Solved

HELP with establishing site to site vpn

Posted on 2013-05-22
1
2,456 Views
Last Modified: 2013-11-27
Hi

We recently configured a new VLAN to connect to our new (global) internet provider on our existing watchguard firewall.

The internet works fine however we are unable to setup an site to site vpn connections on this link. We are able to set this up with no issues on our backup (standard fibre WAN link) bot not on this VLAN (Global) internet link.

We have confirmed numerous times with our client the phase 1 and 2 settings, preshared key etc and we are 100% sure both settings match. Please see debug below.


2013-05-22 16:42:28 iked ikePhase2ForceRekeyAllGatewayTunnels: gateway name: GlobalInternet        Debug
2013-05-22 16:42:28 iked walk through all SPSAItems in IPSEC policy: Client-connection         Debug
2013-05-22 16:42:28 iked Valid IPSec SA notfound for SPSAItem. Initiate new tunnel negotiation.        Debug
2013-05-22 16:42:28 iked ikeMultiWanPickupIkePcyObj: MWAN ikePcyGrpName=GlobalInternet, numofMbrs=1        Debug
2013-05-22 16:42:28 iked ikeMultiWanPickupIkePcyObj: MWAN choose the ikePcy - name=GlobalInternet        Debug
2013-05-22 16:42:28 iked ikeCreateXfrmAcquireMsg: creating ACQUIRE message with ipecPcy: Client-connection ikePcy: GlobalInternet ifIndex: 11 tunnel_src=(removed from privacy reasons) tunnel_dst=(removed for privacy reasons)        Debug
2013-05-22 16:42:28 iked IkeFindIsakmpSABySPD: (opCode 1) search pcy [GlobalInternet] with src=(removed for privacy reasons) dst=(removed for privacy reasons), p1saId=0 peer_udp=0        Debug
2013-05-22 16:42:28 iked [ikeDoXfrmAcquireAction:6478] License Feature(BOVPN_TUNNEL) check: Max: 75 Cur: 2        Debug
2013-05-22 16:42:28 iked ikeDoXfrmAcquireAction: ACQ_Hanlder(0x83ade38) seq=0x0, reqid=0, ifindex=11, choose ipsecPcy=Client-connection        Debug
2013-05-22 16:42:28 iked findSPINodeBySPI: SPI:0xaeec547b hash:128 : (nil)        Debug
2013-05-22 16:42:28 iked ipsecSpiNodeAdd: SPI(0xaeec547b) node added in hash table[128].SPI count: 5        Debug
2013-05-22 16:42:28 iked ikeAllocateMemoryForRSPM_IPsecPolicy: size of IPsecPolicy is 72        Debug
2013-05-22 16:42:28 iked fillInRspmIPsecPolicy: using spi 0xaeec547b        Debug
2013-05-22 16:42:28 iked fillInRspmIPsecPolicy: Using ipsecProposal Client-connection        Debug
2013-05-22 16:42:28 iked fillInRspmIPsecPolicy: rspm_transform: authAlgo = 2, authKeyLen=0, encryAlgo=3, encrypKeyLen=0, lifeInSecs=28800, lifeInKbytes=128000        Debug
2013-05-22 16:42:28 iked IPSEC Policy: peerIp = 0x7dfe28d6, pfs = 1, dhGrp =2, numProp 1        Debug
2013-05-22 16:42:28 iked IPSEC Selector(Local): srcIp:port=0xac1001e4:0, dstIp:port=0x0a0a1400:0, proto=0        Debug
2013-05-22 16:42:28 iked IPSEC Selector(Local): srcMask(Range)=0xffffffff, dstMask(Range)=0xffffff00        Debug
2013-05-22 16:42:28 iked Selector to IKE: srcIp:port=0xe40110ac:0, dstIp:port=0x00140a0a:0, proto=0        Debug
2013-05-22 16:42:28 iked IPSEC Proposal(0): propNum 1 numXform 1 secProto 3 replay 32 spi 0xaeec547b        Debug
2013-05-22 16:42:28 iked IPSEC Transform: xformNum 0 auth 2 encry 3 encap 1 encryLen 0 sec 28800 KB 128000        Debug
2013-05-22 16:42:28 iked From IPSEC tunnel_src=(removed for privacy reasons), tunnel_dst=(removed for privacy reasons), ifindex=11        Debug
2013-05-22 16:42:28 iked Use IKE Policy[GlobalInternet]        Debug
2013-05-22 16:42:28 iked IkeFindIsakmpSABySPD: (opCode 1) search pcy [GlobalInternet] with src=(removed for privacy reasons) dst=(removed for privacy reasons), p1saId=0 peer_udp=0        Debug
2013-05-22 16:42:28 iked IkeCreateIsakmpSA: init vpnDpdSequenceNum = 19815994(Isakmp SA 0x812bf00)        Debug
2013-05-22 16:42:28 iked CreateQMState(0x8135440): start Cleanup timer for msgId=0, dst=0x7dfe28d6        Debug
2013-05-22 16:42:28 iked MainMode: Start (Ct=1705) pcy [GlobalInternet]        Debug
2013-05-22 16:42:28 iked IkeProposalHtoN : net order spi(0000 0000 0000 0000)          Debug
2013-05-22 16:42:28 iked MainMode: add VPN_KEEPALIVE_VID (sz 12)        Debug
2013-05-22 16:42:28 iked MainMode: add VPN_NAT-T_VID (sz 20)        Debug
2013-05-22 16:42:28 iked sendto_with_pktinfo: sendmsg failed, ifindex 11 error 1(Operation not permitted)        Debug
2013-05-22 16:42:28 iked IkeSendMsg : sendto returned failure         Debug
2013-05-22 16:42:28 iked StartMainMode: failed to send out 1st msg        Debug
2013-05-22 16:42:28 iked StartNegotiation : failed to start phase 1 negotiation        Debug
2013-05-22 16:42:28 iked IkeDeleteIsakmpSA: try to delete Isakmp SA 0x812bf00        Debug
2013-05-22 16:42:28 iked IkeDeleteIsakmpSA: try to delete QMState SA 0x8135440         Debug
2013-05-22 16:42:28 iked IkeDeleteQMState: try to delete QMState 0x8135440 (ID 0) with IsakmpSA 0x812bf00        Debug
2013-05-22 16:42:28 iked SA Nego Fail: saHandle 0x083ade38 InitMode 1, reason 2        Debug
2013-05-22 16:42:28 iked findSPINodeBySPI: SPI:0xaeec547b hash:128 : 0x820cfa8        Debug
2013-05-22 16:42:28 iked ipsecSpiNodeFree: SPI(0xaeec547b) node deleted from hash table. SPI count:4        Debug
2013-05-22 16:42:28 iked SA Nego Fail: free saHandle        Debug
2013-05-22 16:42:28 iked (Delete QMState) rasUserCapacity 25 count 0          Debug
2013-05-22 16:42:28 iked (Delete QMState) maxPendingP2SARequest 128 current 0         Debug
2013-05-22 16:42:28 iked Totally 1 Pending P2 SA Requests Got Dropped.        Debug
2013-05-22 16:42:28 iked IkeDeleteIsakmpSA: Stop Phase One Retry and Life Timer        Debug
2013-05-22 16:42:28 iked IkeDeleteIsakmpSA: Stop Phase One DPD Retry timer        Debug
2013-05-22 16:42:28 iked Use IKE Policy[GlobalInternet]        Debug
2013-05-22 16:42:28 iked IkeDeleteIsakmpSA: found it, remove IkeSA 0x812bf00 from IkePolicy        Debug
2013-05-22 16:42:28 iked IkeDeleteIsakmpSA: from pcy list, P1SANum created 0, active 0        Debug
2013-05-22 16:42:28 iked IkeDropIkeSAByAddr: delete IkeSA from peerTable idx 12 peer1 0xcbbe467a peer2 0x7dfe28d6        Debug
2013-05-22 16:42:28 iked (Delete P1SA) rasUserCapacity 25 count 0          Debug
2013-05-22 16:42:28 iked (Delete P1SA) maxPendingP2SARequest 128 current 0         Debug
2013-05-22 16:42:28 iked ikeDoXfrmAcquireAction: IkeStartNegoation failed - err=-1        Debug
2013-05-22 16:42:28 iked findSPINodeBySPI: SPI:0xaeec547b hash:128 : (nil)        Debug
2013-05-22 16:42:28 iked ikeDoXfrmAcquireAction: cannot delete SPI(0xaeec547b) from SPI hash table(errno=-2)        Debug
2013-05-22 16:42:28 iked ike_handle_action_status:<-- Response length:8192 rc:0        Debug
2013-05-22 16:42:28 iked sending response to 400ab7 (id: 16276l) with return code 0. Data len: 8192        Debug
2013-05-22 16:42:28 ikestubd Received query (id: 16276, xpath: /ipsec/bovpn/rekey)        Debug
2013-05-22 16:42:28 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:28 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/list' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:28 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/list          Debug
2013-05-22 16:42:28 wgagent failed to find session 109        Debug
2013-05-22 16:42:28 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:28 sessiond sessiond: wgapi: rcved cmd=1 '/toSessiond/delete' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:28 sessiond sessiond: get into sess_prcs_status(): xpath=/toSessiond/delete          Debug
2013-05-22 16:42:28 sessiond del sess infoCode=0        Debug
2013-05-22 16:42:28 sessiond Deleting session 109 for user admin, info code 0        Debug
2013-05-22 16:42:28 sessiond CLST: no need to sync for sess delete, enable=0 fd=0 nodes=0        Debug
2013-05-22 16:42:28 sessiond Session deleted. Current sess table size=3        Debug
2013-05-22 16:42:36 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:36 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:36 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:42:36 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:36 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:36 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:42:36 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:36 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:36 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:42:36 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:36 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:36 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:42:36 iked ******** RECV message on fd_server(7) ********        Debug
2013-05-22 16:42:36 iked RECV cmd=1, xpath=/vpn/ike_policy_group/list (status:1, action:2, notification:5, wgcmd:7)        Debug
2013-05-22 16:42:36 iked ike_handle_status: called for /vpn/ike_policy_group/list        Debug
2013-05-22 16:42:36 iked ike_handle_action_status:--> called for /vpn/ike_policy_group/list        Debug
2013-05-22 16:42:36 iked Get IKE Policy List Request Msg        Debug
2013-05-22 16:42:36 iked 3 IKE policy groups copied. total length 2496 bytes         Debug
2013-05-22 16:42:36 iked Get IKE Policy List Request Msg        Debug
2013-05-22 16:42:36 iked 3 IKE policy groups copied. total length 2496 bytes         Debug
2013-05-22 16:42:36 iked ike_handle_action_status:<-- Response length:2504 rc:0        Debug
2013-05-22 16:42:36 iked sending response to 400ab7 (id: 16277l) with return code 0. Data len: 2504        Debug
2013-05-22 16:42:36 ikestubd Received query (id: 16277, xpath: /ike/gateway/list)        Debug
2013-05-22 16:42:37 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:37 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/list' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:37 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/list          Debug
2013-05-22 16:42:40 iked ******** RECV message on fd_server(7) ********        Debug
2013-05-22 16:42:40 iked RECV cmd=7, xpath=/ping (status:1, action:2, notification:5, wgcmd:7)        Debug
2013-05-22 16:42:40 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:40 sessiond sessiond: wgapi: rcved cmd=7 '/ping' fromIPC=2758 serial=80B00541A878C         Debug
2013-05-22 16:42:45 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:45 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:45 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:42:45 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:45 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:45 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:42:45 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:45 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:45 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:42:45 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:45 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:45 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:42:45 iked ******** RECV message on fd_server(7) ********        Debug
2013-05-22 16:42:45 iked RECV cmd=1, xpath=/vpn/ike_policy_group/list (status:1, action:2, notification:5, wgcmd:7)        Debug
2013-05-22 16:42:45 iked ike_handle_status: called for /vpn/ike_policy_group/list        Debug
2013-05-22 16:42:45 iked ike_handle_action_status:--> called for /vpn/ike_policy_group/list        Debug
2013-05-22 16:42:45 iked Get IKE Policy List Request Msg        Debug
2013-05-22 16:42:45 iked 3 IKE policy groups copied. total length 2496 bytes         Debug
2013-05-22 16:42:45 iked Get IKE Policy List Request Msg        Debug
2013-05-22 16:42:45 iked 3 IKE policy groups copied. total length 2496 bytes         Debug
2013-05-22 16:42:45 iked ike_handle_action_status:<-- Response length:2504 rc:0        Debug
2013-05-22 16:42:45 iked sending response to 400ab7 (id: 16278l) with return code 0. Data len: 2504        Debug
2013-05-22 16:42:45 ikestubd Received query (id: 16278, xpath: /ike/gateway/list)        Debug
2013-05-22 16:42:46 sessiond updateSession: role 0, enable 0, state 1        Debug
2013-05-22 16:42:46 sessiond updateSession: role 0, enable 0, state 1        Debug
2013-05-22 16:42:46 sessiond updateSession: role 0, enable 0, state 1        Debug
2013-05-22 16:42:46 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:46 sessiond sessiond: wgapi: rcved cmd=1 '/toSessiond/updateActivity' fromIPC=4197043 serial=80B00541A878C         Debug
2013-05-22 16:42:46 sessiond sessiond: get into sess_prcs_status(): xpath=/toSessiond/updateActivity          Debug
2013-05-22 16:42:46 sessiond OK! sess update oK, sessId=106          Debug
2013-05-22 16:42:46 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:46 sessiond sessiond: wgapi: rcved cmd=1 '/toSessiond/updateActivity' fromIPC=8391347 serial=80B00541A878C         Debug
2013-05-22 16:42:46 sessiond sessiond: get into sess_prcs_status(): xpath=/toSessiond/updateActivity          Debug
2013-05-22 16:42:46 sessiond OK! sess update oK, sessId=91          Debug
2013-05-22 16:42:46 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:46 sessiond sessiond: wgapi: rcved cmd=1 '/toSessiond/updateActivity' fromIPC=12585651 serial=80B00541A878C         Debug
2013-05-22 16:42:46 sessiond sessiond: get into sess_prcs_status(): xpath=/toSessiond/updateActivity          Debug
2013-05-22 16:42:46 sessiond OK! sess update oK, sessId=107          Debug
2013-05-22 16:42:46 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:46 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/list' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:46 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/list          Debug
2013-05-22 16:42:53 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:53 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:53 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:42:53 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:53 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:53 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:42:53 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:53 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:53 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:42:53 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:53 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:53 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:42:54 iked ******** RECV message on fd_server(7) ********        Debug
2013-05-22 16:42:54 iked RECV cmd=1, xpath=/vpn/ike_policy_group/list (status:1, action:2, notification:5, wgcmd:7)        Debug
2013-05-22 16:42:54 iked ike_handle_status: called for /vpn/ike_policy_group/list        Debug
2013-05-22 16:42:54 iked ike_handle_action_status:--> called for /vpn/ike_policy_group/list        Debug
2013-05-22 16:42:54 iked Get IKE Policy List Request Msg        Debug
2013-05-22 16:42:54 iked 3 IKE policy groups copied. total length 2496 bytes         Debug
2013-05-22 16:42:54 iked Get IKE Policy List Request Msg        Debug
2013-05-22 16:42:54 iked 3 IKE policy groups copied. total length 2496 bytes         Debug
2013-05-22 16:42:54 iked ike_handle_action_status:<-- Response length:2504 rc:0        Debug
2013-05-22 16:42:54 iked sending response to 400ab7 (id: 16279l) with return code 0. Data len: 2504        Debug
2013-05-22 16:42:54 ikestubd Received query (id: 16279, xpath: /ike/gateway/list)        Debug
2013-05-22 16:42:55 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:42:55 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/list' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:42:55 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/list          Debug
2013-05-22 16:43:10 iked ******** RECV message on fd_server(7) ********        Debug
2013-05-22 16:43:10 iked RECV cmd=7, xpath=/ping (status:1, action:2, notification:5, wgcmd:7)        Debug
2013-05-22 16:43:10 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:43:10 sessiond sessiond: wgapi: rcved cmd=7 '/ping' fromIPC=2758 serial=80B00541A878C         Debug
2013-05-22 16:43:11 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:43:11 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:43:11 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:43:11 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:43:11 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:43:11 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:43:11 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:43:11 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:43:11 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:43:11 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:43:11 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:43:11 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:43:12 iked ******** RECV message on fd_server(7) ********        Debug
2013-05-22 16:43:12 iked RECV cmd=1, xpath=/vpn/ike_policy_group/list (status:1, action:2, notification:5, wgcmd:7)        Debug
2013-05-22 16:43:12 iked ike_handle_status: called for /vpn/ike_policy_group/list        Debug
2013-05-22 16:43:12 iked ike_handle_action_status:--> called for /vpn/ike_policy_group/list        Debug
2013-05-22 16:43:12 iked Get IKE Policy List Request Msg        Debug
2013-05-22 16:43:12 iked 3 IKE policy groups copied. total length 2496 bytes         Debug
2013-05-22 16:43:12 iked Get IKE Policy List Request Msg        Debug
2013-05-22 16:43:12 iked 3 IKE policy groups copied. total length 2496 bytes         Debug
2013-05-22 16:43:12 iked ike_handle_action_status:<-- Response length:2504 rc:0        Debug
2013-05-22 16:43:12 iked sending response to 400ab7 (id: 16280l) with return code 0. Data len: 2504        Debug
2013-05-22 16:43:12 ikestubd Received query (id: 16280, xpath: /ike/gateway/list)        Debug
2013-05-22 16:43:13 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:43:13 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/list' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:43:13 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/list          Debug
2013-05-22 16:43:19 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:43:19 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:43:19 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:43:19 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:43:19 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:43:19 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:43:19 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:43:19 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:43:19 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:43:19 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:43:19 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/total' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:43:19 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/total          Debug
2013-05-22 16:43:20 iked ******** RECV message on fd_server(7) ********        Debug
2013-05-22 16:43:20 iked RECV cmd=1, xpath=/vpn/ike_policy_group/list (status:1, action:2, notification:5, wgcmd:7)        Debug
2013-05-22 16:43:20 iked ike_handle_status: called for /vpn/ike_policy_group/list        Debug
2013-05-22 16:43:20 iked ike_handle_action_status:--> called for /vpn/ike_policy_group/list        Debug
2013-05-22 16:43:20 iked Get IKE Policy List Request Msg        Debug
2013-05-22 16:43:20 iked 3 IKE policy groups copied. total length 2496 bytes         Debug
2013-05-22 16:43:20 iked Get IKE Policy List Request Msg        Debug
2013-05-22 16:43:20 iked 3 IKE policy groups copied. total length 2496 bytes         Debug
2013-05-22 16:43:20 iked ike_handle_action_status:<-- Response length:2504 rc:0        Debug
2013-05-22 16:43:20 iked sending response to 400ab7 (id: 16281l) with return code 0. Data len: 2504        Debug
2013-05-22 16:43:20 ikestubd Received query (id: 16281, xpath: /ike/gateway/list)        Debug
2013-05-22 16:43:21 sessiond sessiond: sessiond WGAPI call         Debug
2013-05-22 16:43:21 sessiond sessiond: wgapi: rcved cmd=1 '/authentication/list' fromIPC=2739 serial=80B00541A878C         Debug
2013-05-22 16:43:21 sessiond sessiond: get into sess_prcs_status(): xpath=/authentication/list          Debug
0
Comment
Question by:ahmzb1990
1 Comment
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
Comment Utility
2013-05-22 16:42:28 iked StartMainMode: failed to send out 1st msg        Debug
2013-05-22 16:42:28 iked StartNegotiation : failed to start phase 1 negotiation        Debug

Above logs indicate that phase I negotiations failed; please check and ensure that all the settings match at both the ends.

More details on physical setup would help too!

Thank you.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
Some of you may have heard that SonicWALL has finally released an app for iOS devices giving us long awaited connectivity for our iPhone's, iPod's, and iPad's. This guide is just a quick rundown on how to get up and running quickly using the app. …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now