This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPsec not work

Hello All!
I want to understand, VPN IPSec:
If your client machine is behind a Nat device....IPsec will not work
this is true?
If so, then nothing can be done?

This thread was automatically locked due to age.

Parents

0 creativity over 13 years ago

is it just me such problems with VPN?
what is it [:(]
Now with L2TP Over IPSec does not work, did exactly how in the instructions
https://support.astaro.com/support/images/0/00/Remote_Access_Guide-L2TP_over_IPsec-v1.001-EN.pdf


2011:09:26-03:21:39 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xcaccc73a (perhaps this is a duplicated packet)
2011:09:26-03:21:39 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:21:43 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xcaccc73a (perhaps this is a duplicated packet)
2011:09:26-03:21:43 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:21:51 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xcaccc73a (perhaps this is a duplicated packet)
2011:09:26-03:21:51 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:22:07 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xcaccc73a (perhaps this is a duplicated packet)
2011:09:26-03:22:07 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:22:39 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: received Delete SA payload: deleting ISAKMP State #4
2011:09:26-03:22:39 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500: deleting connection "S_REF_umuHINYXyz" instance with peer 84.94.16.28 {isakmp=#0/ipsec=#0}
2011:09:26-03:49:27 peit pluto[32320]: packet from 84.94.16.28:500: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
2011:09:26-03:49:27 peit pluto[32320]: packet from 84.94.16.28:500: ignoring Vendor ID payload [FRAGMENTATION]
2011:09:26-03:49:27 peit pluto[32320]: packet from 84.94.16.28:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2011:09:26-03:49:27 peit pluto[32320]: packet from 84.94.16.28:500: ignoring Vendor ID payload [Vid-Initial-Contact]
2011:09:26-03:49:27 peit pluto[32320]: "S_REF_umuHINYXyz"[9] 84.94.16.28 #5: responding to Main Mode from unknown peer 84.94.16.28
2011:09:26-03:49:27 peit pluto[32320]: "S_REF_umuHINYXyz"[9] 84.94.16.28 #5: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[9] 84.94.16.28 #5: Peer ID is ID_FQDN: 'user-6ad269b022'
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28 #5: deleting connection "S_REF_umuHINYXyz" instance with peer 84.94.16.28 {isakmp=#0/ipsec=#0}
2011:09:26-03:49:28 peit pluto[32320]: | NAT-T: new mapping 84.94.16.28:500/4500)
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sent MR3, ISAKMP SA established
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: cannot respond to IPsec SA request because no connection is known for 84.108.31.110/32===192.168.10.103:4500[192.168.10.103]:17/1701...84.94.16.28:4500[user-6ad269b022]:17/%any
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sending encrypted notification INVALID_ID_INFORMATION to 84.94.16.28:4500
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x58be4811 (perhaps this is a duplicated packet)
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:49:30 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x58be4811 (perhaps this is a duplicated packet)
2011:09:26-03:49:30 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:49:34 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x58be4811 (perhaps this is a duplicated packet)
2011:09:26-03:49:34 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:49:42 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x58be4811 (perhaps this is a duplicated packet)
2011:09:26-03:49:42 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:49:58 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x58be4811 (perhaps this is a duplicated packet)
2011:09:26-03:49:58 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:50:30 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: received Delete SA payload: deleting ISAKMP State #5
2011:09:26-03:50:30 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500: deleting connection "S_REF_umuHINYXyz" instance with peer 84.94.16.28 {isakmp=#0/ipsec=#0}

hands do not curves, that this time the wrong ?

Reply

0 creativity over 13 years ago


2011:09:26-03:21:39 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xcaccc73a (perhaps this is a duplicated packet)
2011:09:26-03:21:39 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:21:43 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xcaccc73a (perhaps this is a duplicated packet)
2011:09:26-03:21:43 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:21:51 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xcaccc73a (perhaps this is a duplicated packet)
2011:09:26-03:21:51 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:22:07 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xcaccc73a (perhaps this is a duplicated packet)
2011:09:26-03:22:07 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:22:39 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500 #4: received Delete SA payload: deleting ISAKMP State #4
2011:09:26-03:22:39 peit pluto[32320]: "S_REF_umuHINYXyz"[8] 84.94.16.28:4500: deleting connection "S_REF_umuHINYXyz" instance with peer 84.94.16.28 {isakmp=#0/ipsec=#0}
2011:09:26-03:49:27 peit pluto[32320]: packet from 84.94.16.28:500: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
2011:09:26-03:49:27 peit pluto[32320]: packet from 84.94.16.28:500: ignoring Vendor ID payload [FRAGMENTATION]
2011:09:26-03:49:27 peit pluto[32320]: packet from 84.94.16.28:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2011:09:26-03:49:27 peit pluto[32320]: packet from 84.94.16.28:500: ignoring Vendor ID payload [Vid-Initial-Contact]
2011:09:26-03:49:27 peit pluto[32320]: "S_REF_umuHINYXyz"[9] 84.94.16.28 #5: responding to Main Mode from unknown peer 84.94.16.28
2011:09:26-03:49:27 peit pluto[32320]: "S_REF_umuHINYXyz"[9] 84.94.16.28 #5: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[9] 84.94.16.28 #5: Peer ID is ID_FQDN: 'user-6ad269b022'
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28 #5: deleting connection "S_REF_umuHINYXyz" instance with peer 84.94.16.28 {isakmp=#0/ipsec=#0}
2011:09:26-03:49:28 peit pluto[32320]: | NAT-T: new mapping 84.94.16.28:500/4500)
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sent MR3, ISAKMP SA established
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: cannot respond to IPsec SA request because no connection is known for 84.108.31.110/32===192.168.10.103:4500[192.168.10.103]:17/1701...84.94.16.28:4500[user-6ad269b022]:17/%any
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sending encrypted notification INVALID_ID_INFORMATION to 84.94.16.28:4500
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x58be4811 (perhaps this is a duplicated packet)
2011:09:26-03:49:28 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:49:30 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x58be4811 (perhaps this is a duplicated packet)
2011:09:26-03:49:30 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:49:34 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x58be4811 (perhaps this is a duplicated packet)
2011:09:26-03:49:34 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:49:42 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x58be4811 (perhaps this is a duplicated packet)
2011:09:26-03:49:42 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:49:58 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x58be4811 (perhaps this is a duplicated packet)
2011:09:26-03:49:58 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: sending encrypted notification INVALID_MESSAGE_ID to 84.94.16.28:4500
2011:09:26-03:50:30 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500 #5: received Delete SA payload: deleting ISAKMP State #5
2011:09:26-03:50:30 peit pluto[32320]: "S_REF_umuHINYXyz"[10] 84.94.16.28:4500: deleting connection "S_REF_umuHINYXyz" instance with peer 84.94.16.28 {isakmp=#0/ipsec=#0}

hands do not curves, that this time the wrong ?

Children

No Data