[FUG-BR] IPSEC e ISAKMP
Matheus Cucoloto
matheuscucoloto em gmail.com
Quarta Setembro 24 15:01:01 BRT 2008
Alterei um monte, mudei as cripto e outras configuracoes agora
aparentemente a fase 1 passa mas depois começa a pipocar de novo,
veja o log o isakmpd:
144852.295219 Default isakmpd: phase 1 done: initiator id c8b45402:
100.1.1.2, responder id c9378c04: 100.1.1.1, src: 100.1.1.1 dst:
100.1.1.2
144852.430833 Default isakmpd: quick mode done: src: 100.1.1.1 dst: 100.1.1.2
144852.535963 Default message_parse_payloads: reserved field non-zero: ff
144852.535988 Default dropped message from 100.1.1.2 port 500 due to
notification type PAYLOAD_MALFORMED
144852.650157 Default message_parse_payloads: reserved field non-zero: ff
144852.650181 Default dropped message from 100.1.1.2 port 500 due to
notification type PAYLOAD_MALFORMED
Alguma dica?
OBS: Valeu Sergio
Segue a minha conf nova:
[General]
Retransmits= 5
Exchange-max-time= 120
Listen-on= 100.1.1.1
[Phase 1]
100.1.1.1= local-remote
[local-remote]
Phase= 1
Transport= udp
Local-address= 100.1.1.1
Address= 100.1.1.2
Configuration= Default-main-mode
Authentication= 123456
[Phase 2]
Connections= VPN-local-remote-10.9.2.0/255.255.255.0
[VPN-local-remote-10.9.2.0/255.255.255.0]
Phase= 2
ISAKMP-peer= local-remote
Configuration= Default-quick-mode
Local-ID= network-192.168.254.0/255.255.255.0
Remote-ID= network-10.9.2.0/255.255.255.0
[network-192.168.254.0/255.255.255.0]
ID-type= IPV4_ADDR_SUBNET
Network= 192.168.254.0
Netmask= 255.255.255.0
[network-10.9.2.0/255.255.255.0]
ID-type= IPV4_ADDR_SUBNET
Network= 10.9.2.0
Netmask= 255.255.255.0
[Default-main-mode]
DOI= IPSEC
EXCHANGE_TYPE= ID_PROT
Transforms= 3DES-SHA
[Default-quick-mode]
DOI= IPSEC
EXCHANGE_TYPE= QUICK_MODE
Suites= QM-ESP-3DES-SHA-PFS-GRP2-SUITE
--
Matheus Cucoloto
System Admin.
Net Admin.
Mais detalhes sobre a lista de discussão freebsd