Top-Themen

AppleEntwicklungHardwareInternetLinuxMicrosoftMultimediaNetzwerkeOff TopicSicherheitSonstige SystemeVirtualisierungWeiterbildungZusammenarbeit

Aktuelle Themen

Administrator.de FeedbackApache ServerAppleAssemblerAudioAusbildungAuslandBackupBasicBatch & ShellBenchmarksBibliotheken & ToolkitsBlogsCloud-DiensteClusterCMSCPU, RAM, MainboardsCSSC und C++DatenbankenDatenschutzDebianDigitiales FernsehenDNSDrucker und ScannerDSL, VDSLE-BooksE-BusinessE-MailEntwicklungErkennung und -AbwehrExchange ServerFestplatten, SSD, RaidFirewallFlatratesGoogle AndroidGrafikGrafikkarten & MonitoreGroupwareHardwareHosting & HousingHTMLHumor (lol)Hyper-VIconsIDE & EditorenInformationsdiensteInstallationInstant MessagingInternetInternet DomäneniOSISDN & AnaloganschlüsseiTunesJavaJavaScriptKiXtartKVMLAN, WAN, WirelessLinuxLinux DesktopLinux NetzwerkLinux ToolsLinux UserverwaltungLizenzierungMac OS XMicrosoftMicrosoft OfficeMikroTik RouterOSMonitoringMultimediaMultimedia & ZubehörNetzwerkeNetzwerkgrundlagenNetzwerkmanagementNetzwerkprotokolleNotebook & ZubehörNovell NetwareOff TopicOpenOffice, LibreOfficeOutlook & MailPapierkorbPascal und DelphiPeripheriegerätePerlPHPPythonRechtliche FragenRedHat, CentOS, FedoraRouter & RoutingSambaSAN, NAS, DASSchriftartenSchulung & TrainingSEOServerServer-HardwareSicherheitSicherheits-ToolsSicherheitsgrundlagenSolarisSonstige SystemeSoziale NetzwerkeSpeicherkartenStudentenjobs & PraktikumSuche ProjektpartnerSuseSwitche und HubsTipps & TricksTK-Netze & GeräteUbuntuUMTS, EDGE & GPRSUtilitiesVB for ApplicationsVerschlüsselung & ZertifikateVideo & StreamingViren und TrojanerVirtualisierungVisual StudioVmwareVoice over IPWebbrowserWebentwicklungWeiterbildungWindows 7Windows 8Windows 10Windows InstallationWindows MobileWindows NetzwerkWindows ServerWindows SystemdateienWindows ToolsWindows UpdateWindows UserverwaltungWindows VistaWindows XPXenserverXMLZusammenarbeit

NETGEAR ProSafe VPN Firewall FVX538 VERBINDUNGSABBRUCH

Frage Netzwerke Router & Routing

Mitglied: blueenzian

blueenzian (Level 1) - Jetzt verbinden

02.02.2012 um 11:06 Uhr, 4357 Aufrufe, 3 Kommentare

Unsere beiden Büros unterhalten eine VPN Verbindung.
Zum Einsatz kommen: 2 x Netgear FVX538

System Name: FVX538
Firmware Version (Primary): 3.0.4-19
Firmware Version (Secondary): 3.0.3-17

Hallo Wissende

Wir haben sporadisch Probleme mit unserer VPN Verbindung.

Manchmal läufts wochenlang ohne Probleme, dann gibts wieder Tage wo die Verbindung mehrfach abbricht.
Übliches Vorgehen: Verbindung "disablen"; IKE policy neu bestätigen; warten; Verbindung "enablen" / oder aber Router aus/ein

Ich habe das Problem geerbt und bin leider mit der Thematik nicht wirklich vertraut.

Anbei ein Logfile. Kann damit jemand was anfangen?
Ausfall heute morgen. 10:13 neu gestartet; 10:44 wieder ausgefallen.

toClients: ist für Mitarbeiter welche unterwegs sind.
toWxxx: ist eine permanente Verbindung zum anderen Büro

Vielen Dank im Voraus.
Bernd

2012 Feb 2 10:13:21 [FVX538] [IKE] IKE started_
2012 Feb 2 10:13:21 [FVX538] [IKE] Adding ModeCfg configuration with identifier "ClientModeConfig"_
2012 Feb 2 10:13:21 [FVX538] [IKE] Adding IKE configuration with identifer "toClients"_
2012 Feb 2 10:13:21 [FVX538] [IKE] Adding IKE configuration with identifer "toWxxx"_
2012 Feb 2 10:13:21 [FVX538] [IKE] Adding IPSec configuration with identifier "toWxxx"_
2012 Feb 2 10:13:21 [FVX538] [IKE] Adding IPSec configuration with identifier "ClientModeConfig0"_
2012 Feb 2 10:13:27 [FVX538] [IKE] Configuration found for 83.64.222.111[500]._
2012 Feb 2 10:13:27 [FVX538] [IKE] Received request for new phase 1 negotiation: 188.94.99.11[500]<=>83.64.222.111[500]_
2012 Feb 2 10:13:27 [FVX538] [IKE] Beginning Aggressive mode._
2012 Feb 2 10:13:27 [FVX538] [IKE] Received Vendor ID: RFC XXXX_
2012 Feb 2 10:13:27 [FVX538] [IKE] Received Vendor ID: DPD_
2012 Feb 2 10:13:27 [FVX538] [IKE] For 83.64.222.111[500], Selected NAT-T version: RFC XXXX
2012 Feb 2 10:13:27 [FVX538] [VPNKA] Peer 83.64.222.111 failed 2 of 3 times_
2012 Feb 2 10:13:28 [FVX538] [IKE] Floating ports for NAT-T with peer 83.64.222.111[10027]_
2012 Feb 2 10:13:28 [FVX538] [IKE] NAT-D payload matches for 188.94.99.11[4500]_
2012 Feb 2 10:13:28 [FVX538] [IKE] NAT-D payload does not match for 83.64.222.111[10027]_
2012 Feb 2 10:13:28 [FVX538] [IKE] NAT detected: Peer is behind a NAT device_
2012 Feb 2 10:13:28 [FVX538] [IKE] ISAKMP-SA established for 188.94.99.11[4500]-83.64.222.111[10027] with spi:e3b80f043bc3ce94:0fc9c759bf945edf_
2012 Feb 2 10:13:28 [FVX538] [IKE] Sending Informational Exchange: notify payload[INITIAL-CONTACT]_
2012 Feb 2 10:13:28 [FVX538] [IKE] Responding to new phase 2 negotiation: 188.94.99.11[0]<=>83.64.222.111[0]_
2012 Feb 2 10:13:28 [FVX538] [IKE] Using IPsec SA configuration: 192.168.0.0/24<->192.168.1.0/24_
2012 Feb 2 10:13:28 [FVX538] [IKE] Adjusting peer's encmode 3(3)->Tunnel(1)_
2012 Feb 2 10:13:28 [FVX538] [IKE] IPsec-SA established[UDP encap 10027->4500]: ESP/Tunnel 83.64.222.111->188.94.99.11 with spi=54653383(0x341f1c7)_
2012 Feb 2 10:13:28 [FVX538] [IKE] IPsec-SA established[UDP encap 4500->10027]: ESP/Tunnel 188.94.99.11->83.64.222.111 with spi=219564325(0xd164925)_
2012 Feb 2 10:14:12 [FVX538] [IKE] Sending Informational Exchange: delete payload[]_
2012 Feb 2 10:14:12 [FVX538] [IKE] purged IPsec-SA proto_id=ESP spi=219564325._
2012 Feb 2 10:14:12 [FVX538] [IKE] purged IPsec-SA proto_id=ESP spi=54653383._
2012 Feb 2 10:14:12 [FVX538] [IKE] an undead schedule has been deleted: 'pk_recvupdate'._
2012 Feb 2 10:14:12 [FVX538] [IKE] IPSec configuration with identifer "toWxxx" deleted sucessfully_
2012 Feb 2 10:14:12 [FVX538] [IKE] no phase2 bounded._
2012 Feb 2 10:14:12 [FVX538] [IKE] Sending Informational Exchange: delete payload[]_
2012 Feb 2 10:14:12 [FVX538] [IKE] Purged ISAKMP-SA with spi=e3b80f043bc3ce94:0fc9c759bf945edf._
2012 Feb 2 10:14:12 [FVX538] [IKE] an undead schedule has been deleted: 'purge_remote'._
2012 Feb 2 10:14:12 [FVX538] [IKE] IKE configuration with identifier "toWxxx" deleted sucessfully_
2012 Feb 2 10:14:12 [FVX538] [VPNKA] ifName: ixp0_
2012 Feb 2 10:14:14 [FVX538] [IKE] Could not find configuration for 83.64.222.111[500]_
- Last output repeated 2 times -
2012 Feb 2 10:14:37 [FVX538] [IKE] Adding IPSec configuration with identifier "toWxxx"_
2012 Feb 2 10:14:37 [FVX538] [IKE] Adding IKE configuration with identifer "toWxxx"_
2012 Feb 2 10:14:37 [FVX538] [IKE] accept a request to establish IKE-SA: 83.64.222.111_
2012 Feb 2 10:14:37 [FVX538] [VPNKA] ifName: ixp0_
2012 Feb 2 10:14:42 [FVX538] [IKE] Configuration found for 83.64.222.111._
2012 Feb 2 10:14:42 [FVX538] [IKE] Initiating new phase 1 negotiation: 188.94.99.11[500]<=>83.64.222.111[500]_
2012 Feb 2 10:14:42 [FVX538] [IKE] Beginning Aggressive mode._
2012 Feb 2 10:14:42 [FVX538] [IKE] NAT-Traversal is Enabled_
2012 Feb 2 10:14:44 [FVX538] [IKE] Configuration found for 83.64.222.111[500]._
2012 Feb 2 10:14:44 [FVX538] [IKE] Received request for new phase 1 negotiation: 188.94.99.11[500]<=>83.64.222.111[500]_
2012 Feb 2 10:14:44 [FVX538] [IKE] Beginning Aggressive mode._
2012 Feb 2 10:14:44 [FVX538] [IKE] Received Vendor ID: RFC XXXX_
2012 Feb 2 10:14:44 [FVX538] [IKE] Received Vendor ID: DPD_
2012 Feb 2 10:14:44 [FVX538] [IKE] For 83.64.222.111[500], Selected NAT-T version: RFC XXXX
2012 Feb 2 10:14:44 [FVX538] [IKE] Floating ports for NAT-T with peer 83.64.222.111[10027]_
2012 Feb 2 10:14:44 [FVX538] [IKE] NAT-D payload matches for 188.94.99.11[4500]_
2012 Feb 2 10:14:44 [FVX538] [IKE] NAT-D payload does not match for 83.64.222.111[10027]_
2012 Feb 2 10:14:44 [FVX538] [IKE] NAT detected: Peer is behind a NAT device_
2012 Feb 2 10:14:44 [FVX538] [IKE] ISAKMP-SA established for 188.94.99.11[4500]-83.64.222.111[10027] with spi:42e6cd8805e3b900:f0a27ea8a66883b6_
2012 Feb 2 10:14:44 [FVX538] [IKE] Sending Informational Exchange: notify payload[INITIAL-CONTACT]_
2012 Feb 2 10:14:45 [FVX538] [IKE] Initiating new phase 2 negotiation: 188.94.99.11[500]<=>83.64.222.111[0]_
2012 Feb 2 10:14:45 [FVX538] [IKE] Adjusting encryption mode to use UDP encapsulation_
2012 Feb 2 10:14:46 [FVX538] [IKE] Adjusting peer's encmode 3(3)->Tunnel(1)_
2012 Feb 2 10:14:46 [FVX538] [IKE] IPsec-SA established[UDP encap 10027->4500]: ESP/Tunnel 83.64.222.111->188.94.99.11 with spi=85746281(0x51c6269)_
2012 Feb 2 10:14:46 [FVX538] [IKE] IPsec-SA established[UDP encap 4500->10027]: ESP/Tunnel 188.94.99.11->83.64.222.111 with spi=97708385(0x5d2e961)_
2012 Feb 2 10:15:42 [FVX538] [IKE] Phase 1 negotiation failed due to time up for 83.64.222.111[500]. 739a422d3d56f365:0000000000000000_
2012 Feb 2 10:16:01 [FVX538] [IKE] Sending Informational Exchange: delete payload[]_
2012 Feb 2 10:16:01 [FVX538] [IKE] purged IPsec-SA proto_id=ESP spi=97708385._
2012 Feb 2 10:16:01 [FVX538] [IKE] purged IPsec-SA proto_id=ESP spi=85746281._
2012 Feb 2 10:16:01 [FVX538] [IKE] an undead schedule has been deleted: 'pk_recvupdate'._
2012 Feb 2 10:16:01 [FVX538] [IKE] IPSec configuration with identifer "toWxxx" deleted sucessfully_
2012 Feb 2 10:16:01 [FVX538] [IKE] no phase2 bounded._
2012 Feb 2 10:16:01 [FVX538] [IKE] Sending Informational Exchange: delete payload[]_
2012 Feb 2 10:16:01 [FVX538] [IKE] Purged ISAKMP-SA with spi=42e6cd8805e3b900:f0a27ea8a66883b6._
2012 Feb 2 10:16:01 [FVX538] [IKE] an undead schedule has been deleted: 'purge_remote'._
2012 Feb 2 10:16:01 [FVX538] [IKE] IKE configuration with identifier "toWxxx" deleted sucessfully_
2012 Feb 2 10:16:01 [FVX538] [VPNKA] ifName: ixp0_
2012 Feb 2 10:16:02 [FVX538] [IKE] Could not find configuration for 83.64.222.111[500]_
- Last output repeated 2 times -
2012 Feb 2 10:16:24 [FVX538] [IKE] Adding IPSec configuration with identifier "toWxxx"_
2012 Feb 2 10:16:24 [FVX538] [IKE] Adding IKE configuration with identifer "toWxxx"_
2012 Feb 2 10:16:24 [FVX538] [IKE] accept a request to establish IKE-SA: 83.64.222.111_
2012 Feb 2 10:16:24 [FVX538] [VPNKA] ifName: ixp0_
2012 Feb 2 10:16:29 [FVX538] [IKE] Configuration found for 83.64.222.111._
2012 Feb 2 10:16:29 [FVX538] [IKE] Initiating new phase 1 negotiation: 188.94.99.11[500]<=>83.64.222.111[500]_
2012 Feb 2 10:16:29 [FVX538] [IKE] Beginning Aggressive mode._
2012 Feb 2 10:16:29 [FVX538] [IKE] NAT-Traversal is Enabled_
2012 Feb 2 10:16:32 [FVX538] [IKE] Configuration found for 83.64.222.111[500]._
2012 Feb 2 10:16:32 [FVX538] [IKE] Received request for new phase 1 negotiation: 188.94.99.11[500]<=>83.64.222.111[500]_
2012 Feb 2 10:16:32 [FVX538] [IKE] Beginning Aggressive mode._
2012 Feb 2 10:16:32 [FVX538] [IKE] Received Vendor ID: RFC XXXX_
2012 Feb 2 10:16:32 [FVX538] [IKE] Received Vendor ID: DPD_
2012 Feb 2 10:16:32 [FVX538] [IKE] For 83.64.222.111[500], Selected NAT-T version: RFC XXXX
2012 Feb 2 10:16:33 [FVX538] [IKE] Floating ports for NAT-T with peer 83.64.222.111[10027]_
2012 Feb 2 10:16:33 [FVX538] [IKE] NAT-D payload matches for 188.94.99.11[4500]_
2012 Feb 2 10:16:33 [FVX538] [IKE] NAT-D payload does not match for 83.64.222.111[10027]_
2012 Feb 2 10:16:33 [FVX538] [IKE] NAT detected: Peer is behind a NAT device_
2012 Feb 2 10:16:33 [FVX538] [IKE] ISAKMP-SA established for 188.94.99.11[4500]-83.64.222.111[10027] with spi:ebab0b8e8b23cb93:e171a1aad8a919d2_
2012 Feb 2 10:16:33 [FVX538] [IKE] Sending Informational Exchange: notify payload[INITIAL-CONTACT]_
2012 Feb 2 10:16:33 [FVX538] [IKE] Initiating new phase 2 negotiation: 188.94.99.11[500]<=>83.64.222.111[0]_
2012 Feb 2 10:16:33 [FVX538] [IKE] Adjusting encryption mode to use UDP encapsulation_
2012 Feb 2 10:16:33 [FVX538] [IKE] Adjusting peer's encmode 3(3)->Tunnel(1)_
2012 Feb 2 10:16:33 [FVX538] [IKE] IPsec-SA established[UDP encap 10027->4500]: ESP/Tunnel 83.64.222.111->188.94.99.11 with spi=69469400(0x42404d8)_
2012 Feb 2 10:16:33 [FVX538] [IKE] IPsec-SA established[UDP encap 4500->10027]: ESP/Tunnel 188.94.99.11->83.64.222.111 with spi=29475742(0x1c1c39e)_
2012 Feb 2 10:17:29 [FVX538] [IKE] Phase 1 negotiation failed due to time up for 83.64.222.111[500]. 3f65964b57eef770:0000000000000000_
2012 Feb 2 10:44:05 [FVX538] [IKE] Configuration found for 83.64.222.111[500]._
2012 Feb 2 10:44:05 [FVX538] [IKE] Received request for new phase 1 negotiation: 188.94.99.11[500]<=>83.64.222.111[500]_
2012 Feb 2 10:44:05 [FVX538] [IKE] Beginning Aggressive mode._
2012 Feb 2 10:44:05 [FVX538] [IKE] Received Vendor ID: RFC XXXX_
2012 Feb 2 10:44:05 [FVX538] [IKE] Received Vendor ID: DPD_
2012 Feb 2 10:44:05 [FVX538] [IKE] For 83.64.222.111[500], Selected NAT-T version: RFC XXXX
2012 Feb 2 10:44:06 [FVX538] [IKE] Floating ports for NAT-T with peer 83.64.222.111[10027]_
2012 Feb 2 10:44:06 [FVX538] [IKE] NAT-D payload matches for 188.94.99.11[4500]_
2012 Feb 2 10:44:06 [FVX538] [IKE] NAT-D payload does not match for 83.64.222.111[10027]_
2012 Feb 2 10:44:06 [FVX538] [IKE] NAT detected: Peer is behind a NAT device_
2012 Feb 2 10:44:06 [FVX538] [IKE] ISAKMP-SA established for 188.94.99.11[4500]-83.64.222.111[10027] with spi:5f1d5ee038bb2b63:18062f38fe30bfb0_
2012 Feb 2 10:44:06 [FVX538] [IKE] purging spi=29475742._
2012 Feb 2 10:44:06 [FVX538] [IKE] an undead schedule has been deleted: 'pk_recvupdate'._
2012 Feb 2 10:44:06 [FVX538] [IKE] purging spi=69469400._
2012 Feb 2 10:44:06 [FVX538] [IKE] Responding to new phase 2 negotiation: 188.94.99.11[0]<=>83.64.222.111[0]_
2012 Feb 2 10:44:06 [FVX538] [IKE] Using IPsec SA configuration: 192.168.0.0/24<->192.168.1.0/24_
2012 Feb 2 10:44:06 [FVX538] [IKE] Adjusting peer's encmode 3(3)->Tunnel(1)_
2012 Feb 2 10:44:06 [FVX538] [IKE] Using IPsec SA configuration: 192.168.0.0/24<->192.168.1.0/24_
2012 Feb 2 10:44:06 [FVX538] [IKE] Configuration found for 83.64.222.111._
2012 Feb 2 10:44:06 [FVX538] [IKE] Initiating new phase 2 negotiation: 188.94.99.11[0]<=>83.64.222.111[0]_
2012 Feb 2 10:44:06 [FVX538] [IKE] Adjusting encryption mode to use UDP encapsulation_
2012 Feb 2 10:44:09 [FVX538] [IKE] Responding to new phase 2 negotiation: 188.94.99.11[0]<=>83.64.222.111[0]_
2012 Feb 2 10:44:09 [FVX538] [IKE] Using IPsec SA configuration: 192.168.0.0/24<->192.168.1.0/24_
2012 Feb 2 10:44:09 [FVX538] [IKE] Adjusting peer's encmode 3(3)->Tunnel(1)_
2012 Feb 2 10:44:11 [FVX538] [IKE] Failed 1 of 3 times to get DPD R-U-THERE-ACK from peer "83.64.222.111[10027]"_
2012 Feb 2 10:44:16 [FVX538] [IKE] The packet is retransmitted by 83.64.222.111[10027]._
- Last output repeated 9 times -
2012 Feb 2 10:45:06 [FVX538] [IKE] Phase 2 negotiation failed due to time up. 5f1d5ee038bb2b63:18062f38fe30bfb0:b124aead_
2012 Feb 2 10:45:06 [FVX538] [IKE] an undead schedule has been deleted: 'quick_r1prep'._
2012 Feb 2 10:45:06 [FVX538] [IKE] Phase 2 negotiation failed due to time up. 5f1d5ee038bb2b63:18062f38fe30bfb0:bf6a4414_
2012 Feb 2 10:45:06 [FVX538] [IKE] an undead schedule has been deleted: 'quick_i1prep'._
2012 Feb 2 10:45:09 [FVX538] [IKE] Phase 2 negotiation failed due to time up. 5f1d5ee038bb2b63:18062f38fe30bfb0:a7242691_
2012 Feb 2 10:45:09 [FVX538] [IKE] an undead schedule has been deleted: 'quick_r1prep'._
2012 Feb 2 10:45:11 [FVX538] [IKE] Failed 2 of 3 times to get DPD R-U-THERE-ACK from peer "83.64.222.111[10027]"_
2012 Feb 2 10:45:16 [FVX538] [IKE] Configuration found for 83.64.222.111[500]._
2012 Feb 2 10:45:16 [FVX538] [IKE] Received request for new phase 1 negotiation: 188.94.99.11[500]<=>83.64.222.111[500]_
2012 Feb 2 10:45:16 [FVX538] [IKE] Beginning Aggressive mode._
2012 Feb 2 10:45:16 [FVX538] [IKE] Received Vendor ID: RFC XXXX_
2012 Feb 2 10:45:16 [FVX538] [IKE] Received Vendor ID: DPD_
2012 Feb 2 10:45:16 [FVX538] [IKE] For 83.64.222.111[500], Selected NAT-T version: RFC XXXX
2012 Feb 2 10:45:16 [FVX538] [IKE] Floating ports for NAT-T with peer 83.64.222.111[10027]_
2012 Feb 2 10:45:16 [FVX538] [IKE] NAT-D payload matches for 188.94.99.11[4500]_
2012 Feb 2 10:45:16 [FVX538] [IKE] NAT-D payload does not match for 83.64.222.111[10027]_
2012 Feb 2 10:45:16 [FVX538] [IKE] NAT detected: Peer is behind a NAT device_
2012 Feb 2 10:45:16 [FVX538] [IKE] ISAKMP-SA established for 188.94.99.11[4500]-83.64.222.111[10027] with spi:364d0ad559a52e4b:aa386bf5ca705510_
2012 Feb 2 10:45:17 [FVX538] [IKE] Responding to new phase 2 negotiation: 188.94.99.11[0]<=>83.64.222.111[0]_
2012 Feb 2 10:45:17 [FVX538] [IKE] Using IPsec SA configuration: 192.168.0.0/24<->192.168.1.0/24_
2012 Feb 2 10:45:17 [FVX538] [IKE] Adjusting peer's encmode 3(3)->Tunnel(1)_
2012 Feb 2 10:45:27 [FVX538] [IKE] The packet is retransmitted by 83.64.222.111[10027]._
2012 Feb 2 10:45:36 [FVX538] [IKE] Failed 1 of 3 times to get DPD R-U-THERE-ACK from peer "83.64.222.111[10027]"_
2012 Feb 2 10:45:37 [FVX538] [IKE] The packet is retransmitted by 83.64.222.111[10027]._
2012 Feb 2 10:45:45 [FVX538] [IKE] Responding to new phase 2 negotiation: 188.94.99.11[0]<=>83.64.222.111[0]_
2012 Feb 2 10:45:45 [FVX538] [IKE] Using IPsec SA configuration: 192.168.0.0/24<->192.168.1.0/24_
2012 Feb 2 10:45:45 [FVX538] [IKE] Adjusting peer's encmode 3(3)->Tunnel(1)_
2012 Feb 2 10:45:47 [FVX538] [IKE] The packet is retransmitted by 83.64.222.111[10027]._
2012 Feb 2 10:45:55 [FVX538] [IKE] Using IPsec SA configuration: 192.168.0.0/24<->192.168.1.0/24_
2012 Feb 2 10:45:55 [FVX538] [IKE] Configuration found for 83.64.222.111._
2012 Feb 2 10:45:55 [FVX538] [IKE] Initiating new phase 2 negotiation: 188.94.99.11[0]<=>83.64.222.111[0]_
2012 Feb 2 10:45:55 [FVX538] [IKE] Adjusting encryption mode to use UDP encapsulation_
2012 Feb 2 10:45:55 [FVX538] [IKE] The packet is retransmitted by 83.64.222.111[10027]._
- Last output repeated 3 times -
2012 Feb 2 10:46:11 [FVX538] [IKE] Failed 3 of 3 times to get DPD R-U-THERE-ACK from peer "83.64.222.111[10027]"_
2012 Feb 2 10:46:11 [FVX538] [IKE] Peer 83.64.222.111 is detected as Dead, Tearing down the connection_
2012 Feb 2 10:46:11 [FVX538] [IKE] Purged ISAKMP-SA with spi=ebab0b8e8b23cb93:e171a1aad8a919d2._
2012 Feb 2 10:46:12 [FVX538] [IKE] ISAKMP-SA deleted for 188.94.99.11[4500]-83.64.222.111[10027] with spi:ebab0b8e8b23cb93:e171a1aad8a919d2_
2012 Feb 2 10:46:12 [FVX538] [IKE] Deleting PH1, Disable the sacreate lock_
2012 Feb 2 10:46:15 [FVX538] [IKE] The packet is retransmitted by 83.64.222.111[10027]._
Mitglied: goscho
02.02.2012 um 12:27 Uhr
Hallo Bernd,
deine Informationen helfen nicht, dieses Problem zu beheben.

Welche Art der Anschlüsse werden wie genutzt?
Ist denn der Router noch erreichbar, wenn das VPN nicht steht oder ist die Internetverbindung gestört?
Nutzt ihr DYN-DNS oder habt ihr öffentliche IP-Adressen für das VPN?

Warum haben die Router keine aktuelle Firmware installiert?
Wenn es der FVX538v1 ist, steht hier die aktuellste.
Für den FVX538v2 ist diese der letzte Stand.
Bitte warten ..
Mitglied: blueenzian
02.02.2012 um 12:45 Uhr
Hallo goscho

WAN1 ISP: "PPPoE"

Internet (IP) Address: "Use Static IP Address"

WAN Mode: "NAT" und "Use only single WAN port"


Internetverbindung läuft ohne Probleme.

An die Firmware habe ich mich noch nicht drangetraut.

Was könnte noch an Informationen hilfreich sein?
Gruß
Bitte warten ..
Mitglied: goscho
02.02.2012 um 13:53 Uhr
Ich wollte von dir eigentlich wissen, was für einen Internetanschluss ihr nutzt.
Es scheint ja ein Business-DSL-Anschluss zu sein.

Internetverbindung läuft ohne Probleme.
Wenn das VPN getrennt ist, läuft also die Internetverbindung problemfrei weiter, ja?
Habt ihr an beiden Standorten feste öffentliche IP-Adressen oder doch DYN-DNS eingerichtet?

An die Firmware habe ich mich noch nicht drangetraut.
Das sollte doch kein Problem sein.
Du sicherst die Konfiguration und spielst anschließend ein Firmwareupdate ein (wenn du mal ein paar Minuten auf die Verbindung verzichten kannst).
Sehr oft sind dort kleinere Probleme behoben.

Was könnte noch an Informationen hilfreich sein?
Ist ein idle-Timeout eingestellt?
Sind die MTU-Werte korrekt eingetragen (anhängig vom Provider und Anschluss).

Wenn die Kommunikation mit dem Router in der Zeit des VPN-Verbindungausfalls reibungslos klappt, dann schau dir bitte auch die anderen Logs an, nicht nur das VPN-Log.
Eventuell musst du dort noch einstellen, was alles geloggt werden soll.
Sollten diese Logs nichts ergeben, dann hilft eventuell ein Paketmitschnitt (auf dem Router für eine kurze Zeit möglich, ansonsten mit Wireshark).
Bitte warten ..
Neuester Wissensbeitrag
Ähnliche Inhalte
Firewall
Mobile VPN Geräte ohne Windows Firewall (7)

Frage von Milchmann89 zum Thema Firewall ...

Router & Routing
gelöst Netgear FVS338 - NAT VPN (9)

Frage von Multitask zum Thema Router & Routing ...

Firewall
gelöst Checkpoint Firewall - VPN CLient (5)

Frage von Leo-le zum Thema Firewall ...

Router & Routing
gelöst Fritzbox am FTTx-Anschluss ganz ohne Firewall ? (3)

Frage von Dilbert-MD zum Thema Router & Routing ...

Heiß diskutierte Inhalte
LAN, WAN, Wireless
FritzBox, zwei Server, verschiedene Netze (19)

Frage von DavidGl zum Thema LAN, WAN, Wireless ...

Windows Userverwaltung
Ausgeschiedene Mitarbeiter im Unternehmen - was tun mit den AD Konten? (19)

Frage von patz223 zum Thema Windows Userverwaltung ...

Windows Netzwerk
Windows 10 RDP geht nicht (18)

Frage von Fiasko zum Thema Windows Netzwerk ...

Viren und Trojaner
Aufgepasst: Neue Ransomware Goldeneye verbreitet sich rasant (15)

Link von Penny.Cilin zum Thema Viren und Trojaner ...