Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 484 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Secure Client Connects-Almost

ChaoticRyan
hello,

I am having a weird issue. When I setup a ASC connection and use the *.ini file, the connection works fine. If I go into the configuration, add the remote network, the connection fails with Invalid_ID.

Here is the success:

8/22/2005 7:02:38 AM  IPSDIALCHAN::start building connection
8/22/2005 7:02:38 AM  NCPIKE-phase1:name(Office) - outgoing connect request - main mode.
8/22/2005 7:02:38 AM  XMIT_MSG1_MAIN - Office
8/22/2005 7:02:38 AM  RECV_MSG2_MAIN - Office
8/22/2005 7:02:38 AM  IKE phase I: Setting LifeTime to 7800 seconds
8/22/2005 7:02:38 AM  Office ->Support for NAT-T version - 3
8/22/2005 7:02:38 AM  XMIT_MSG3_MAIN - Office
8/22/2005 7:02:38 AM  IPSDIAL->FINAL_TUNNEL_ENDPOINT:XXX.XXX.XXX.XXX
8/22/2005 7:02:38 AM  RECV_MSG4_MAIN - Office
8/22/2005 7:02:38 AM  Turning on NATD mode - Office - 1
8/22/2005 7:02:38 AM  XMIT_MSG5_MAIN - Office
8/22/2005 7:02:38 AM  XMIT_MSG5_MAIN_RESUME - Office
8/22/2005 7:02:38 AM  RECV_MSG6_MAIN - Office
8/22/2005 7:02:38 AM  RECV_MSG6_MAIN_RESUME - Office
8/22/2005 7:02:38 AM  NCPIKE-phase1:name(Office) - connected
8/22/2005 7:02:38 AM  XMIT_MSG1_QUICK - Office
8/22/2005 7:02:39 AM  RECV_MSG2_QUICK - Office
8/22/2005 7:02:39 AM  XMIT_MSG3_QUICK - Office
8/22/2005 7:02:39 AM  NCPIKE-phase2:name(Office) - connected
8/22/2005 7:02:39 AM  IPSDIAL  - connected to Office on channel 1.
8/22/2005 7:02:39 AM  IPCP  - connected to Office with IP Address: 172.016.021.101. : 172.016.021.102.

Now here is the failure:
8/22/2005 7:09:50 AM  IPSDIALCHAN::start building connection
8/22/2005 7:09:50 AM  NCPIKE-phase1:name(Office) - outgoing connect request - main mode.
8/22/2005 7:09:50 AM  XMIT_MSG1_MAIN - Office
8/22/2005 7:09:50 AM  RECV_MSG2_MAIN - Office
8/22/2005 7:09:50 AM  IKE phase I: Setting LifeTime to 7800 seconds
8/22/2005 7:09:50 AM  Office ->Support for NAT-T version - 3
8/22/2005 7:09:50 AM  XMIT_MSG3_MAIN - Office
8/22/2005 7:09:50 AM  IPSDIAL->FINAL_TUNNEL_ENDPOINT:XXX.XXX.XXX.XXX
8/22/2005 7:09:51 AM  RECV_MSG4_MAIN - Office
8/22/2005 7:09:51 AM  Turning on NATD mode - Office - 1
8/22/2005 7:09:51 AM  XMIT_MSG5_MAIN - Office
8/22/2005 7:09:51 AM  XMIT_MSG5_MAIN_RESUME - Office
8/22/2005 7:09:51 AM  RECV_MSG6_MAIN - Office
8/22/2005 7:09:51 AM  RECV_MSG6_MAIN_RESUME - Office
8/22/2005 7:09:51 AM  NCPIKE-phase1:name(Office) - connected
8/22/2005 7:09:51 AM  XMIT_MSG1_QUICK - Office
8/22/2005 7:09:51 AM  NOTIFY : Office : RECEIVED : INVALID_ID_INFORMATION

Thanks for any help,

ChaoticRyan


This thread was automatically locked due to age.
  • 0
    More info:

    If I change the remote networks from:
    192.168.10.0,255.255.255.0
    to:
    192.168.10.0,0.0.0.0 or 255.255.255.255

    the client will connect, but obviously, there is no ability to access the remote network.

    Thanks again,
    ChaoticRyan
  • 0 in reply to ChaoticRyan
    Thanks,

    I found the issue. It appears that SSH Sentinal would connect to ASL if the local network for the connection was set to Any; ASC however, only connects if that connection is set to the network that the LAN is on.

    Does this seem correct?

    For Example:

    Connection Defined as:

    local Endpoint: External Interface
    Remote Endpoint:Any
    Local Subnet: Internet Network
    Remote Subnet: Any

    Thank you,
    ChaoticRyan
Cookie Information Banner