EFW Support

Support => VPN Support => Topic started by: nice2cu on Wednesday 05 March 2008, 09:49:57 pm



Title: Endian 2.12 FW & CP 55AI
Post by: nice2cu on Wednesday 05 March 2008, 09:49:57 pm
I try to confugure a VPN between this 2 gateways.
Preshared key and Net-to-Net

All is working fine when i start the tunnel. (CP side)
IKE: Main Mode completion.
IKE: Quick Mode Sent Notification: Responder Lifetime
IKE: Quick Mode completion
IKE IDs: subnet: 10.132.100.0 (mask= 255.255.255.0) and subnet: 192.168.120.0 (mask= 255.255.255.0)

But when i try to access from CP VPN DomainNet the other VPN Domain Net i get this Logentrys:
IKE: Quick Mode Received Notification from Peer: invalid id information
IKE: Quick Mode Received Notification from Peer: invalid message id
IKE: Quick Mode Received Notification from Peer: invalid message id
IKE: Quick Mode Received Notification from Peer: invalid message id

When i try to access from endian site the VPN Net on CP side this logentry appears:
ICMP: Echo Request ICMP Type: 8 ICMP Code: 0 message_info: Address spoofing
message_info: Address spoofing (bei Telnet)

It this constellation working and when yes how?
I use at moment a actual version from Endian (Openswan 2.4.7)
And CP FW NG55 AI HFA_18, Hotfix 771 - Build 011

Greetings, Robert