
<html>

  <head>

    <meta content="text/html; charset=ISO-8859-1"

      http-equiv="Content-Type">

  </head>

  <body bgcolor="#FFFFFF" text="#000000">

    <div class="moz-cite-prefix">Hi Dan,<br>

      <br>

      Thank you for your answer.<br>

      I asked for the config on the cisco side and they gave me this

      screenshot:<br>

      <img alt="cisco config"

        src="cid:part1.00080703.09010601@gmail.com" height="975"

        width="1284"><br>

      <br>

      It seems ok to me, but maybe they have to setup something at the

      IKE Proposals too...<br>

      <br>

      On 09.08.2012 00:18, Daniel Cave wrote:<br>

    </div>

    <blockquote cite="mid:5D4780B2-95CF-4E55-ACEC-276AAF6EA750@mac.com"

      type="cite">

      <meta http-equiv="Content-Type" content="text/html;

        charset=ISO-8859-1">

      Peter,

      <div><br>

      </div>

      <div>Check this out. I googled the error message on the Cisco VPN

        side.</div>

      <div><br>

      </div>

      <div><a moz-do-not-send="true"

href="https://www.google.co.uk/search?q=cisco+vpn+QM+FSM+error+%28P2+struct&amp;oq=cisco+vpn+QM+FSM+error+%28P2+struct&amp;sugexp=chrome,mod=8&amp;sourceid=chrome&amp;ie=UTF-8">https://www.google.co.uk/search?q=cisco+vpn+QM+FSM+error+(P2+struct&amp;oq=cisco+vpn+QM+FSM+error+(P2+struct&amp;sugexp=chrome,mod=8&amp;sourceid=chrome&amp;ie=UTF-8</a></div>

      <div><br>

      </div>

      <div>Are you sure the crypto map on the cisco side is setup

        correctly? Get a copy of the config? &nbsp;I've not seen this error

        before as my experience is mostly on the PIX/ASA/cisco routers

        but it looks <b>like</b> a config problem</div>

      <div><br>

      </div>

      <div><a moz-do-not-send="true"

          href="https://learningnetwork.cisco.com/thread/41035">https://learningnetwork.cisco.com/thread/41035</a></div>

      <div><br>

      </div>

      <div>Dan</div>

      <div><br>

      </div>

      <div>

        <div>

          <div>On 8 Aug 2012, at 15:39, Peter Laszlo &lt;<a

              moz-do-not-send="true" href="mailto:lotzi.peter@gmail.com">lotzi.peter@gmail.com</a>&gt;

            wrote:</div>

          <br class="Apple-interchange-newline">

          <blockquote type="cite">

            <meta http-equiv="content-type" content="text/html;

              charset=ISO-8859-1">

            <div bgcolor="#FFFFFF" text="#000000"> Hi everyone,<br>

              <br>

              I'm trying to setup a VPN connection between our Centos

              server and a Cisco 3000 Concentrator.<br>

              They gave me the following informations:<br>

              <table style="border-collapse: collapse;width:618pt"

                border="0" cellpadding="0" cellspacing="0" width="823">

                <colgroup><col

                    style="mso-width-source:userset;mso-width-alt:8557;width:176pt"

                    width="234"> <col

                    style="mso-width-source:userset;mso-width-alt:21540;width:442pt"

                    width="589"> </colgroup><tbody>

                  <tr style="height:12.75pt" height="17">

                    <td class="xl73" style="height:12.75pt;width:176pt"

                      height="17" width="234">IKE (ISAKMP)</td>

                    <td class="xl65" style="width:442pt" width="589"><br>

                    </td>

                  </tr>

                  <tr style="mso-height-source:userset;height:5.1pt"

                    height="6">

                    <td class="xl66"

                      style="height:5.1pt;border-top:none" height="6">&nbsp;</td>

                    <td class="xl65"><br>

                    </td>

                  </tr>

                  <tr style="height:12.75pt" height="17">

                    <td class="xl70" style="height:12.75pt" height="17">Key


                      Negotiation Encryption Algorithm</td>

                    <td class="xl67" style="border-left:none">AES-256</td>

                  </tr>

                  <tr style="height:12.75pt" height="17">

                    <td class="xl72"

                      style="height:12.75pt;border-top:none" height="17">Hashing

                      Algorithm</td>

                    <td class="xl68"

                      style="border-top:none;border-left:none">SHA/HMAC-160</td>

                  </tr>

                  <tr style="height:12.75pt" height="17">

                    <td class="xl74"

                      style="height:12.75pt;border-top:none" height="17">Diffie-Hellman

                      group</td>

                    <td class="xl75"

                      style="border-top:none;border-left:none">Group 2</td>

                  </tr>

                  <tr style="height:12.75pt" height="17">

                    <td class="xl74" style="height:12.75pt" height="17">Negotiation


                      Mode</td>

                    <td class="xl75" style="border-left:none">Main</td>

                  </tr>

                  <tr style="height:13.5pt" height="18">

                    <td class="xl71" style="height:13.5pt" height="18">Lifetime


                      Measurement sec</td>

                    <td class="xl69" style="border-left:none">86400</td>

                  </tr>

                  <tr style="height:12.75pt" height="17">

                    <td style="height:12.75pt" height="17"><br>

                    </td>

                    <td class="xl65"><br>

                    </td>

                  </tr>

                  <tr style="height:13.5pt" height="18">

                    <td style="height:13.5pt" height="18"><br>

                    </td>

                    <td class="xl65"><br>

                    </td>

                  </tr>

                  <tr style="height:12.75pt" height="17">

                    <td class="xl73" style="height:12.75pt" height="17">IPSec</td>

                    <td class="xl65"><br>

                    </td>

                  </tr>

                  <tr style="mso-height-source:userset;height:5.1pt"

                    height="6">

                    <td class="xl66"

                      style="height:5.1pt;border-top:none" height="6">&nbsp;</td>

                    <td class="xl65"><br>

                    </td>

                  </tr>

                  <tr style="height:12.75pt" height="17">

                    <td class="xl70" style="height:12.75pt" height="17">Transform</td>

                    <td class="xl67" style="border-left:none">Encryption

                      + Data Integrity - ESP</td>

                  </tr>

                  <tr style="height:12.75pt" height="17">

                    <td class="xl72"

                      style="height:12.75pt;border-top:none" height="17">Encryption

                      Algorithm</td>

                    <td class="xl68"

                      style="border-top:none;border-left:none">AES-256</td>

                  </tr>

                  <tr style="height:12.75pt" height="17">

                    <td class="xl72"

                      style="height:12.75pt;border-top:none" height="17">Data

                      integrity Hashing Algorithm</td>

                    <td class="xl68"

                      style="border-top:none;border-left:none">SHA/HMAC-160</td>

                  </tr>

                  <tr style="height:12.75pt" height="17">

                    <td class="xl72"

                      style="height:12.75pt;border-top:none" height="17">Perfect

                      Forward Secrecy</td>

                    <td class="xl68"

                      style="border-top:none;border-left:none">Disabled</td>

                  </tr>

                  <tr style="height:12.75pt" height="17">

                    <td class="xl72"

                      style="height:12.75pt;border-top:none" height="17">Encapsulation

                      Mode</td>

                    <td class="xl68"

                      style="border-top:none;border-left:none">Tunnel</td>

                  </tr>

                  <tr style="height:12.75pt" height="17">

                    <td class="xl72"

                      style="height:12.75pt;border-top:none" height="17">Lifetime

                      Measurement sec</td>

                    <td class="xl68"

                      style="border-top:none;border-left:none">28800</td>

                  </tr>

                </tbody>

              </table>

              <br>

              So I setup my ipsec.conf in the following way:<br>

              <br>

              # basic configuration<br>

              config setup<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # Debug-logging controls:&nbsp; "none" for (almost)

              none, "all" for lots.<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # klipsdebug=none<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # plutodebug="control parsing"<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # For Red Hat Enterprise Linux and Fedora, leave

              protostack=netkey<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; protostack=netkey<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; nat_traversal=no<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; virtual_private=<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; oe=off<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # Enable this if you see "failed to find any

              available worker"<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # nhelpers=0<br>

              <br>

              #You may put your configuration (.conf) file in the

              "/etc/ipsec.d/" and uncomment this.<br>

              #include /etc/ipsec.d/*.conf<br>

              <br>

              conn otwovpn<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; type=tunnel<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; left=78.47.14.195<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; right=160.218.24.2<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ike=aes256-sha1;modp1024<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; phase2alg=aes256-sha1;modp1024<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ikelifetime=24h<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; pfs=no<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto=start<br>

              &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; authby=secret<br>

              <br>

              I added the preshared key into the /etc/insec.d/o2vpn.conf<br>

              The iptables looks the following way:<br>

              &nbsp;iptables --list<br>

              Chain INPUT (policy ACCEPT)<br>

              target&nbsp;&nbsp;&nbsp;&nbsp; prot opt source&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; destination<br>

              ACCEPT&nbsp;&nbsp;&nbsp;&nbsp; ah&nbsp;&nbsp; --&nbsp; anywhere&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; anywhere<br>

              ACCEPT&nbsp;&nbsp;&nbsp;&nbsp; esp&nbsp; --&nbsp; anywhere&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; anywhere<br>

              ACCEPT&nbsp;&nbsp;&nbsp;&nbsp; udp&nbsp; --&nbsp; anywhere&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

              anywhere&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; udp dpt:ipsec-nat-t<br>

              ACCEPT&nbsp;&nbsp;&nbsp;&nbsp; udp&nbsp; --&nbsp; anywhere&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

              anywhere&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; udp dpt:isakmp<br>

              <br>

              Chain FORWARD (policy ACCEPT)<br>

              target&nbsp;&nbsp;&nbsp;&nbsp; prot opt source&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; destination<br>

              <br>

              Chain OUTPUT (policy ACCEPT)<br>

              target&nbsp;&nbsp;&nbsp;&nbsp; prot opt source&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; destination<br>

              ACCEPT&nbsp;&nbsp;&nbsp;&nbsp; ah&nbsp;&nbsp; --&nbsp; anywhere&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; anywhere<br>

              ACCEPT&nbsp;&nbsp;&nbsp;&nbsp; esp&nbsp; --&nbsp; anywhere&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; anywhere<br>

              ACCEPT&nbsp;&nbsp;&nbsp;&nbsp; udp&nbsp; --&nbsp; anywhere&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

              anywhere&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; udp dpt:ipsec-nat-t<br>

              ACCEPT&nbsp;&nbsp;&nbsp;&nbsp; udp&nbsp; --&nbsp; anywhere&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

              anywhere&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; udp dpt:isakmp<br>

              <br>

              But when I start up the ipsec service no tunnel it's

              getting made.<br>

              Starting Pluto subsystem...<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: nss directory plutomain:

              /etc/ipsec.d<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: NSS Initialized<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: Non-fips mode set in

              /proc/sys/crypto/fips_enabled<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: Starting Pluto (Openswan

              Version 2.6.32; Vendor ID OEhyLdACecfa) pid:1072<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: Non-fips mode set in

              /proc/sys/crypto/fips_enabled<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: LEAK_DETECTIVE support

              [disabled]<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: OCF support for IKE

              [disabled]<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: SAref support [disabled]:

              Protocol not available<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: SAbind support

              [disabled]: Protocol not available<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: NSS support [enabled]<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: HAVE_STATSD notification

              support not compiled in<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: Setting NAT-Traversal

              port-4500 floating to off<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]:&nbsp;&nbsp;&nbsp; port floating

              activation criteria nat_t=0/port_float=1<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]:&nbsp;&nbsp;&nbsp; NAT-Traversal support&nbsp;

              [disabled]<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: 1 bad entries in

              virtual_private - none loaded<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_register_enc():

              Activating OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_register_enc():

              Activating OAKLEY_TWOFISH_CBC: Ok (ret=0)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_register_enc():

              Activating OAKLEY_SERPENT_CBC: Ok (ret=0)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_register_enc():

              Activating OAKLEY_AES_CBC: Ok (ret=0)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_register_enc():

              Activating OAKLEY_BLOWFISH_CBC: Ok (ret=0)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_register_hash():

              Activating OAKLEY_SHA2_512: Ok (ret=0)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_register_hash():

              Activating OAKLEY_SHA2_256: Ok (ret=0)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: starting up 1

              cryptographic helpers<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: started helper (thread)

              pid=139998973691648 (fd:10)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: Using Linux 2.6 IPsec

              interface code on 2.6.32-220.7.1.el6.x86_64 (experimental

              code)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_register_enc():

              Activating aes_ccm_8: Ok (ret=0)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_add(): ERROR:

              Algorithm already exists<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_register_enc():

              Activating aes_ccm_12: FAILED (ret=-17)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_add(): ERROR:

              Algorithm already exists<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_register_enc():

              Activating aes_ccm_16: FAILED (ret=-17)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_add(): ERROR:

              Algorithm already exists<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_register_enc():

              Activating aes_gcm_8: FAILED (ret=-17)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_add(): ERROR:

              Algorithm already exists<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_register_enc():

              Activating aes_gcm_12: FAILED (ret=-17)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_add(): ERROR:

              Algorithm already exists<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: ike_alg_register_enc():

              Activating aes_gcm_16: FAILED (ret=-17)<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: Could not change to

              directory '/etc/ipsec.d/cacerts': /<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: Could not change to

              directory '/etc/ipsec.d/aacerts': /<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: Could not change to

              directory '/etc/ipsec.d/ocspcerts': /<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: Could not change to

              directory '/etc/ipsec.d/crls'<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: | selinux support is NOT

              enabled.<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: Non-fips mode set in

              /proc/sys/crypto/fips_enabled<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: Non-fips mode set in

              /proc/sys/crypto/fips_enabled<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: added connection

              description "otwovpn"<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: listening for IKE

              messages<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: adding interface

              eth0/eth0 78.47.14.195:500<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: adding interface lo/lo

              127.0.0.1:500<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: adding interface lo/lo

              ::1:500<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: loading secrets from

              "/etc/ipsec.secrets"<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: loading secrets from

              "/etc/ipsec.d/o2vpn.secrets"<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1: initiating

              Main Mode<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1: ignoring

              Vendor ID payload [FRAGMENTATION c0000000]<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1: transition

              from state STATE_MAIN_I1 to state STATE_MAIN_I2<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1:

              STATE_MAIN_I2: sent MI2, expecting MR2<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1: received

              Vendor ID payload [Cisco-Unity]<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1: received

              Vendor ID payload [XAUTH]<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1: ignoring

              unknown Vendor ID payload

              [45bfb36d8ba8a9e8a222c0d844bf4fed]<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1: ignoring

              Vendor ID payload [Cisco VPN 3000 Series]<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1: transition

              from state STATE_MAIN_I2 to state STATE_MAIN_I3<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1:

              STATE_MAIN_I3: sent MI3, expecting MR3<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1: received

              Vendor ID payload [Dead Peer Detection]<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1: Main mode

              peer ID is ID_IPV4_ADDR: '160.218.24.2'<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1: transition

              from state STATE_MAIN_I3 to state STATE_MAIN_I4<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1:

              STATE_MAIN_I4: ISAKMP SA established

              {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha

              group=modp1024}<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #2: initiating

              Quick Mode PSK+ENCRYPT+TUNNEL+UP+IKEv2ALLOW+SAREFTRACK

              {using isakmp#1 msgid:35c07df7

              proposal=AES(12)_256-SHA1(2)_160 pfsgroup=no-pfs}<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: "otwovpn" #1: received

              Delete SA payload: deleting ISAKMP State #1<br>

              Aug&nbsp; 8 16:30:54 www pluto[1072]: packet from

              160.218.24.2:500: received and ignored informational

              message<br>

              <br>

              I asked for the log file from the windows server and that

              look like the following:<br>

              <p class="MsoNormal"><span style="color:#1F497D">vpn01.log

                  - Aug&nbsp; 6 12:42:36 vpn01 -973619477 08/06/2012

                  12:42:36.350 SEV=4 IKE/119 RPT=1644046 78.47.14.195&nbsp;

                  Group [78.47.14.195] PHASE 1 COMPLETED</span><o:p></o:p></p>

              <p class="MsoNormal"><span style="color:#1F497D">vpn01.log

                  - Aug&nbsp; 6 12:42:36 vpn01 -973619476 08/06/2012

                  12:42:36.350 SEV=6 IKE/121 RPT=1644046 78.47.14.195&nbsp;

                  Keep-alive type for this connection: DPD</span><o:p></o:p></p>

              <p class="MsoNormal"><span style="color:#1F497D">vpn01.log

                  - Aug&nbsp; 6 12:42:36 vpn01 -973619467 08/06/2012

                  12:42:36.350 SEV=4 AUTH/22 RPT=1247461&nbsp; User

                  [78.47.14.195] Group [78.47.14.195] connected, Session

                  Type: IPSec/LAN-to-LAN</span><o:p></o:p></p>

              <p class="MsoNormal"><span style="color:#1F497D">vpn01.log

                  - Aug&nbsp; 6 12:42:36 vpn01 -973619465 08/06/2012

                  12:42:36.350 SEV=4 AUTH/84 RPT=1238344&nbsp; LAN-to-LAN

                  tunnel to headend device 78.47.14.195 connected</span><o:p></o:p></p>

              <p class="MsoNormal"><span style="color:#1F497D">vpn01.log

                  - Aug&nbsp; 6 12:42:36 vpn01 -973619450 08/06/2012

                  12:42:36.370 SEV=4 IKEDBG/97 RPT=15682315

                  78.47.14.195&nbsp; Group [78.47.14.195] QM FSM error (P2

                  struct &amp;0x1922ab68, mess id 0x82c5db7c)!</span><o:p></o:p></p>

              <p class="MsoNormal"><span style="color:#1F497D">vpn01.log

                  - Aug&nbsp; 6 12:42:36 vpn01 -973619424 08/06/2012

                  12:42:36.380 SEV=4 AUTH/23 RPT=1237593 78.47.14.195&nbsp;

                  User [78.47.14.195] Group [78.47.14.195] disconnected:

                  duration: 0:00:00</span><o:p></o:p></p>

              <span style="color:#1F497D">vpn01.log - Aug&nbsp; 6 12:42:36

                vpn01 -973619423 08/06/2012 12:42:36.380 SEV=4 AUTH/85

                RPT=1237583&nbsp; LAN-to-LAN tunnel to headend device

                78.47.14.195 disconnected: duration: 0:00:00</span><br>

              <br>

              Any help I kindly appreciate it!<br>

              Thank you! </div>

            _______________________________________________<br>

            <a moz-do-not-send="true"

              href="mailto:Users@lists.openswan.org">Users@lists.openswan.org</a><br>

            <a class="moz-txt-link-freetext" href="https://lists.openswan.org/mailman/listinfo/users">https://lists.openswan.org/mailman/listinfo/users</a><br>

            Micropayments:

            <a class="moz-txt-link-freetext" href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a><br>

            Building and Integrating Virtual Private Networks with

            Openswan:<br>

<a class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a><br>

          </blockquote>

        </div>

        <br>

        <div apple-content-edited="true">

          <span class="Apple-style-span" style="border-collapse:

            separate; border-spacing: 0px; "><span

              class="Apple-style-span" style="border-collapse: separate;

              color: rgb(0, 0, 0); font-family: Helvetica; font-style:

              normal; font-variant: normal; font-weight: normal;

              letter-spacing: normal; line-height: normal; orphans: 2;

              text-indent: 0px; text-transform: none; white-space:

              normal; widows: 2; word-spacing: 0px;

              -webkit-border-horizontal-spacing: 0px;

              -webkit-border-vertical-spacing: 0px;

              -webkit-text-decorations-in-effect: none;

              -webkit-text-size-adjust: auto; -webkit-text-stroke-width:

              0px; font-size: medium; ">

              <div style="word-wrap: break-word; -webkit-nbsp-mode:

                space; -webkit-line-break: after-white-space; ">

                <div>Kindest Regards</div>

                <div><br>

                </div>

                <div>Daniel Cave</div>

                <div>Director</div>

                <div><br>

                </div>

                <div>" If you want IT doing right, Call Fahrenheit "&nbsp;</div>

                <div><br>

                </div>

                <div>

                  <div>Fahrenheit IT Services</div>

                  <div>For all your Business and Residential Technology

                    Needs and support services</div>

                </div>

                <div><br>

                </div>

                <div><a moz-do-not-send="true"

                    href="http://www.fahrenheit-it.com">http://www.fahrenheit-it.com</a></div>

                <div>Tel: 01202 694433</div>

                <div><br>

                </div>

              </div>

            </span></span><br class="Apple-interchange-newline">

        </div>

        <br>

      </div>

    </blockquote>

    <br>

  </body>

</html>