Page -> IPSEC-Ubuntu | Vistas : Página Discusión Ver fuente Historial |
De DIT-CDC
root@flant:~# vpnc --debug 2 /etc/vpnc/vpnc.conf Enter password for omar@138.4.5.199:
vpnc version 0.5.3
S1 init_sockaddr
[2012-05-14 18:59:19]
S2 make_socket
[2012-05-14 18:59:19]
S3 setup_tunnel
[2012-05-14 18:59:19] using interface tun0
S4 do_phase1_am
[2012-05-14 18:59:19]
S4.1 create_nonce
[2012-05-14 18:59:19]
S4.2 dh setup
[2012-05-14 18:59:19]
S4.3 AM packet_1
[2012-05-14 18:59:19]
S4.4 AM_packet2
[2012-05-14 18:59:19] (Cisco Unity) (DPD) (unknown) (Xauth) (Nat-T 02N) got ike lifetime attributes: 2147483 seconds IKE SA selected psk+xauth-3des-sha1 peer is DPD capable (RFC3706) peer is NAT-T capable (draft-02)\n peer is using type 130 (ISAKMP_PAYLOAD_NAT_D_OLD) for NAT-Discovery
payloads
peer is using type 130 (ISAKMP_PAYLOAD_NAT_D_OLD) for NAT-Discovery
payloads
NAT status: NAT-T VID seen, no NAT device detected
S4.5 AM_packet3
[2012-05-14 18:59:19]
S4.6 cleanup
[2012-05-14 18:59:19]
S5 do_phase2_xauth
[2012-05-14 18:59:19]
S5.1 xauth_request
[2012-05-14 18:59:19]
S5.2 notice_check
[2012-05-14 18:59:19] got ike lifetime attributes: 86400 seconds
S5.3 type-is-xauth check
[2012-05-14 18:59:19]
S5.4 xauth type check
[2012-05-14 18:59:19]
S5.5 do xauth reply
[2012-05-14 18:59:19]
S5.2 notice_check
[2012-05-14 18:59:19]
S5.3 type-is-xauth check
[2012-05-14 18:59:19]
S5.6 process xauth set
[2012-05-14 18:59:19]
S5.7 send xauth ack
[2012-05-14 18:59:19]
S5.8 xauth done
[2012-05-14 18:59:19]
S6 do_phase2_config
[2012-05-14 18:59:19]
S6.1 phase2_config send modecfg
[2012-05-14 18:59:19]
S6.2 phase2_config receive modecfg
[2012-05-14 18:59:19] got save password setting: 0 got 1 acls for split include acl 0: addr: 138.4.0.0/ 255.255.0.0 (16), protocol: 0,
sport: 0, dport: 0
Remote Application Version: Cisco IOS Software, 2800 Software
(C2800NM-ADVIPSERVICESK9-M), Version 12.4(18), RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Fri 30-Nov-07 16:36 by prod_rel_team
got address 138.4.6.9
S7 setup_link (phase 2 + main_loop)
[2012-05-14 18:59:19]
S7.0 run interface setup script
[2012-05-14 18:59:19]
S7.1 QM_packet1
[2012-05-14 18:59:19]
S7.2 QM_packet2 send_receive
[2012-05-14 18:59:19]
S7.3 QM_packet2 validate type
[2012-05-14 18:59:19]
S7.5 QM_packet2 check reject offer
[2012-05-14 18:59:19]
S7.6 QM_packet2 check and process proposal
[2012-05-14 18:59:19] got ipsec lifetime attributes: 2147483 seconds IPSEC SA selected 3des-md5 got ipsec lifetime attributes: 86400 seconds got ipsec lifetime attributes: 4608000 kilobyte
S7.7 QM_packet3 sent
[2012-05-14 18:59:19]
S7.8 setup ipsec tunnel
[2012-05-14 18:59:19]
S7.9 main loop (receive and transmit ipsec packets)
[2012-05-14 18:59:19] remote -> local spi: 0x4562f047 local -> remote spi: 0x4356aedd
VPNC started in background (pid: 12525)... root@flant:~# killall vpnc root@flant:~# ifconfig gre0 down root@flant:~# root@flant:~# cat /etc/vpnc/vpnc.conf IPSec gateway 138.4.5.199 IPSec ID usuario_comun IPSec secret passwd_comun Xauth username omar
- Xauth password
IKE DH Group dh2 root@flant:~#