Advertisement

05.15.2007 at 01:53AM PDT, ID: 22572431
[x]
Attachment Details

Watchguard to Pix 501 Manual VPN down time

Asked by Adminicle in Watchguard Firewall, Virtual Private Networking (VPN), Cisco PIX Firewall

Tags: watchguard

We have a Watchguard x55e with a Manual Static VPN to a cisco Pix501. its been working fine up till yesterday when it just stopped working. so far we have no changed anything on either the pix or the watchguard.

Last night the VPN came back up and seemed to be working again. Came into work this morning and its down again.
Checking out ISP, it looks like we have a poor connection.

the error messages I am getting is as follows

May 15 08:46:39  iked[1356]        ipsec_nl_catcher: Key negotiation already in progress for channel 0  
May 15 08:46:39  kernel        ipsec: Acquiring keys for channel 0  
May 15 08:46:39  kernel        allow out eth1 49 udp 20 127 192.194.100.56 192.168.42.1 1115 50796 (Outgoing)  
May 15 08:46:38  kernel        allow out eth1 62 udp 20 127 192.194.100.46 24.82.180.20 4730 46966 (Outgoing)  
May 15 08:46:38  kernel        allow out eth1 59 udp 20 63 192.194.100.85 200.118.191.241 25072 16065 (Outgoing)  
May 15 08:46:38  kernel        allow out eth1 49 udp 20 127 192.194.100.56 192.168.42.1 1115 50796 (Outgoing)  
May 15 08:46:37  kernel        allow out eth1 49 udp 20 127 192.194.100.56 192.168.42.1 1115 50796 (Outgoing)  
May 15 08:46:36  kernel        allow out eth1 49 udp 20 127 192.194.100.56 192.168.42.1 1115 50796 (Outgoing)  
May 15 08:46:35  iked[1356]        Received NO_PROPOSAL_CHOSEN message, mess_id=0x2AEA481B  
May 15 08:46:35  iked[1356]        FROM xx.xx.xx.xx IF-HDR*#-2AEA481B ISA_HASH ISA_NOTIFY  
May 15 08:46:35  iked[1356]        TO xx.xx.xx.xx QM-HDR*#-76191F95 ISA_HASH ISA_SA ISA_NONCE ISA_KE ISA_ID ISA_ID  
May 15 08:46:35  iked[1356]        TO xx.xx.xx.xx IF-HDR*#-D4A36547 ISA_HASH ISA_NOTIFY  
May 15 08:46:35  iked[1356]        Sending INITIAL_CONTACT message  
May 15 08:46:35  iked[1356]        FROM xx.xx.xx.xx MM-HDR*# ISA_ID ISA_HASH  
May 15 08:46:35  iked[1356]        TO xx.xx.xx.xx MM-HDR*# ISA_ID ISA_HASH  
May 15 08:46:35  iked[1356]        Rejecting peer XAUTH request: not configured  
May 15 08:46:35  kernel        allow out eth1 49 udp 20 127 192.194.100.56 192.168.42.1 1115 50796 (Outgoing)  
May 15 08:46:35  iked[1356]        FROM xx.xx.xx.xx MM-HDR ISA_KE ISA_NONCE ISA_VENDORID ISA_VENDORID ISA_VENDORID ISA_VENDORID NAT-D NAT-D  
May 15 08:46:34  iked[1356]        TO xx.xx.xx.xx IF-HDR ISA_NOTIFY  
May 15 08:46:34  iked[1356]        Sending INVALID_COOKIE message  
May 15 08:46:34  iked[1356]        Received a packet for an unknown SA  
May 15 08:46:34  iked[1356]        FROM 81.137.39.125 MM-HDR ISA_SA ISA_VENDORID ISA_VENDORID  
May 15 08:46:34  iked[1356]        TO 81.137.39.125 MM-HDR ISA_KE ISA_NONCE NAT-D NAT-D  
May 15 08:46:34  iked[1356]        FROM 81.137.39.125 MM-HDR ISA_SA ISA_VENDORID ISA_VENDORID  
May 15 08:46:34  kernel        allow out eth1 49 udp 20 127 192.194.100.56 192.168.42.1 1115 50796 (Outgoing)  
May 15 08:46:34  iked[1356]        TO 81.137.39.125 MM-HDR ISA_SA ISA_VENDORID ISA_VENDORID ISA_VENDORID ISA_VENDORID ISA_VENDORID  
May 15 08:46:34  iked[1356]        Iked Initialized.  
May 15 08:46:33  ipseccfg[1356] Unable to add route to xx.xxx.xx.xx  
May 15 08:46:33  ipseccfg[1356] add_host_routes: adding route to xx.xx.xx.xx via dev eth0 with gw xx.xx.xx.xx  
May 15 08:46:33  ipseccfg[1356] add_policies:adding route:daddr=c0a87900 dmask=ffffff00 flags=1  
May 15 08:46:33  ipseccfg[1356] ifdev_set_metric: metric 7 not set  May 15 08:46:33  ipseccfg[1356]  get_external_device: external dev is now eth0  
May 15 08:46:33  kernel        allow out eth1 49 udp 20 127 192.194.100.56 192.168.42.1 1115 50796 (Outgoing)  
May 15 08:46:33  kernel        allow out eth1 63 udp 20 127 192.194.100.152 204.74.112.44 1103 53 (DNS)  
May 15 08:46:33  kernel        allow out eth1 63 udp 20 127 192.194.100.152 204.74.113.44 1103 53 (DNS)  
May 15 08:46:33  ipseccfg[1356] get_external_device: external dev is now eth0  
May 15 08:46:32  ipseccfg[1356] mfg_read_serial: returning [707602995867E]  
May 15 08:46:32  kernel        allow out eth1 49 udp 20 127 192.194.100.56 192.168.42.1 1115 50796 (Outgoing)  
May 15 08:46:32  kernel        deny out eth1 229 udp 20 64 192.194.100.18 192.194.100.255 138 138 (broadcast)  
May 15 08:46:31  kernel        allow out eth1 49 udp 20 127 192.194.100.56 192.168.42.1 1115 50796 (Outgoing)  
May 15 08:46:30  kernel        allow out eth1 49 udp 20 127 192.194.100.56 192.168.42.1 1115 50796 (Outgoing)  
May 15 08:46:29  ipseccfg[1356] Opened firewall device explicitly (/tmp/firewall)  
May 15 08:46:29  ipseccfg[1356] Firewall device file descriptor environment variable not set  
May 15 08:46:29  ipseccfg[1356] WatchGuard IPSEC Configurator v7.4.1.B1000 (C) 1996-2006 WGTI


Any light on this would be greatStart Free Trial
Related Solutions: PIX to Watchguard static VPN?
[+][-]05.15.2007 at 01:54AM PDT, ID: 19091229

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.15.2007 at 02:58AM PDT, ID: 19091453

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.15.2007 at 05:38AM PDT, ID: 19092194

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.16.2007 at 09:52AM PDT, ID: 19102300

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.16.2007 at 09:52AM PDT, ID: 19102307

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.17.2007 at 05:37AM PDT, ID: 19107628

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.21.2007 at 01:06AM PDT, ID: 19125662

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.21.2007 at 01:45AM PDT, ID: 19125742

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.23.2007 at 09:15AM PDT, ID: 19142727

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.23.2007 at 08:28PM PDT, ID: 19146925

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.24.2007 at 02:30AM PDT, ID: 19147870

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.24.2007 at 03:22AM PDT, ID: 19148066

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.24.2007 at 05:54AM PDT, ID: 19148763

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.24.2007 at 06:49AM PDT, ID: 19149109

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.24.2007 at 07:18AM PDT, ID: 19149353

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.24.2007 at 07:55AM PDT, ID: 19149729

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Watchguard Firewall, Virtual Private Networking (VPN), Cisco PIX Firewall
Tags: watchguard
Sign Up Now!
Solution Provided By: charan_jeetsingh
Participating Experts: 1
Solution Grade: A
 
 
[+][-]05.24.2007 at 08:06AM PDT, ID: 19149844

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.24.2007 at 11:26PM PDT, ID: 19155004

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.24.2007 at 11:27PM PDT, ID: 19155008

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.25.2007 at 12:54AM PDT, ID: 19155253

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.25.2007 at 12:57AM PDT, ID: 19155267

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06.06.2007 at 01:13AM PDT, ID: 19223383

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32