Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 0 replies
  • Subscribers 2 subscribers
  • Views 259 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multiple VPN-Connections Problem Net-to-Net &Roadw

Lamby
Hi,

 we use in our ASL a Net-to-Net VPN Connection. It works fine at least. But when I want to establish a Roadwarrior-VPN from Inside our ASL to an ASL  Outside. I couldn't connect to them. So I closed our Net-to-Net VPN and after that, the Roadwarrior works. I turned the Net-to-Net on, and now both VPNs working fine so far. 

Here the IPSec-Log from the ASL outside at time, the Roadwarrior doesn't work:


----------------------------------
packet from 80.129.49.84:500: ignoring Vendor ID payload [SSH Sentinel 1.4.1]
2004-Mar 12 11:25:15 (none) pluto[1171]: packet from 80.129.49.84:500: ignoring Vendor ID payload [draft-stenberg-ipsec-nat-traversal-02]
2004-Mar 12 11:25:15 (none) pluto[1171]: packet from 80.129.49.84:500: ignoring Vendor ID payload [draft-stenberg-ipsec-nat-traversal-01]
2004-Mar 12 11:25:15 (none) pluto[1171]: packet from 80.129.49.84:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
2004-Mar 12 11:25:15 (none) pluto[1171]: packet from 80.129.49.84:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2004-Mar 12 11:25:15 (none) pluto[1171]: packet from 80.129.49.84:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
2004-Mar 12 11:25:15 (none) pluto[1171]: packet from 80.129.49.84:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
2004-Mar 12 11:25:15 (none) pluto[1171]: packet from 80.129.49.84:500: ignoring Vendor ID payload [XAUTH]
2004-Mar 12 11:25:15 (none) pluto[1171]: "CND-VPN_1"[2] 80.129.49.84 #2: responding to Main Mode from unknown peer 80.129.49.84
2004-Mar 12 11:25:15 (none) pluto[1171]: "CND-VPN_1"[2] 80.129.49.84 #2: policy does not allow OAKLEY_RSA_SIG authentication.  Attribute OAKLEY_AUTHENTICATION_METHOD
2004-Mar 12 11:25:15 (none) pluto[1171]: "CND-VPN_1"[2] 80.129.49.84 #2: no acceptable Oakley Transform
2004-Mar 12 11:25:15 (none) pluto[1171]: "CND-VPN_1"[2] 80.129.49.84 #2: sending notification NO_PROPOSAL_CHOSEN to 80.129.49.84:500
2004-Mar 12 11:25:15 (none) pluto[1171]: "CND-VPN_1"[2] 80.129.49.84: deleting connection "CND-VPN_1" instance with peer 80.129.49.84

-------------------------------------------

Could someone explain me this failure?? [:S]
I will not hope, that this problem comes again.

Regards,
Martin  

PS: On the Net-to-Net we use RSA and on Roadwarrior x.509  


This thread was automatically locked due to age.