUBKEY
2012:02:07-13:39:21 fw-1 pluto[14962]: packet from :500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
This thread was automatically locked due to age.
