Results 1 to 7 of 7
  1. #1
    Newbie
    Join Date
    Jun 2011
    Posts
    5

    Default Issue connecting to IPSec

    On the Untangle server, is there a way to check the log of failed login or connection attempts?

    I have my IPSec setup correctly, listening to Router, but I cant tell if my router is forwarding the request to server on port 500.

    Also when I connect my computer to the router and try connecting to server direct from inside, I get a different response saying "The connection was prevented because of a policy configured on your RAS/VPN Server.".

    Also tried changing my User ID and Password of user and same result.

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,655

    Default

    If the Untangle is the IPsec end point, then look at https://<your internal IP>/admin/index.do#service/ipsec-vpn/ipsec-log
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Newbie
    Join Date
    Jun 2011
    Posts
    5

    Default

    Quote Originally Posted by jcoffin View Post
    If the Untangle is the IPsec end point, then look at https://<your internal IP>/admin/index.do#service/ipsec-vpn/ipsec-log
    Getting following error when trying to connect from inside network:

    The connection was prevented because of a policy configured on your RAS/VPN Server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.

    I have included the IPSEC-Log as well.

    Aug 21 08:00:37 Wathan charon: 08[IKE] deleting IKE_SA VPN-L2TP-0[9] between 10.0.0.2[10.0.0.2]...192.168.100.13[192.168.100.13]
    Aug 21 08:00:37 Wathan charon: 08[IKE] deleting IKE_SA VPN-L2TP-0[9] between 10.0.0.2[10.0.0.2]...192.168.100.13[192.168.100.13]
    Aug 21 08:00:37 Wathan charon: 08[IKE] received DELETE for IKE_SA VPN-L2TP-0[9]
    Aug 21 08:00:37 Wathan charon: 08[ENC] parsed INFORMATIONAL_V1 request 4249141356 [ HASH D ]
    Aug 21 08:00:37 Wathan charon: 08[NET] received packet: from 192.168.100.13[500] to 10.0.0.2[500] (92 bytes)
    Aug 21 08:00:37 Wathan charon: 10[IKE] closing CHILD_SA VPN-L2TP-0{4} with SPIs c95e3746_i (987 bytes) d9915ba4_o (1004 bytes) and TS 10.0.0.2/32[udp/l2f] === 192.168.100.13/32[udp/l2f]
    Aug 21 08:00:37 Wathan charon: 10[IKE] closing CHILD_SA VPN-L2TP-0{4} with SPIs c95e3746_i (987 bytes) d9915ba4_o (1004 bytes) and TS 10.0.0.2/32[udp/l2f] === 192.168.100.13/32[udp/l2f]
    Aug 21 08:00:37 Wathan charon: 10[IKE] received DELETE for ESP CHILD_SA with SPI d9915ba4
    Aug 21 08:00:37 Wathan charon: 10[ENC] parsed INFORMATIONAL_V1 request 1072454566 [ HASH D ]
    Aug 21 08:00:37 Wathan charon: 10[NET] received packet: from 192.168.100.13[500] to 10.0.0.2[500] (76 bytes)
    Aug 21 08:00:37 Wathan charon: 01[KNL] interface ppp0 deleted
    Aug 21 08:00:35 Wathan charon: 05[IKE] CHILD_SA VPN-L2TP-0{4} established with SPIs c95e3746_i d9915ba4_o and TS 10.0.0.2/32[udp/l2f] === 192.168.100.13/32[udp/l2f]
    Aug 21 08:00:35 Wathan charon: 05[IKE] CHILD_SA VPN-L2TP-0{4} established with SPIs c95e3746_i d9915ba4_o and TS 10.0.0.2/32[udp/l2f] === 192.168.100.13/32[udp/l2f]
    Aug 21 08:00:35 Wathan charon: 05[ENC] parsed QUICK_MODE request 1 [ HASH ]
    Aug 21 08:00:35 Wathan charon: 05[NET] received packet: from 192.168.100.13[500] to 10.0.0.2[500] (60 bytes)
    Aug 21 08:00:35 Wathan charon: 07[NET] sending packet: from 10.0.0.2[500] to 192.168.100.13[500] (188 bytes)
    Aug 21 08:00:35 Wathan charon: 07[ENC] generating QUICK_MODE response 1 [ HASH SA No ID ID ]
    Aug 21 08:00:35 Wathan charon: 07[IKE] received 250000000 lifebytes, configured 0
    Aug 21 08:00:35 Wathan charon: 07[IKE] received 3600s lifetime, configured 0s
    Aug 21 08:00:35 Wathan charon: 07[ENC] parsed QUICK_MODE request 1 [ HASH SA No ID ID ]
    Aug 21 08:00:35 Wathan charon: 07[NET] received packet: from 192.168.100.13[500] to 10.0.0.2[500] (476 bytes)
    Aug 21 08:00:35 Wathan charon: 06[NET] sending packet: from 10.0.0.2[500] to 192.168.100.13[500] (76 bytes)
    Aug 21 08:00:35 Wathan charon: 06[ENC] generating ID_PROT response 0 [ ID HASH ]
    Aug 21 08:00:35 Wathan charon: 06[IKE] DPD not supported by peer, disabled
    Aug 21 08:00:35 Wathan charon: 06[IKE] IKE_SA VPN-L2TP-0[9] established between 10.0.0.2[10.0.0.2]...192.168.100.13[192.168.100.13]
    Aug 21 08:00:35 Wathan charon: 06[IKE] IKE_SA VPN-L2TP-0[9] established between 10.0.0.2[10.0.0.2]...192.168.100.13[192.168.100.13]
    Aug 21 08:00:35 Wathan charon: 06[CFG] selected peer config "VPN-L2TP-0"
    Aug 21 08:00:35 Wathan charon: 06[CFG] looking for pre-shared key peer configs matching 10.0.0.2...192.168.100.13[192.168.100.13]
    Aug 21 08:00:35 Wathan charon: 06[ENC] parsed ID_PROT request 0 [ ID HASH ]
    Aug 21 08:00:35 Wathan charon: 06[NET] received packet: from 192.168.100.13[500] to 10.0.0.2[500] (76 bytes)
    Aug 21 08:00:35 Wathan charon: 04[NET] sending packet: from 10.0.0.2[500] to 192.168.100.13[500] (212 bytes)
    Aug 21 08:00:35 Wathan charon: 04[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
    Aug 21 08:00:35 Wathan charon: 04[ENC] parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
    Aug 21 08:00:35 Wathan charon: 04[NET] received packet: from 192.168.100.13[500] to 10.0.0.2[500] (228 bytes)
    Aug 21 08:00:35 Wathan charon: 16[NET] sending packet: from 10.0.0.2[500] to 192.168.100.13[500] (136 bytes)
    Aug 21 08:00:35 Wathan charon: 16[ENC] generating ID_PROT response 0 [ SA V V V ]
    Aug 21 08:00:35 Wathan charon: 16[IKE] 192.168.100.13 is initiating a Main Mode IKE_SA
    Aug 21 08:00:35 Wathan charon: 16[IKE] 192.168.100.13 is initiating a Main Mode IKE_SA
    Aug 21 08:00:35 Wathan charon: 16[ENC] received unknown vendor ID: e3:a5:96:6a:76:37:9f:e7:07:22:82:31:e5:ce:86:52
    Aug 21 08:00:35 Wathan charon: 16[ENC] received unknown vendor ID: 26:24:4d:38:ed:db:61:b3:17:2a:36:e3:d0:cf:b8:19
    Aug 21 08:00:35 Wathan charon: 16[ENC] received unknown vendor ID: fb:1d:e3:cd:f3:41:b7:ea:16:b7:e5:be:08:55:f1:20
    Aug 21 08:00:35 Wathan charon: 16[IKE] received FRAGMENTATION vendor ID
    Aug 21 08:00:35 Wathan charon: 16[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
    Aug 21 08:00:35 Wathan charon: 16[IKE] received NAT-T (RFC 3947) vendor ID
    Aug 21 08:00:35 Wathan charon: 16[IKE] received MS NT5 ISAKMPOAKLEY vendor ID
    Aug 21 08:00:35 Wathan charon: 16[ENC] received unknown vendor ID: 01:52:8b:bb:c0:06:96:12:18:49:ab:9a:1c:5b:2a:51:00:00:00:01
    Aug 21 08:00:35 Wathan charon: 16[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V ]
    Aug 21 08:00:35 Wathan charon: 16[NET] received packet: from 192.168.100.13[500] to 10.0.0.2[500] (408 bytes)

  4. #4
    Newbie
    Join Date
    Jun 2011
    Posts
    5

    Default

    Quote Originally Posted by jcoffin View Post
    If the Untangle is the IPsec end point, then look at https://<your internal IP>/admin/index.do#service/ipsec-vpn/ipsec-log
    This is the Log for outside of my Network. So my router is forwarding to the server correctly, but getting error: Timeout while connecting.

    Aug 21 08:15:58 Wathan charon: 12[JOB] deleting half open IKE_SA after timeout
    Aug 21 08:15:48 Wathan charon: 01[IKE] sending keep alive to 172.58.16.147[29624]
    Aug 21 08:15:28 Wathan charon: 06[NET] sending packet: from 10.0.0.2[500] to 172.58.16.147[29624] (244 bytes)
    Aug 21 08:15:28 Wathan charon: 06[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
    Aug 21 08:15:28 Wathan charon: 06[IKE] remote host is behind NAT
    Aug 21 08:15:28 Wathan charon: 06[IKE] local host is behind NAT, sending keep alives
    Aug 21 08:15:28 Wathan charon: 06[ENC] parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
    Aug 21 08:15:28 Wathan charon: 06[NET] received packet: from 172.58.16.147[29624] to 10.0.0.2[500] (228 bytes)
    Aug 21 08:15:28 Wathan charon: 02[NET] sending packet: from 10.0.0.2[500] to 172.58.16.147[29624] (148 bytes)
    Aug 21 08:15:28 Wathan charon: 02[ENC] generating ID_PROT response 0 [ SA V V V ]
    Aug 21 08:15:28 Wathan charon: 02[IKE] 172.58.16.147 is initiating a Main Mode IKE_SA
    Aug 21 08:15:28 Wathan charon: 02[IKE] 172.58.16.147 is initiating a Main Mode IKE_SA
    Aug 21 08:15:28 Wathan charon: 02[IKE] received DPD vendor ID
    Aug 21 08:15:28 Wathan charon: 02[IKE] received NAT-T (RFC 3947) vendor ID
    Aug 21 08:15:28 Wathan charon: 02[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
    Aug 21 08:15:28 Wathan charon: 02[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
    Aug 21 08:15:28 Wathan charon: 02[IKE] received draft-ietf-ipsec-nat-t-ike-02 vendor ID
    Aug 21 08:15:28 Wathan charon: 02[ENC] received unknown vendor ID: 8d:7d:2b:e9:81:37:ce:ee:7c:b9:84:2f:d6:1d:01:00
    Aug 21 08:15:28 Wathan charon: 02[ENC] parsed ID_PROT request 0 [ SA V V V V V V ]
    Aug 21 08:15:28 Wathan charon: 02[NET] received packet: from 172.58.16.147[29624] to 10.0.0.2[500] (956 bytes)

  5. #5
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,655

    Default

    Are you connection from the same network which IPsec Untangle is on?
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #6
    Newbie
    Join Date
    Jun 2011
    Posts
    5

    Default

    I have tried from outside my network between modem and router to Server, and from the internet and get the 2 reports listed below.

  7. #7
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,655

    Default

    Quote Originally Posted by jhwilliams1985 View Post
    I have tried from outside my network between modem and router to Server, and from the internet and get the 2 reports listed below.
    You need to change it to preshared key authenitication

    13.1-l2tp-advanced-options.jpg
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2