[Openswan Users] Sonicwall tunnel keeps disconnecting
Mike A. Leonetti
mleonetti at evolutionce.com
Fri Mar 12 10:48:14 EST 2010
I also get this error:
Mar 11 23:28:22 fortissimo pluto[7217]: packet from y.y.y.y:36354:
initial Main Mode message received on x.x.x.x:500 but no connection has
been authorized with policy=PSK
Mar 11 23:28:25 fortissimo pluto[7217]: packet from y.y.y.y:500: initial
Main Mode message received on x.x.x.x:500 but no connection has been
authorized with policy=PSK
Mar 11 23:28:27 fortissimo pluto[7217]: packet from y.y.y.y:47405:
unsupported exchange type ISAKMP_XCHG_BASE in message
Mar 11 23:28:27 fortissimo pluto[7217]: packet from y.y.y.y:47405:
sending notification UNSUPPORTED_EXCHANGE_TYPE to 204.238.82.19:47405
Mar 11 23:28:27 fortissimo pluto[7217]: ERROR: asynchronous network
error report on eth0 (sport=500) for message to y.y.y.y port 47405,
complainant 204.238.82.19: Connection refused [errno 111, origin ICMP
type 3 code 3 (not authenticated)]
Mar 11 23:28:35 fortissimo pluto[7217]: "sonicwall" #5: Informational
Exchange message must be encrypted
Mar 11 23:29:15 fortissimo pluto[7217]: "sonicwall" #199: max number of
retransmissions (2) reached STATE_QUICK_I1. No acceptable response to
our first Quick Mode message: perhaps peer likes no proposal
Mar 11 23:29:15 fortissimo pluto[7217]: "sonicwall" #199: starting
keying attempt 195 of an unlimited number
Mar 11 23:29:15 fortissimo pluto[7217]: "sonicwall" #200: initiating
Quick Mode PSK+ENCRYPT+TUNNEL+UP+AGGRESSIVE+IKEv2ALLOW to replace #199
{using isakmp#5 msgid:05d6d58d proposal=3DES(3)_192-SHA1(2)_160
pfsgroup=no-pfs}
Mike A. Leonetti wrote:
> It seems at random times the tunnel between the machine and the
> Sonicwall device keep disconnecting. I haven't been able to isolate how
> long it takes or why. Are there any options I may be missing?
>
> Config:
> conn sonicwall
> left=x.x.x.x
> leftsourceip=10.1.1.1
> leftsubnet=10.1.1.0/24
> leftid=x.x.x.x
> right=y.y.y.y
> rightsubnet=10.10.12.0/24
> rightid=y.y.y.y
> keyingtries=0
> pfs=no
> aggrmode=yes
> auto=start
> auth=esp
> esp=3des-sha1
> ike=3des-sha1
> authby=secret
> keyexchange=ike
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>
More information about the Users
mailing list