I have problem with one of users trying to connect to ASL VPN.
VPN connection type is roadwarrior with X.509 key. I think that problem is on users computer (win 2003 server), because I checked connection from my comupter (win 2000) with same key and username, and everything worked perfectly.
Clients on both comupters are native windows VPN clients.
I don't have access to users computer, so I cannot check it.
Here is log of connection:
pluto[4428]: packet from 193.2.123.45:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
pluto[4428]: packet from 193.2.123.45:500: ignoring Vendor ID payload [72872b95fcda2eb7...]
pluto[4428]: packet from 193.2.123.45:500: ignoring Vendor ID payload [FRAGMENTATION]
pluto[4428]: packet from 193.2.123.45:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
pluto[4428]: packet from 193.2.123.45:500: ignoring Vendor ID payload [26244d38eddb61b3...]
pluto[4428]: "S_fov__l2tp_1"[5] 193.2.123.45 #323: responding to Main Mode from unknown peer 193.2.123.45
pluto[4428]: "S_fov__l2tp_1"[5] 193.2.123.45 #323: transition from state (null) to state STATE_MAIN_R1
pluto[4428]: "S_fov__l2tp_1"[5] 193.2.123.45 #323: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected
pluto[4428]: "S_fov__l2tp_1"[5] 193.2.123.45 #323: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
pluto[4428]: "S_fov__l2tp_1"[5] 193.2.123.45 #323: encrypted Informational Exchange message is invalid because it is for incomplete ISAKMP SA
pluto[4428]: "S_fov__l2tp_1"[5] 193.2.123.45 #323: max number of retransmissions (2) reached STATE_MAIN_R2
pluto[4428]: "S_fov__l2tp_1"[5] 193.2.123.45: deleting connection "S_fov__l2tp_1" instance with peer 193.2.123.45
Lines 2 and 5 are little bit strange to me, with working connections nothing similar appears in logs.
Any idea?
This thread was automatically locked due to age.