Welcome, Guest. Please login or register.
Did you miss your activation email?
Tuesday 10 December 2024, 12:19:43 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  2.4 Endian IPSec to Draytek 2900 Series router
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: 2.4 Endian IPSec to Draytek 2900 Series router  (Read 14183 times)
DFen
Full Member
***
Offline Offline

Posts: 46


« on: Wednesday 21 July 2010, 03:48:42 am »

Help!

I am trying to configure a connection between a Draytek router and endian 2.4.

I am seeing messages I have never come across before:
Jul 20 18:26:46 LOCALHOST pluto[18255]: "testusr" #1: initiating Main Mode
Jul 20 18:26:46 LOCALHOST ipsec__plutorun: 104 "testusr" #1: STATE_MAIN_I1: initiate
Jul 20 18:26:51 LOCALHOST sudo:   nobody : TTY=unknown ; PWD=/home/httpd/cgi-bin ; USER=root ; COMMAND=/usr/sbin/ipsec auto --status
Jul 20 18:26:55 LOCALHOST kernel: [464954.150027] ipsec0: no IPv6 routers present
Jul 20 18:26:57 LOCALHOST pluto[18255]: packet from ..122.100:500: received Vendor ID payload [Dead Peer Detection]
Jul 20 18:26:57 LOCALHOST pluto[18255]: packet from ..122.100:500: received Vendor ID payload [RFC 3947] meth=109, but port floating is off
Jul 20 18:26:57 LOCALHOST pluto[18255]: packet from ..122.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
Jul 20 18:26:57 LOCALHOST pluto[18255]: packet from ..122.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
Jul 20 18:26:57 LOCALHOST pluto[18255]: packet from ..122.100:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jul 20 18:26:57 LOCALHOST pluto[18255]: "testusr" #2: responding to Main Mode
Jul 20 18:26:57 LOCALHOST pluto[18255]: "testusr" #2: OAKLEY_DES_CBC is not supported.  Attribute OAKLEY_ENCRYPTION_ALGORITHM
Jul 20 18:26:57 LOCALHOST pluto[18255]: "testusr" #2: OAKLEY_DES_CBC is not supported.  Attribute OAKLEY_ENCRYPTION_ALGORITHM
Jul 20 18:26:57 LOCALHOST pluto[18255]: "testusr" #2: OAKLEY_GROUP 1 not supported.  Attribute OAKLEY_GROUP_DESCRIPTION
Jul 20 18:26:57 LOCALHOST pluto[18255]: "testusr" #2: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jul 20 18:26:57 LOCALHOST pluto[18255]: "testusr" #2: STATE_MAIN_R1: sent MR1, expecting MI2
Jul 20 18:26:58 LOCALHOST pluto[18255]: "testusr" #2: message ignored because it contains an unknown or unexpected payload type (ISAKMP_NEXT_NAT-D) at the outermost level
Jul 20 18:26:58 LOCALHOST pluto[18255]: "testusr" #2: sending notification INVALID_PAYLOAD_TYPE to ..122.100:500


I have tried patching nat_traversal=no into ipsec.conf but this makes no difference.

Can anyone suggest a solution?

Has anybody successfully  connected by IPSec from endian 2.4 to a Draytek router?
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.063 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com