Page -> IPSEC-Ubuntu Vistas :  Página  Discusión  Ver fuente  Historial 

De DIT-CDC

Revisión a fecha de 11:45 22 mayo 2012; Omar (Discusión | contribuciones)

(dif) ← Revisión anterior | Revisión actual (dif) | Revisión siguiente → (dif)

root@flant:~# vpnc --debug 2 /etc/vpnc/vpnc.conf Enter password for omar@138.4.5.199:

vpnc version 0.5.3

S1 init_sockaddr

[2012-05-14 18:59:19]

S2 make_socket

[2012-05-14 18:59:19]

S3 setup_tunnel

[2012-05-14 18:59:19]
  using interface tun0

S4 do_phase1_am

[2012-05-14 18:59:19]

S4.1 create_nonce

[2012-05-14 18:59:19]

S4.2 dh setup

[2012-05-14 18:59:19]

S4.3 AM packet_1

[2012-05-14 18:59:19]

S4.4 AM_packet2

[2012-05-14 18:59:19]
  (Cisco Unity)
  (DPD)
  (unknown)
  (Xauth)
  (Nat-T 02N)
  got ike lifetime attributes: 2147483 seconds
  IKE SA selected psk+xauth-3des-sha1
  peer is DPD capable (RFC3706)
  peer is NAT-T capable (draft-02)\n
  peer is using type 130 (ISAKMP_PAYLOAD_NAT_D_OLD) for NAT-Discovery 

payloads

  peer is using type 130 (ISAKMP_PAYLOAD_NAT_D_OLD) for NAT-Discovery 

payloads

  NAT status: NAT-T VID seen, no NAT device detected

S4.5 AM_packet3

[2012-05-14 18:59:19]

S4.6 cleanup

[2012-05-14 18:59:19]

S5 do_phase2_xauth

[2012-05-14 18:59:19]

S5.1 xauth_request

[2012-05-14 18:59:19]

S5.2 notice_check

[2012-05-14 18:59:19]
  got ike lifetime attributes: 86400 seconds

S5.3 type-is-xauth check

[2012-05-14 18:59:19]

S5.4 xauth type check

[2012-05-14 18:59:19]

S5.5 do xauth reply

[2012-05-14 18:59:19]

S5.2 notice_check

[2012-05-14 18:59:19]

S5.3 type-is-xauth check

[2012-05-14 18:59:19]

S5.6 process xauth set

[2012-05-14 18:59:19]

S5.7 send xauth ack

[2012-05-14 18:59:19]

S5.8 xauth done

[2012-05-14 18:59:19]

S6 do_phase2_config

[2012-05-14 18:59:19]

S6.1 phase2_config send modecfg

[2012-05-14 18:59:19]

S6.2 phase2_config receive modecfg

[2012-05-14 18:59:19]
  got save password setting: 0
  got 1 acls for split include
  acl 0:    addr: 138.4.0.0/   255.255.0.0    (16),    protocol: 0,    

sport: 0, dport: 0

  Remote Application Version:    Cisco IOS Software, 2800 Software 

(C2800NM-ADVIPSERVICESK9-M), Version 12.4(18), RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Fri 30-Nov-07 16:36 by prod_rel_team

  got address 138.4.6.9

S7 setup_link (phase 2 + main_loop)

[2012-05-14 18:59:19]

S7.0 run interface setup script

[2012-05-14 18:59:19]

S7.1 QM_packet1

[2012-05-14 18:59:19]

S7.2 QM_packet2 send_receive

[2012-05-14 18:59:19]

S7.3 QM_packet2 validate type

[2012-05-14 18:59:19]

S7.5 QM_packet2 check reject offer

[2012-05-14 18:59:19]

S7.6 QM_packet2 check and process proposal

[2012-05-14 18:59:19]
  got ipsec lifetime attributes: 2147483 seconds
  IPSEC SA selected 3des-md5
  got ipsec lifetime attributes: 86400 seconds
  got ipsec lifetime attributes: 4608000 kilobyte

S7.7 QM_packet3 sent

[2012-05-14 18:59:19]

S7.8 setup ipsec tunnel

[2012-05-14 18:59:19]

S7.9 main loop (receive and transmit ipsec packets)

[2012-05-14 18:59:19]
  remote -> local spi: 0x4562f047
  local -> remote spi: 0x4356aedd

VPNC started in background (pid: 12525)... root@flant:~# killall vpnc root@flant:~# ifconfig gre0 down root@flant:~# root@flant:~# cat /etc/vpnc/vpnc.conf IPSec gateway 138.4.5.199 IPSec ID usuario_comun IPSec secret passwd_comun Xauth username omar

  1. Xauth password

IKE DH Group dh2 root@flant:~#




Navegación
Enlaces externos
Herramientas personales