Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 5 subscribers
  • Views 373 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SCC VPN Einwahl bringt UDP-Wartung

Gerald Werner

Wir haben eine Sophos XGS116w (SFOS 19.0.0 GA-Build317) und betreiben diese (leider notwendigerweise) hinter einem Lancom Router. 

Dieser Lancom muss wegen Telefonie als erster Stelle stehen. Wir haben dort Portweiterleitungen für 500 UDP und 4500 UDP sowie für das Userportal auf die Sophos weitergeleitet und die Firewall angepasst.

Wir können uns von Extern an der Sophos anmelden. Eine Einwahl über den Sophos Connect Client (SCC) auf die Sophos klappt auch (fast).

Die Verbindung wird aufgebaut und ist nutzbar. Allerdings erscheint vor dem Aufbau der Verbindung die Warnmeldung "Verbindung schlägt möglicherweise fehl. Der UDP-Port für IKE ist offenbar blockiert". 

Woher kann diese Meldung kommen? Wir können im Protokoll keinen Fehler feststellen. 

Wenn die Meldung nur "informativ ist", dann die Frage: Wie kann ich sie ausschalten? 

Protokoll:

2022-05-11 04:47:30PM 11[CFG] loaded certificate 'C=DE, ST=Bayern, L=Forchheim, O=Steinhofer, OU=SCC, CN=info@kanzlei-forchheim.de, E=info@kanzlei-forchheim.de'
2022-05-11 04:47:30PM 10[CFG] loaded RSA private key
2022-05-11 04:47:30PM 14[CFG] loaded EAP shared key with id 'Kunde-user-id' for: 'db'
2022-05-11 04:47:32PM 08[LIB] TAP-Windows driver version 1.0 available.
2022-05-11 04:47:32PM 29[KNL] interface 14 'Sophos TAP Adapter' changed state from Down to Up
2022-05-11 04:47:34PM 08[CFG] added vici connection: Kunde
2022-05-11 04:47:34PM 09[CFG] vici initiate CHILD_SA 'Kunde-tunnel-1'
2022-05-11 04:47:34PM 14[IKE] <Kunde|8> initiating Main Mode IKE_SA Kunde[8] to 185.230.86.214
2022-05-11 04:47:34PM 14[ENC] <Kunde|8> generating ID_PROT request 0 [ SA V V V V V ]
2022-05-11 04:47:34PM 14[NET] <Kunde|8> sending packet: from 192.168.1.234[59385] to 185.230.86.214[500] (180 bytes)
2022-05-11 04:47:34PM 08[NET] <Kunde|8> received packet: from 185.230.86.214[500] to 192.168.1.234[59385] (180 bytes)
2022-05-11 04:47:34PM 08[ENC] <Kunde|8> parsed ID_PROT response 0 [ SA V V V V V ]
2022-05-11 04:47:34PM 08[IKE] <Kunde|8> received XAuth vendor ID
2022-05-11 04:47:34PM 08[IKE] <Kunde|8> received DPD vendor ID
2022-05-11 04:47:34PM 08[IKE] <Kunde|8> received Cisco Unity vendor ID
2022-05-11 04:47:34PM 08[IKE] <Kunde|8> received FRAGMENTATION vendor ID
2022-05-11 04:47:34PM 08[IKE] <Kunde|8> received NAT-T (RFC 3947) vendor ID
2022-05-11 04:47:34PM 08[CFG] <Kunde|8> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/ECP_521
2022-05-11 04:47:35PM 08[ENC] <Kunde|8> generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
2022-05-11 04:47:35PM 08[NET] <Kunde|8> sending packet: from 192.168.1.234[59385] to 185.230.86.214[500] (336 bytes)
2022-05-11 04:47:35PM 13[NET] <Kunde|8> received packet: from 185.230.86.214[500] to 192.168.1.234[59385] (336 bytes)
2022-05-11 04:47:35PM 13[ENC] <Kunde|8> parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
2022-05-11 04:47:35PM 13[IKE] <Kunde|8> local host is behind NAT, sending keep alives
2022-05-11 04:47:35PM 13[IKE] <Kunde|8> remote host is behind NAT
2022-05-11 04:47:35PM 13[IKE] <Kunde|8> sending cert request for "C=NA, ST=NA, L=NA, O=NA, OU=NA, CN=Default_CA_gqR2er7jjN00oTZ, E=na@example.com"
2022-05-11 04:47:35PM 13[IKE] <Kunde|8> authentication of 'info@kanzlei-forchheim.de' (myself) successful
2022-05-11 04:47:35PM 13[ENC] <Kunde|8> generating ID_PROT request 0 [ ID SIG CERTREQ N(INITIAL_CONTACT) ]
2022-05-11 04:47:35PM 13[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (492 bytes)
2022-05-11 04:47:35PM 07[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (1248 bytes)
2022-05-11 04:47:35PM 07[ENC] <Kunde|8> parsed ID_PROT response 0 [ FRAG(1) ]
2022-05-11 04:47:35PM 07[ENC] <Kunde|8> received fragment #1, waiting for complete IKE message
2022-05-11 04:47:35PM 08[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (124 bytes)
2022-05-11 04:47:35PM 08[IKE] <Kunde|8> queueing TRANSACTION request as tasks still active
2022-05-11 04:47:35PM 16[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (420 bytes)
2022-05-11 04:47:35PM 16[ENC] <Kunde|8> parsed ID_PROT response 0 [ FRAG(2/2) ]
2022-05-11 04:47:35PM 16[ENC] <Kunde|8> received fragment #2, reassembled fragmented IKE message (1596 bytes)
2022-05-11 04:47:35PM 13[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (1596 bytes)
2022-05-11 04:47:35PM 13[ENC] <Kunde|8> parsed ID_PROT response 0 [ ID CERT SIG ]
2022-05-11 04:47:35PM 13[IKE] <Kunde|8> received end entity cert "C=DE, ST=Bayern, L=Forchheim, O=Steinhofer, OU=SCC, CN=vpn.kanzlei-forchheim.de, E=info@kanzlei-forchheim.de"
2022-05-11 04:47:35PM 13[CFG] <Kunde|8> using certificate "C=DE, ST=Bayern, L=Forchheim, O=Steinhofer, OU=SCC, CN=vpn.kanzlei-forchheim.de, E=info@kanzlei-forchheim.de"
2022-05-11 04:47:35PM 13[CFG] <Kunde|8> using trusted ca certificate "C=NA, ST=NA, L=NA, O=NA, OU=NA, CN=Default_CA_gqR2er7jjN00oTZ, E=na@example.com"
2022-05-11 04:47:35PM 13[CFG] <Kunde|8> reached self-signed root ca with a path length of 0
2022-05-11 04:47:35PM 13[IKE] <Kunde|8> authentication of 'vpn.kanzlei-forchheim.de' with RSA_EMSA_PKCS1_NULL successful
2022-05-11 04:47:35PM 13[ENC] <Kunde|8> parsed TRANSACTION request 2137997563 [ HASH CPRQ(X_USER X_PWD) ]
2022-05-11 04:47:35PM 13[ENC] <Kunde|8> generating TRANSACTION response 2137997563 [ HASH CPRP(X_USER X_PWD) ]
2022-05-11 04:47:35PM 13[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (140 bytes)
2022-05-11 04:47:35PM 07[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (124 bytes)
2022-05-11 04:47:35PM 07[ENC] <Kunde|8> parsed TRANSACTION request 4203878765 [ HASH CPS(X_STATUS) ]
2022-05-11 04:47:35PM 07[IKE] <Kunde|8> XAuth authentication of 'db' (myself) successful
2022-05-11 04:47:35PM 07[IKE] <Kunde|8> IKE_SA Kunde[8] established between 192.168.1.234[info@kanzlei-forchheim.de]...185.230.86.214[vpn.kanzlei-forchheim.de]
2022-05-11 04:47:35PM 07[IKE] <Kunde|8> scheduling rekeying in 30317s
2022-05-11 04:47:35PM 07[IKE] <Kunde|8> maximum IKE_SA lifetime 33377s
2022-05-11 04:47:35PM 07[ENC] <Kunde|8> generating TRANSACTION response 4203878765 [ HASH CPA(X_STATUS) ]
2022-05-11 04:47:35PM 07[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (124 bytes)
2022-05-11 04:47:35PM 07[ENC] <Kunde|8> generating TRANSACTION request 1914366084 [ HASH CPRQ(ADDR DNS) ]
2022-05-11 04:47:35PM 07[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (124 bytes)
2022-05-11 04:47:35PM 12[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (140 bytes)
2022-05-11 04:47:35PM 12[ENC] <Kunde|8> parsed TRANSACTION response 1914366084 [ HASH CPRP(ADDR DNS DNS) ]
2022-05-11 04:47:35PM 12[IKE] <Kunde|8> Adding DNS server 10.6.10.4 to the TAP adapter
2022-05-11 04:47:35PM 12[IKE] <Kunde|8> 10.6.10.4 not in servers list, doing add
2022-05-11 04:47:35PM 12[IKE] <Kunde|8> DNS server IP address 10.6.10.4 is already in the DNS server list
2022-05-11 04:47:35PM 12[IKE] <Kunde|8> Adding DNS server 10.6.10.254 to the TAP adapter
2022-05-11 04:47:35PM 12[IKE] <Kunde|8> 10.6.10.254 not in servers list, doing add
2022-05-11 04:47:35PM 12[IKE] <Kunde|8> DNS server IP address 10.6.10.254 is already in the DNS server list
2022-05-11 04:47:35PM 12[IKE] <Kunde|8> installing new virtual IP 10.82.234.101 on interface {2A800BDB-E319-426D-8BA3-9449445967C4}
2022-05-11 04:47:35PM 12[KNL] <Kunde|8> Adding virtual IP 10.82.234.101
2022-05-11 04:47:35PM 12[KNL] <Kunde|8> 10.82.234.101 added to addresses list
2022-05-11 04:47:35PM 12[KNL] <Kunde|8> 10.82.234.101 is not yet assigned to the virtual adapter - adding
2022-05-11 04:47:35PM 12[ENC] <Kunde|8> generating QUICK_MODE request 3243120532 [ HASH SA No KE ID ID ]
2022-05-11 04:47:35PM 12[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (364 bytes)
2022-05-11 04:47:35PM 14[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (364 bytes)
2022-05-11 04:47:35PM 14[ENC] <Kunde|8> parsed QUICK_MODE response 3243120532 [ HASH SA No KE ID ID ]
2022-05-11 04:47:35PM 14[CFG] <Kunde|8> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_512_256/ECP_521/NO_EXT_SEQ
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-1{15} state change: CREATED => INSTALLING
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> using AES_CBC for encryption
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> using HMAC_SHA2_512_256 for integrity
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> adding inbound ESP SA
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> SPI 0xc1c53e7a, src 185.230.86.214 dst 192.168.1.234
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> adding outbound ESP SA
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> SPI 0xcf916b16, src 192.168.1.234 dst 185.230.86.214
2022-05-11 04:47:35PM 14[KNL] <Kunde|8> installing route 5.175.5.37/32 src 10.82.234.101 gateway 169.254.128.128 dev {C6E7C608-4951-4554-AD7F-C4675EDDA44E}
2022-05-11 04:47:35PM 14[IKE] <Kunde|8> CHILD_SA Kunde-tunnel-1{15} established with SPIs c1c53e7a_i cf916b16_o and TS 10.82.234.101/32 === 5.175.5.37/32
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-1{15} state change: INSTALLING => INSTALLED
2022-05-11 04:47:35PM 14[ENC] <Kunde|8> generating QUICK_MODE request 3243120532 [ HASH ]
2022-05-11 04:47:35PM 14[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (108 bytes)
2022-05-11 04:47:35PM 16[CFG] vici initiate CHILD_SA 'Kunde-tunnel-2'
2022-05-11 04:47:35PM 10[ENC] <Kunde|8> generating QUICK_MODE request 3745882811 [ HASH SA No KE ID ID ]
2022-05-11 04:47:35PM 10[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (364 bytes)
2022-05-11 04:47:35PM 14[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (364 bytes)
2022-05-11 04:47:35PM 14[ENC] <Kunde|8> parsed QUICK_MODE response 3745882811 [ HASH SA No KE ID ID ]
2022-05-11 04:47:35PM 14[CFG] <Kunde|8> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_512_256/ECP_521/NO_EXT_SEQ
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-2{16} state change: CREATED => INSTALLING
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> using AES_CBC for encryption
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> using HMAC_SHA2_512_256 for integrity
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> adding inbound ESP SA
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> SPI 0x28261255, src 185.230.86.214 dst 192.168.1.234
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> adding outbound ESP SA
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> SPI 0xce4a988c, src 192.168.1.234 dst 185.230.86.214
2022-05-11 04:47:35PM 14[KNL] <Kunde|8> installing route 10.6.10.11/32 src 10.82.234.101 gateway 169.254.128.128 dev {C6E7C608-4951-4554-AD7F-C4675EDDA44E}
2022-05-11 04:47:35PM 14[IKE] <Kunde|8> CHILD_SA Kunde-tunnel-2{16} established with SPIs 28261255_i ce4a988c_o and TS 10.82.234.101/32 === 10.6.10.11/32
2022-05-11 04:47:35PM 14[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-2{16} state change: INSTALLING => INSTALLED
2022-05-11 04:47:35PM 14[ENC] <Kunde|8> generating QUICK_MODE request 3745882811 [ HASH ]
2022-05-11 04:47:35PM 14[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (108 bytes)
2022-05-11 04:47:36PM 09[CFG] vici initiate CHILD_SA 'Kunde-tunnel-3'
2022-05-11 04:47:36PM 12[ENC] <Kunde|8> generating QUICK_MODE request 805456581 [ HASH SA No KE ID ID ]
2022-05-11 04:47:36PM 12[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (364 bytes)
2022-05-11 04:47:36PM 14[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (364 bytes)
2022-05-11 04:47:36PM 14[ENC] <Kunde|8> parsed QUICK_MODE response 805456581 [ HASH SA No KE ID ID ]
2022-05-11 04:47:36PM 14[CFG] <Kunde|8> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_512_256/ECP_521/NO_EXT_SEQ
2022-05-11 04:47:36PM 14[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-3{17} state change: CREATED => INSTALLING
2022-05-11 04:47:36PM 14[CHD] <Kunde|8> using AES_CBC for encryption
2022-05-11 04:47:36PM 14[CHD] <Kunde|8> using HMAC_SHA2_512_256 for integrity
2022-05-11 04:47:36PM 14[CHD] <Kunde|8> adding inbound ESP SA
2022-05-11 04:47:36PM 14[CHD] <Kunde|8> SPI 0xea654682, src 185.230.86.214 dst 192.168.1.234
2022-05-11 04:47:36PM 14[CHD] <Kunde|8> adding outbound ESP SA
2022-05-11 04:47:36PM 14[CHD] <Kunde|8> SPI 0xc8bda5b1, src 192.168.1.234 dst 185.230.86.214
2022-05-11 04:47:36PM 14[KNL] <Kunde|8> installing route 10.6.10.12/32 src 10.82.234.101 gateway 169.254.128.128 dev {C6E7C608-4951-4554-AD7F-C4675EDDA44E}
2022-05-11 04:47:36PM 14[IKE] <Kunde|8> CHILD_SA Kunde-tunnel-3{17} established with SPIs ea654682_i c8bda5b1_o and TS 10.82.234.101/32 === 10.6.10.12/32
2022-05-11 04:47:36PM 14[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-3{17} state change: INSTALLING => INSTALLED
2022-05-11 04:47:36PM 14[ENC] <Kunde|8> generating QUICK_MODE request 805456581 [ HASH ]
2022-05-11 04:47:36PM 14[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (108 bytes)
2022-05-11 04:47:36PM 10[CFG] vici initiate CHILD_SA 'Kunde-tunnel-4'
2022-05-11 04:47:36PM 16[ENC] <Kunde|8> generating QUICK_MODE request 808911064 [ HASH SA No KE ID ID ]
2022-05-11 04:47:36PM 16[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (364 bytes)
2022-05-11 04:47:36PM 12[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (364 bytes)
2022-05-11 04:47:36PM 12[ENC] <Kunde|8> parsed QUICK_MODE response 808911064 [ HASH SA No KE ID ID ]
2022-05-11 04:47:36PM 12[CFG] <Kunde|8> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_512_256/ECP_521/NO_EXT_SEQ
2022-05-11 04:47:36PM 12[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-4{18} state change: CREATED => INSTALLING
2022-05-11 04:47:36PM 12[CHD] <Kunde|8> using AES_CBC for encryption
2022-05-11 04:47:36PM 12[CHD] <Kunde|8> using HMAC_SHA2_512_256 for integrity
2022-05-11 04:47:36PM 12[CHD] <Kunde|8> adding inbound ESP SA
2022-05-11 04:47:36PM 12[CHD] <Kunde|8> SPI 0xd60a3bdb, src 185.230.86.214 dst 192.168.1.234
2022-05-11 04:47:36PM 12[CHD] <Kunde|8> adding outbound ESP SA
2022-05-11 04:47:36PM 12[CHD] <Kunde|8> SPI 0xc6343e0b, src 192.168.1.234 dst 185.230.86.214
2022-05-11 04:47:36PM 12[KNL] <Kunde|8> installing route 10.6.10.13/32 src 10.82.234.101 gateway 169.254.128.128 dev {C6E7C608-4951-4554-AD7F-C4675EDDA44E}
2022-05-11 04:47:36PM 12[IKE] <Kunde|8> CHILD_SA Kunde-tunnel-4{18} established with SPIs d60a3bdb_i c6343e0b_o and TS 10.82.234.101/32 === 10.6.10.13/32
2022-05-11 04:47:36PM 12[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-4{18} state change: INSTALLING => INSTALLED
2022-05-11 04:47:36PM 12[ENC] <Kunde|8> generating QUICK_MODE request 808911064 [ HASH ]
2022-05-11 04:47:36PM 12[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (108 bytes)
2022-05-11 04:47:36PM 07[CFG] vici initiate CHILD_SA 'Kunde-tunnel-5'
2022-05-11 04:47:36PM 08[ENC] <Kunde|8> generating QUICK_MODE request 3873230382 [ HASH SA No KE ID ID ]
2022-05-11 04:47:36PM 08[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (364 bytes)
2022-05-11 04:47:36PM 13[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (364 bytes)
2022-05-11 04:47:36PM 13[ENC] <Kunde|8> parsed QUICK_MODE response 3873230382 [ HASH SA No KE ID ID ]
2022-05-11 04:47:36PM 13[CFG] <Kunde|8> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_512_256/ECP_521/NO_EXT_SEQ
2022-05-11 04:47:36PM 13[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-5{19} state change: CREATED => INSTALLING
2022-05-11 04:47:36PM 13[CHD] <Kunde|8> using AES_CBC for encryption
2022-05-11 04:47:36PM 13[CHD] <Kunde|8> using HMAC_SHA2_512_256 for integrity
2022-05-11 04:47:36PM 13[CHD] <Kunde|8> adding inbound ESP SA
2022-05-11 04:47:36PM 13[CHD] <Kunde|8> SPI 0xe4019c9b, src 185.230.86.214 dst 192.168.1.234
2022-05-11 04:47:36PM 13[CHD] <Kunde|8> adding outbound ESP SA
2022-05-11 04:47:36PM 13[CHD] <Kunde|8> SPI 0xc7a94b99, src 192.168.1.234 dst 185.230.86.214
2022-05-11 04:47:36PM 13[KNL] <Kunde|8> installing route 10.6.10.4/32 src 10.82.234.101 gateway 169.254.128.128 dev {C6E7C608-4951-4554-AD7F-C4675EDDA44E}
2022-05-11 04:47:36PM 13[IKE] <Kunde|8> CHILD_SA Kunde-tunnel-5{19} established with SPIs e4019c9b_i c7a94b99_o and TS 10.82.234.101/32 === 10.6.10.4/32
2022-05-11 04:47:36PM 13[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-5{19} state change: INSTALLING => INSTALLED
2022-05-11 04:47:36PM 13[ENC] <Kunde|8> generating QUICK_MODE request 3873230382 [ HASH ]
2022-05-11 04:47:36PM 13[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (108 bytes)
2022-05-11 04:48:11PM 14[IKE] <Kunde|8> sending DPD request
2022-05-11 04:48:11PM 14[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 891565144 [ HASH N(DPD) ]
2022-05-11 04:48:11PM 14[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (140 bytes)
2022-05-11 04:48:11PM 07[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (140 bytes)
2022-05-11 04:48:11PM 07[ENC] <Kunde|8> parsed INFORMATIONAL_V1 request 2396195958 [ HASH N(DPD_ACK) ]
2022-05-11 04:48:29PM 08[IKE] <Kunde|8> sending DPD request
2022-05-11 04:48:29PM 08[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 174550216 [ HASH N(DPD) ]
2022-05-11 04:48:29PM 08[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (140 bytes)
2022-05-11 04:48:29PM 10[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (140 bytes)
2022-05-11 04:48:29PM 10[ENC] <Kunde|8> parsed INFORMATIONAL_V1 request 873192372 [ HASH N(DPD_ACK) ]
2022-05-11 04:49:07PM 29[KNL] 169.254.122.126 disappeared from interface 14 'Sophos TAP Adapter'
2022-05-11 04:49:29PM 12[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (140 bytes)
2022-05-11 04:49:29PM 12[ENC] <Kunde|8> parsed INFORMATIONAL_V1 request 162558584 [ HASH N(DPD) ]
2022-05-11 04:49:29PM 12[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 2923245449 [ HASH N(DPD_ACK) ]
2022-05-11 04:49:29PM 12[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (140 bytes)
2022-05-11 04:49:44PM 14[IKE] <Kunde|8> sending DPD request
2022-05-11 04:49:44PM 14[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 2009355486 [ HASH N(DPD) ]
2022-05-11 04:49:44PM 14[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (140 bytes)
2022-05-11 04:49:44PM 07[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (140 bytes)
2022-05-11 04:49:44PM 07[ENC] <Kunde|8> parsed INFORMATIONAL_V1 request 1323532025 [ HASH N(DPD_ACK) ]
2022-05-11 04:50:06PM 07[IKE] <Kunde|8> sending DPD request
2022-05-11 04:50:06PM 07[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 1471925923 [ HASH N(DPD) ]
2022-05-11 04:50:06PM 07[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (140 bytes)
2022-05-11 04:50:06PM 14[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (140 bytes)
2022-05-11 04:50:06PM 14[ENC] <Kunde|8> parsed INFORMATIONAL_V1 request 2361115201 [ HASH N(DPD_ACK) ]
2022-05-11 04:51:06PM 13[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (140 bytes)
2022-05-11 04:51:06PM 13[ENC] <Kunde|8> parsed INFORMATIONAL_V1 request 2376441178 [ HASH N(DPD) ]
2022-05-11 04:51:06PM 13[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 3583647898 [ HASH N(DPD_ACK) ]
2022-05-11 04:51:06PM 13[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (140 bytes)
2022-05-11 04:51:49PM 10[IKE] <Kunde|8> sending keep alive to 185.230.86.214[4500]
2022-05-11 04:51:52PM 10[IKE] <Kunde|8> sending DPD request
2022-05-11 04:51:52PM 10[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 3523243792 [ HASH N(DPD) ]
2022-05-11 04:51:52PM 10[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (140 bytes)
2022-05-11 04:51:52PM 13[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (140 bytes)
2022-05-11 04:51:52PM 13[ENC] <Kunde|8> parsed INFORMATIONAL_V1 request 3651614397 [ HASH N(DPD_ACK) ]
2022-05-11 04:52:16PM 07[IKE] <Kunde|8> sending DPD request
2022-05-11 04:52:16PM 07[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 1779864771 [ HASH N(DPD) ]
2022-05-11 04:52:16PM 07[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (140 bytes)
2022-05-11 04:52:16PM 10[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (140 bytes)
2022-05-11 04:52:16PM 10[ENC] <Kunde|8> parsed INFORMATIONAL_V1 request 1020734875 [ HASH N(DPD_ACK) ]
2022-05-11 04:52:31PM 16[IKE] <Kunde|8> sending DPD request
2022-05-11 04:52:31PM 16[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 827878491 [ HASH N(DPD) ]
2022-05-11 04:52:31PM 16[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (140 bytes)
2022-05-11 04:52:31PM 14[NET] <Kunde|8> received packet: from 185.230.86.214[4500] to 192.168.1.234[59386] (140 bytes)
2022-05-11 04:52:31PM 14[ENC] <Kunde|8> parsed INFORMATIONAL_V1 request 2467113411 [ HASH N(DPD_ACK) ]
2022-05-11 04:52:39PM 12[CFG] vici terminate IKE_SA 'Kunde'
2022-05-11 04:52:39PM 11[ESP] unsupported IP version
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-1{15} state change: INSTALLED => DELETING
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> closing CHILD_SA Kunde-tunnel-1{15} with SPIs c1c53e7a_i (0 bytes) cf916b16_o (0 bytes) and TS 10.82.234.101/32 === 5.175.5.37/32
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-1{15} state change: DELETING => DELETED
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-1{15} state change: DELETED => DESTROYING
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> sending DELETE for ESP CHILD_SA with SPI c1c53e7a
2022-05-11 04:52:39PM 11[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 1750050479 [ HASH D ]
2022-05-11 04:52:39PM 11[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (124 bytes)
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-2{16} state change: INSTALLED => DELETING
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> closing CHILD_SA Kunde-tunnel-2{16} with SPIs 28261255_i (1462941 bytes) ce4a988c_o (270749 bytes) and TS 10.82.234.101/32 === 10.6.10.11/32
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-2{16} state change: DELETING => DELETED
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-2{16} state change: DELETED => DESTROYING
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> sending DELETE for ESP CHILD_SA with SPI 28261255
2022-05-11 04:52:39PM 11[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 3915320058 [ HASH D ]
2022-05-11 04:52:39PM 11[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (124 bytes)
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-3{17} state change: INSTALLED => DELETING
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> closing CHILD_SA Kunde-tunnel-3{17} with SPIs ea654682_i (75978 bytes) c8bda5b1_o (8012 bytes) and TS 10.82.234.101/32 === 10.6.10.12/32
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-3{17} state change: DELETING => DELETED
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-3{17} state change: DELETED => DESTROYING
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> sending DELETE for ESP CHILD_SA with SPI ea654682
2022-05-11 04:52:39PM 11[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 202319307 [ HASH D ]
2022-05-11 04:52:39PM 11[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (124 bytes)
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-4{18} state change: INSTALLED => DELETING
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> closing CHILD_SA Kunde-tunnel-4{18} with SPIs d60a3bdb_i (0 bytes) c6343e0b_o (0 bytes) and TS 10.82.234.101/32 === 10.6.10.13/32
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-4{18} state change: DELETING => DELETED
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-4{18} state change: DELETED => DESTROYING
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> sending DELETE for ESP CHILD_SA with SPI d60a3bdb
2022-05-11 04:52:39PM 11[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 1981001365 [ HASH D ]
2022-05-11 04:52:39PM 11[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (124 bytes)
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-5{19} state change: INSTALLED => DELETING
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> closing CHILD_SA Kunde-tunnel-5{19} with SPIs e4019c9b_i (3955 bytes) c7a94b99_o (2300 bytes) and TS 10.82.234.101/32 === 10.6.10.4/32
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-5{19} state change: DELETING => DELETED
2022-05-11 04:52:39PM 11[CHD] <Kunde|8> CHILD_SA Kunde-tunnel-5{19} state change: DELETED => DESTROYING
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> sending DELETE for ESP CHILD_SA with SPI e4019c9b
2022-05-11 04:52:39PM 11[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 3042990206 [ HASH D ]
2022-05-11 04:52:39PM 11[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (124 bytes)
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> deleting IKE_SA Kunde[8] between 192.168.1.234[info@kanzlei-forchheim.de]...185.230.86.214[vpn.kanzlei-forchheim.de]
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> sending DELETE for IKE_SA Kunde[8]
2022-05-11 04:52:39PM 11[ENC] <Kunde|8> generating INFORMATIONAL_V1 request 2381900563 [ HASH D ]
2022-05-11 04:52:39PM 11[NET] <Kunde|8> sending packet: from 192.168.1.234[59386] to 185.230.86.214[4500] (140 bytes)
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> Removing DNS server 10.6.10.254 from the TAP adapter
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> 10.6.10.254 count is 0, doing remove
2022-05-11 04:52:39PM 30[KNL] interface 14 'Sophos TAP Adapter' changed state from Up to Down
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> Dns server IP address 10.6.10.254 is already not in the DNS server list
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> Removing DNS server 10.6.10.4 from the TAP adapter
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> 10.6.10.4 count is 0, doing remove
2022-05-11 04:52:39PM 11[IKE] <Kunde|8> Dns server IP address 10.6.10.4 is already not in the DNS server list
2022-05-11 04:52:39PM 11[KNL] <Kunde|8> Removing virtual IP 10.82.234.101
2022-05-11 04:52:39PM 11[KNL] <Kunde|8> 10.82.234.101 removed from addresses list
2022-05-11 04:52:39PM 11[KNL] <Kunde|8> 10.82.234.101 has been removed from the virtual adapter
2022-05-11 04:52:42PM 08[CFG] unloaded private key with id b715713ac2be164f5713fe7daa124efb5b73c67e
2022-05-11 04:52:42PM 07[CFG] unloaded shared key with id 'Kunde-user-id'



This thread was automatically locked due to age.
Parents
  • 0

    Die Meldung wird von der DPD ausgelöst. Diese wird wohl nicht beantwortet. In V19.0 kannst du das Profil editieren und die DPD deaktivieren. 

    __________________________________________________________________________________________________________________

Reply
  • 0

    Die Meldung wird von der DPD ausgelöst. Diese wird wohl nicht beantwortet. In V19.0 kannst du das Profil editieren und die DPD deaktivieren. 

    __________________________________________________________________________________________________________________

Children
No Data
Cookie Information Banner