Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPsec-VPN Windows 10 abbruch

    Scheduled Pinned Locked Moved Deutsch
    4 Posts 2 Posters 667 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      neoblade
      last edited by

      Hi zusammen,

      ich habe erfolgreich ein IPSec VPN eingerichtet. Dazu habe ich u.a. auch ein vpn mit Windows 10 Boardmitteln erstellt. Die Verbindung kommt zustande und ich kann auch alles erreichen (was ich benötige).

      Die Verbindung allerdings bleibt nach ca. 3-4 Minuten "hängen" und ich verliere die Verbindung. In W10 steht aber weiterhin, dass die Verbindung bestehen würde.
      Da ich ja aktiv über die Verbindung arbeite, kann kein Timeout (Leerlauf) "greifen"…

      Ich habe Knöppe auf den Augen und finde keinen Fehler.

      Hat jemand vielleicht eine Idee?

      Vielen Dank und Grüße

      Frank

      1 Reply Last reply Reply Quote 0
      • O
        o2051867
        last edited by

        Hallo,

        du könntest ja schon mal einen Auszug aus dem IPSec Log hier posten.
        Vielleicht findet sich da ein Hinweis darauf.

        Viele Grüße

        1 Reply Last reply Reply Quote 0
        • N
          neoblade
          last edited by

          Hallo, komischer Weise "hält" die Verbindung heute schon länger…

          Ist immer ein doofer Fehler, wenn er sich nicht reproduzieren lässt :-(
          Das ganze ist folgender Maßen aufgebaut Fritte (Telekom)-->pfsense-->intern

          Hier mal der aktuelle Auszug:
          Oct 30 11:29:56 charon 12[ENC] <con1|15>parsed INFORMATIONAL response 64 [ ]
          Oct 30 11:29:56 charon 12[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (80 bytes)
          Oct 30 11:29:56 charon 12[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
          Oct 30 11:29:56 charon 12[ENC] <con1|15>generating INFORMATIONAL request 64 [ ]
          Oct 30 11:29:56 charon 12[IKE] <con1|15>sending DPD request
          Oct 30 11:29:34 charon 11[ENC] <con1|15>parsed INFORMATIONAL response 63 [ ]
          Oct 30 11:29:34 charon 11[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (80 bytes)
          Oct 30 11:29:34 charon 11[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
          Oct 30 11:29:34 charon 11[ENC] <con1|15>generating INFORMATIONAL request 63 [ ]
          Oct 30 11:29:34 charon 11[IKE] <con1|15>sending DPD request
          Oct 30 11:29:24 charon 11[ENC] <con1|15>parsed INFORMATIONAL response 62 [ ]
          Oct 30 11:29:24 charon 11[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (80 bytes)
          Oct 30 11:29:24 charon 11[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
          Oct 30 11:29:24 charon 11[ENC] <con1|15>generating INFORMATIONAL request 62 [ ]
          Oct 30 11:29:24 charon 11[IKE] <con1|15>sending DPD request
          Oct 30 11:28:55 charon 11[ENC] <con1|15>parsed INFORMATIONAL response 61 [ ]
          Oct 30 11:28:55 charon 11[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (80 bytes)
          Oct 30 11:28:55 charon 11[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
          Oct 30 11:28:55 charon 11[ENC] <con1|15>generating INFORMATIONAL request 61 [ ]
          Oct 30 11:28:55 charon 11[IKE] <con1|15>sending DPD request
          Oct 30 11:28:44 charon 13[ENC] <con1|15>parsed INFORMATIONAL response 60 [ ]
          Oct 30 11:28:44 charon 13[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (80 bytes)
          Oct 30 11:28:44 charon 13[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
          Oct 30 11:28:44 charon 13[ENC] <con1|15>generating INFORMATIONAL request 60 [ ]
          Oct 30 11:28:44 charon 13[IKE] <con1|15>sending DPD request
          Oct 30 11:28:22 charon 13[ENC] <con1|15>parsed INFORMATIONAL response 59 [ ]
          Oct 30 11:28:22 charon 13[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (80 bytes)
          Oct 30 11:28:22 charon 13[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
          Oct 30 11:28:22 charon 13[ENC] <con1|15>generating INFORMATIONAL request 59 [ ]
          Oct 30 11:28:22 charon 13[IKE] <con1|15>sending DPD request
          Oct 30 11:28:12 charon 13[ENC] <con1|15>parsed INFORMATIONAL response 58 [ ]
          Oct 30 11:28:12 charon 13[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (80 bytes)
          Oct 30 11:28:12 charon 13[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
          Oct 30 11:28:12 charon 13[ENC] <con1|15>generating INFORMATIONAL request 58 [ ]
          Oct 30 11:28:12 charon 13[IKE] <con1|15>sending DPD request
          Oct 30 11:28:02 charon 13[ENC] <con1|15>parsed INFORMATIONAL response 57 [ ]
          Oct 30 11:28:02 charon 13[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (80 bytes)
          Oct 30 11:28:02 charon 13[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
          Oct 30 11:28:02 charon 13[ENC] <con1|15>generating INFORMATIONAL request 57 [ ]
          Oct 30 11:28:02 charon 13[IKE] <con1|15>sending DPD request
          Oct 30 11:27:52 charon 13[ENC] <con1|15>parsed INFORMATIONAL response 56 [ ]
          Oct 30 11:27:52 charon 13[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (80 bytes)
          Oct 30 11:27:52 charon 13[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
          Oct 30 11:27:52 charon 13[ENC] <con1|15>generating INFORMATIONAL request 56 [ ]
          Oct 30 11:27:52 charon 13[IKE] <con1|15>sending DPD request
          Oct 30 11:27:15 charon 16[ENC] <con1|15>parsed INFORMATIONAL response 55 [ ]
          Oct 30 11:27:15 charon 16[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (80 bytes)
          Oct 30 11:27:15 charon 16[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
          Oct 30 11:27:15 charon 16[ENC] <con1|15>generating INFORMATIONAL request 55 [ ]
          Oct 30 11:27:15 charon 16[IKE] <con1|15>sending DPD request</con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15>

          1 Reply Last reply Reply Quote 0
          • N
            neoblade
            last edited by

            und just ist der Tunnel weg…
            LOG:
            Oct 30 11:58:59 charon 14[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
            Oct 30 11:58:59 charon 14[ENC] <con1|15>generating CREATE_CHILD_SA response 74 [ N(TS_UNACCEPT) ]
            Oct 30 11:58:59 charon 14[IKE] <con1|15>failed to establish CHILD_SA, keeping IKE_SA
            Oct 30 11:58:59 charon 14[IKE] <con1|15>traffic selectors 0.0.0.0/0|/0 ::/0|/0 === 0.0.0.0/0|/0 ::/0|/0 inacceptable
            Oct 30 11:58:59 charon 14[ENC] <con1|15>parsed CREATE_CHILD_SA request 74 [ SA No TSi TSr ]
            Oct 30 11:58:59 charon 14[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (304 bytes)
            Oct 30 11:58:56 charon 14[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
            Oct 30 11:58:56 charon 14[ENC] <con1|15>generating CREATE_CHILD_SA response 73 [ N(TS_UNACCEPT) ]
            Oct 30 11:58:56 charon 14[IKE] <con1|15>failed to establish CHILD_SA, keeping IKE_SA
            Oct 30 11:58:56 charon 14[IKE] <con1|15>traffic selectors 0.0.0.0/0|/0 ::/0|/0 === 0.0.0.0/0|/0 ::/0|/0 inacceptable
            Oct 30 11:58:56 charon 14[ENC] <con1|15>parsed CREATE_CHILD_SA request 73 [ SA No TSi TSr ]
            Oct 30 11:58:56 charon 14[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (304 bytes)
            Oct 30 11:58:56 charon 14[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
            Oct 30 11:58:56 charon 14[ENC] <con1|15>generating CREATE_CHILD_SA response 72 [ N(TS_UNACCEPT) ]
            Oct 30 11:58:56 charon 14[IKE] <con1|15>failed to establish CHILD_SA, keeping IKE_SA
            Oct 30 11:58:56 charon 14[IKE] <con1|15>traffic selectors 0.0.0.0/0|/0 ::/0|/0 === 0.0.0.0/0|/0 ::/0|/0 inacceptable
            Oct 30 11:58:56 charon 14[ENC] <con1|15>parsed CREATE_CHILD_SA request 72 [ SA No TSi TSr ]
            Oct 30 11:58:56 charon 14[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (304 bytes)
            Oct 30 11:58:56 charon 14[CFG] added configuration 'con1'
            Oct 30 11:58:56 charon 14[CFG] loaded certificate "C=DE, ST=North-Rhine-Westphalen, L=cologne, O=IT, E=flyfrank@XXX.XX, CN=XXXXXXX.de, OU=IT" from '/var/etc/ipsec/ipsec.d/certs/cert-1.crt'
            Oct 30 11:58:56 charon 14[CFG] reusing virtual IP address pool 10.98.1.0/24
            Oct 30 11:58:56 charon 14[CFG] received stroke: add connection 'con1'
            Oct 30 11:58:56 ipsec_starter 3990 'bypasslan' shunt PASS policy installed
            Oct 30 11:58:56 charon 14[CFG] received stroke: route 'bypasslan'
            Oct 30 11:58:56 charon 14[CFG] added configuration 'bypasslan'
            Oct 30 11:58:56 charon 14[CFG] received stroke: add connection 'bypasslan'
            Oct 30 11:58:56 charon 14[CFG] deleted connection 'con1'
            Oct 30 11:58:56 charon 14[CFG] received stroke: delete connection 'con1'
            Oct 30 11:58:56 charon 07[CFG] deleted connection 'bypasslan'
            Oct 30 11:58:56 charon 07[CFG] received stroke: delete connection 'bypasslan'
            Oct 30 11:58:56 ipsec_starter 3990 shunt policy 'bypasslan' uninstalled
            Oct 30 11:58:56 charon 15[CFG] received stroke: unroute 'bypasslan'
            Oct 30 11:58:56 charon 07[CFG] rereading crls from '/usr/local/etc/ipsec.d/crls'
            Oct 30 11:58:56 charon 07[CFG] rereading attribute certificates from '/usr/local/etc/ipsec.d/acerts'
            Oct 30 11:58:56 charon 07[CFG] rereading ocsp signer certificates from '/usr/local/etc/ipsec.d/ocspcerts'
            Oct 30 11:58:56 charon 07[CFG] rereading aa certificates from '/usr/local/etc/ipsec.d/aacerts'
            Oct 30 11:58:56 charon 07[CFG] loaded ca certificate "C=DE, ST=North-Rhine-Westphalen, L=cologne, O=IT, E=flyfrank@XXX.XX, CN=vpnca, OU=IT" from '/usr/local/etc/ipsec.d/cacerts/2f1593d6.0.crt'
            Oct 30 11:58:56 charon 07[CFG] rereading ca certificates from '/usr/local/etc/ipsec.d/cacerts'
            Oct 30 11:58:56 charon 07[CFG] loaded EAP secret for anderson@XXXXX.de
            Oct 30 11:58:56 charon 07[CFG] loaded RSA private key from '/var/etc/ipsec/ipsec.d/private/cert-1.key'
            Oct 30 11:58:56 charon 07[CFG] loading secrets from '/var/etc/ipsec/ipsec.secrets'
            Oct 30 11:58:56 charon 07[CFG] rereading secrets
            Oct 30 11:58:55 charon 12[NET] <con1|15>sending packet: from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[30752] (80 bytes)
            Oct 30 11:58:55 charon 12[ENC] <con1|15>generating CREATE_CHILD_SA response 71 [ N(NO_PROP) ]
            Oct 30 11:58:55 charon 12[IKE] <con1|15>failed to establish CHILD_SA, keeping IKE_SA
            Oct 30 11:58:55 charon 12[IKE] <con1|15>no acceptable proposal found
            Oct 30 11:58:55 charon 12[CFG] <con1|15>configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_384_192/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_512_256/MODP_2048/NO_EXT_SEQ
            Oct 30 11:58:55 charon 12[CFG] <con1|15>received proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
            Oct 30 11:58:55 charon 12[ENC] <con1|15>parsed CREATE_CHILD_SA request 71 [ SA No TSi TSr ]
            Oct 30 11:58:55 charon 12[NET] <con1|15>received packet: from YYY.YYY.YYY.YYY[30752] to XXX.XXX.XXX.XXX[4500] (304 bytes)</con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15></con1|15>

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.