Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 1144 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

uTM 9.004-34 and IOS 6

kernel_wall
Hello all,

i tried what i found on the forum but looks like i missed something, my VPN cisco IPSE is not working anymore when it is still working on my ipad with an older OS Version. here is the log i get in IPSEC logs :


2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: received Vendor ID payload [RFC 3947]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [4df37928e9fc4fd1b3262170d515c662]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: received Vendor ID payload [XAUTH]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [Cisco-Unity]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [FRAGMENTATION 80000000]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: received Vendor ID payload [Dead Peer Detection]
2013:01:29-21:14:52 R-HOME01 pluto[5041]: "D_for USERNAME to Internal (Network)"[3] 80.214.8.223 #16: responding to Main Mode from unknown peer 80.214.8.223
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: received Vendor ID payload [RFC 3947]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [4df37928e9fc4fd1b3262170d515c662]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: received Vendor ID payload [XAUTH]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [Cisco-Unity]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: ignoring Vendor ID payload [FRAGMENTATION 80000000]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: packet from 80.214.8.223:500: received Vendor ID payload [Dead Peer Detection]
2013:01:29-21:14:54 R-HOME01 pluto[5041]: "D_for USERNAME to Internal (Network)"[3] 80.214.8.223 #17: responding to Main Mode from unknown peer 80.214.8.223
2013:01:29-21:14:54 R-HOME01 pluto[5041]: "D_for USERNAME to Internal (Network)"[3] 80.214.8.223 #16: NAT-Traversal: Result using RFC 3947: peer is NATed
2013:01:29-21:14:55 R-HOME01 pluto[5041]: packet from 80.214.8.182:4500: Main Mode message is part of an unknown exchange
2013:01:29-21:14:55 R-HOME01 pluto[5041]: packet from 80.214.8.182:4500: Main Mode message is part of an unknown exchange
2013:01:29-21:14:58 R-HOME01 pluto[5041]: packet from 80.214.8.182:4500: Main Mode message is part of an unknown exchange
2013:01:29-21:14:58 R-HOME01 pluto[5041]: packet from 80.214.8.182:4500: Main Mode message is part of an unknown exchange
2013:01:29-21:15:01 R-HOME01 pluto[5041]: packet from 80.214.8.182:4500: Main Mode message is part of an unknown exchange
2013:01:29-21:15:01 R-HOME01 pluto[5041]: packet from 80.214.8.182:4500: Main Mode message is part of an unknown exchange
2013:01:29-21:15:05 R-HOME01 pluto[5041]: packet from 80.214.8.182:4500: Main Mode message is part of an unknown exchange
2013:01:29-21:15:05 R-HOME01 pluto[5041]: packet from 80.214.8.182:4500: Main Mode message is part of an unknown exchange
2013:01:29-21:15:05 R-HOME01 pluto[5041]: packet from 80.214.8.182:4500: Main Mode message is part of an unknown exchange
2013:01:29-21:15:05 R-HOME01 pluto[5041]: packet from 80.214.8.182:4500: Main Mode message is part of an unknown exchange
2013:01:29-21:15:17 R-HOME01 pluto[5041]: packet from 80.214.8.182:4500: Main Mode message is part of an unknown exchange
2013:01:29-21:15:17 R-HOME01 pluto[5041]: packet from 80.214.8.182:4500: Main Mode message is part of an unknown exchange
2013:01:29-21:16:04 R-HOME01 pluto[5041]: "D_for USERNAME to Internal (Network)"[3] 80.214.8.223 #16: max number of retransmissions (2) reached STATE_MAIN_R2
2013:01:29-21:16:04 R-HOME01 pluto[5041]: "D_for USERNAME to Internal (Network)"[3] 80.214.8.223 #17: max number of retransmissions (2) reached STATE_MAIN_R1
2013:01:29-21:16:04 R-HOME01 pluto[5041]: "D_for USERNAME to Internal (Network)"[3] 80.214.8.223: deleting connection "D_for USERNAME to Internal (Network)"[3] instance with peer 80.214.8.223 {isakmp=#0/ipsec=#0}



someone can help ? i'm completely lost and i really would like to have my iphone able to vpn in my system.

Cheers
Flo


This thread was automatically locked due to age.
Parents
  • 0
    Hi,

    same problem here with iOS6 and UTM9. I have created a new 2048Bit Certificate (VPN ID Hostname, field Hostname and Common Name = external FQDN firewall.domain.com) und changed in the Pulldownmenu the local X509 Cert with the new one. Deleted Profiles and Certificates on my IPhone, connected to User Portal and installed iOS VPN Config on my IPhone.
    That worked for me.


    Regards
    Torsten
Reply
  • 0
    Hi,

    same problem here with iOS6 and UTM9. I have created a new 2048Bit Certificate (VPN ID Hostname, field Hostname and Common Name = external FQDN firewall.domain.com) und changed in the Pulldownmenu the local X509 Cert with the new one. Deleted Profiles and Certificates on my IPhone, connected to User Portal and installed iOS VPN Config on my IPhone.
    That worked for me.


    Regards
    Torsten
Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?