IPSEC / StrongSwan probleem - Netwerken

donderdag 11 juli 2013 23:44

Acties:

Verwijderd

Topicstarter

Hai, ik heb me hele IPSEC klaar en geinstalleerd op mijn router

Alleen nu lukt het opzetten van de VPN verbinding nog niet =/

Ik heb al van alles geprobeerd, maar er gaat iets mis met of de iPhone of iets anders?
Iemand een idee wat hier mis gaat?? Is heel vreemd !

code:

root@OpenWrt:~# logread -f
Jul 11 20:52:50 OpenWrt daemon.info syslog: 06[NET] received packet: from 92.69.10.42[500] to 192.168.2.1[500]
Jul 11 20:52:50 OpenWrt daemon.info syslog: 06[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V V V V V V V ]
Jul 11 20:52:50 OpenWrt daemon.info syslog: 06[IKE] received NAT-T (RFC 3947) vendor ID
Jul 11 20:52:50 OpenWrt daemon.info syslog: 06[IKE] received draft-ietf-ipsec-nat-t-ike vendor ID
Jul 11 20:52:50 OpenWrt daemon.info syslog: 06[IKE] received draft-ietf-ipsec-nat-t-ike-08 vendor ID
Jul 11 20:52:50 OpenWrt daemon.info syslog: 06[IKE] received draft-ietf-ipsec-nat-t-ike-07 vendor ID
Jul 11 20:52:50 OpenWrt daemon.info syslog: 06[IKE] received draft-ietf-ipsec-nat-t-ike-06 vendor ID
Jul 11 20:52:50 OpenWrt daemon.info syslog: 06[IKE] received draft-ietf-ipsec-nat-t-ike-05 vendor ID
Jul 11 20:52:50 OpenWrt daemon.info syslog: 06[IKE] received draft-ietf-ipsec-nat-t-ike-04 vendor ID
Jul 11 20:52:50 OpenWrt daemon.info syslog: 06[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Jul 11 20:52:50 OpenWrt daemon.info syslog: 06[IKE] received draft-ietf-ipsec-nat-t-ike-02 vendor ID
Jul 11 20:52:50 OpenWrt daemon.info syslog: 06[ENC] generating ID_PROT response 0 [ SA V V V ]
Jul 11 20:52:50 OpenWrt daemon.info syslog: 06[NET] sending packet: from 192.168.2.1[500] to 92.69.10.42[500]
Jul 11 20:52:52 OpenWrt daemon.info syslog: 01[NET] received packet: from 92.69.10.42[500] to 192.168.2.1[500]
Jul 11 20:52:52 OpenWrt daemon.info syslog: 01[ENC] parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
Jul 11 20:52:52 OpenWrt daemon.info syslog: 01[IKE] local host is behind NAT, sending keep alives
Jul 11 20:52:52 OpenWrt daemon.info syslog: 01[IKE] remote host is behind NAT
Jul 11 20:52:52 OpenWrt daemon.info syslog: 01[IKE] sending cert request for "C=NL, O=xxx, CN=xxxx"
Jul 11 20:52:52 OpenWrt daemon.info syslog: 01[ENC] generating ID_PROT response 0 [ KE No CERTREQ NAT-D NAT-D ]
Jul 11 20:52:52 OpenWrt daemon.info syslog: 01[NET] sending packet: from 192.168.2.1[500] to 92.69.10.42[500]
Jul 11 20:52:53 OpenWrt daemon.info syslog: 02[NET] received packet: from 92.69.10.42[4500] to 192.168.2.1[4500]
Jul 11 20:52:53 OpenWrt daemon.info syslog: 02[ENC] parsed ID_PROT request 0 [ ID CERT SIG CERTREQ N(INITIAL_CONTACT) ]
Jul 11 20:52:53 OpenWrt daemon.info syslog: 02[IKE] ignoring certificate request without data
Jul 11 20:52:53 OpenWrt daemon.info syslog: 02[IKE] received end entity cert "C=NL, O=xxx, CN=client"
Jul 11 20:52:53 OpenWrt daemon.info syslog: 02[CFG] looking for XAuthInitRSA peer configs matching 192.168.2.1...92.69.10.42[C=NL, O=xxx, CN=client]
Jul 11 20:52:53 OpenWrt daemon.info syslog: 02[CFG] selected peer config "ios"
Jul 11 20:52:53 OpenWrt daemon.info syslog: 02[CFG]   using trusted ca certificate "C=NL, O=xxx, CN=xxxx"
Jul 11 20:52:53 OpenWrt daemon.info syslog: 02[CFG] checking certificate status of "C=NL, O=xxx, CN=client"
Jul 11 20:52:53 OpenWrt daemon.info syslog: 02[CFG] certificate status is not available
Jul 11 20:52:53 OpenWrt daemon.info syslog: 02[CFG]   reached self-signed root ca with a path length of 0
Jul 11 20:52:53 OpenWrt daemon.info syslog: 02[CFG]   using trusted certificate "C=NL, O=xxx, CN=client"
Jul 11 20:52:53 OpenWrt daemon.info syslog: 02[IKE] authentication of 'C=NL, O=xxx, CN=client' with RSA successful
Jul 11 20:52:54 OpenWrt daemon.info syslog: 02[IKE] authentication of 'C=NL, O=xxx, CN=www.arwingship.nl' (myself) successful
Jul 11 20:52:54 OpenWrt daemon.info syslog: 02[IKE] sending end entity cert "C=NL, O=xxx, CN=www.arwingship.nl"
Jul 11 20:52:54 OpenWrt daemon.info syslog: 02[ENC] generating ID_PROT response 0 [ ID CERT SIG ]
Jul 11 20:52:54 OpenWrt daemon.info syslog: 02[NET] sending packet: from 192.168.2.1[4500] to 92.69.10.42[4500]
Jul 11 20:52:54 OpenWrt daemon.info syslog: 02[ENC] generating TRANSACTION request 4223186761 [ HASH CP ]
Jul 11 20:52:54 OpenWrt daemon.info syslog: 02[NET] sending packet: from 192.168.2.1[4500] to 92.69.10.42[4500]
Jul 11 20:52:55 OpenWrt daemon.info syslog: 13[NET] received packet: from 92.69.10.42[4500] to 192.168.2.1[4500]
Jul 11 20:52:55 OpenWrt daemon.info syslog: 13[ENC] invalid HASH_V1 payload length, decryption failed?
Jul 11 20:52:55 OpenWrt daemon.info syslog: 13[ENC] could not decrypt payloads
Jul 11 20:52:55 OpenWrt daemon.info syslog: 13[IKE] message parsing failed
Jul 11 20:52:55 OpenWrt daemon.info syslog: 13[IKE] ignore malformed INFORMATIONAL request
Jul 11 20:52:55 OpenWrt daemon.info syslog: 13[IKE] INFORMATIONAL_V1 request with message ID 3797239300 processing failed
Jul 11 20:52:58 OpenWrt daemon.info syslog: 05[IKE] sending retransmit 1 of request message ID 4223186761, seq 1
Jul 11 20:52:58 OpenWrt daemon.info syslog: 05[NET] sending packet: from 192.168.2.1[4500] to 92.69.10.42[4500]
^Croot@OpenWrt:~#

vrijdag 12 juli 2013 06:34

Acties:

WhizzCat

www.lichtsignaal.nl

code:

1	invalid HASH_V1 payload length, decryption failed?

Iets zegt mij dat je encryptie aan de VPN te hoog hebt staan voor de iPhone. Ik heb het zelfde gehad en je kan met google zoeken wat dat ding precies ondersteunt (is echt net niet niks) en vervolgens dat matchen tegen je VPN config.

Gezocht: netwerkbeheerder
Als je het niet aan een 6-jarige kan uitleggen, snap je er zelf ook niks van! - A. Einstein

Reageer