Hi,
I'm new here and have the following problem.
I have checked it with Pre-shared key and also with certificate. The same results.
Does anyone has Info?
Thanks in Advance!
This thread was automatically locked due to age.
Hi,
I'm new here and have the following problem.
I have checked it with Pre-shared key and also with certificate. The same results.
Does anyone has Info?
Thanks in Advance!
Hi,
Thanks for your Support.
I have changed from Uplink to the first Public Wan Interface,
I have got now the following logs.
______________With PSK__________________
2021:02:18-15:53:42 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [01528bbbc00696121849ab9a1c5b2a5100000001]
2021:02:18-15:53:42 utm pluto[24202]: packet from *:500: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000009]
2021:02:18-15:53:42 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [RFC 3947]
2021:02:18-15:53:42 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2021:02:18-15:53:42 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [FRAGMENTATION]
2021:02:18-15:53:42 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
2021:02:18-15:53:42 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [Vid-Initial-Contact]
2021:02:18-15:53:42 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [IKE CGA version 1]
2021:02:18-15:53:42 utm pluto[24202]: "L_for admin"[7] * #173347: responding to Main Mode from unknown peer *
2021:02:18-15:53:42 utm pluto[24202]: "L_for admin"[7] * #173347: ECP_384 is not supported. Attribute OAKLEY_GROUP_DESCRIPTION
2021:02:18-15:53:42 utm pluto[24202]: "L_for admin"[7] * #173347: ECP_256 is not supported. Attribute OAKLEY_GROUP_DESCRIPTION
2021:02:18-15:53:42 utm pluto[24202]: "L_for admin"[7] * #173347: next payload type of ISAKMP Hash Payload has an unknown value: 129
2021:02:18-15:53:42 utm pluto[24202]: "L_for admin"[7] * #173347: malformed payload in packet
______________With Cert__________________
2021:02:18-16:52:49 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [01528bbbc00696121849ab9a1c5b2a5100000001]
2021:02:18-16:52:49 utm pluto[24202]: packet from *:500: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000009]
2021:02:18-16:52:49 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [RFC 3947]
2021:02:18-16:52:49 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2021:02:18-16:52:49 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [FRAGMENTATION]
2021:02:18-16:52:49 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
2021:02:18-16:52:49 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [Vid-Initial-Contact]
2021:02:18-16:52:49 utm pluto[24202]: packet from *:500: ignoring Vendor ID payload [IKE CGA version 1]
2021:02:18-16:52:49 utm pluto[24202]: "L_for admin"[3] * #173850: responding to Main Mode from unknown peer *
2021:02:18-16:52:49 utm pluto[24202]: "L_for admin"[3] * #173850: ECP_384 is not supported. Attribute OAKLEY_GROUP_DESCRIPTION
2021:02:18-16:52:49 utm pluto[24202]: "L_for admin"[3] * #173850: ECP_256 is not supported. Attribute OAKLEY_GROUP_DESCRIPTION
2021:02:18-16:52:49 utm pluto[24202]: "L_for admin"[3] * #173850: Peer ID is ID_DER_ASN1_DN: 'C=de, L=*********, O=********r, CN=l2tp_test'
2021:02:18-16:52:49 utm pluto[24202]: "L_for admin"[3] * #173850: crl not found
2021:02:18-16:52:49 utm pluto[24202]: "L_for admin"[3] * #173850: certificate status unknown
2021:02:18-16:52:49 utm pluto[24202]: "L_for admin"[3] * #173850: we have a cert and are sending it
2021:02:18-16:52:49 utm pluto[24202]: "L_for admin"[3] * #173850: sent MR3, ISAKMP SA established
2021:02:18-16:52:49 utm pluto[24202]: "L_for admin"[2] * #173851: responding to Quick Mode
2021:02:18-16:52:49 utm pluto[24202]: "L_for admin"[2] * #173851: IPsec SA established {ESP=>0x76655774 <0xc7ee960b}
Does it work with mac or ios ?
+
Do you followed this guide?
2021:02:18-16:52:49 utm pluto[24202]: "L_for admin"[3] * #173850: ECP_384 is not supported. Attribute OAKLEY_GROUP_DESCRIPTION
2021:02:18-16:52:49 utm pluto[24202]: "L_for admin"[3] * #173850: ECP_256 is not supported. Attribute OAKLEY_GROUP_DESCRIPTION
Please show a picture of the Edit of the "L2TP-over-IPsec" IPsec Policy.
Cheers - Bob
Does the client have these same settings for the 'IKE DH Group' and the 'IPsec PFS Group'?
Cheers - Bob