SG-3100 IPSec –-
-
I am attempting to start a IPSec tunnel from a SG-3100 that was upgraded to a 2.4.2_1..
Comcast – DMZ Port -- 3100 WAN --- 3100 LAN --
So first issue is the Web page never updates / refreshes when I try and enable the Link (P2 & P1) But if I try and Disable them it refreshes immed..
I should note that this worked previously from a Comcast link with Multiple IPs and in Bridge mode, but I don't have the luxury here..
-- My Identifier is - Dynamic DNS With the FQN and that can be pinged and is validated.
-- Peer Identifier - Is Peer IP Address (Is this correct ??)
Must be missing something, but not really sure what at this point -
Any help guidance appreciated --
-
So I forgot to mention –
No matter how long I let the Enable Apply Spin, the Status IP Sec indicates "No IPSEC Status available"
The Log has a number of entries -- Ending with --
Feb 7 14:09:19 charon 00[DMN] signal of type SIGINT received. Shutting down
-
One more part –
Feb 7 14:07:00 charon 13[NET] <con1000|3>sending packet: from 172.16.200.20[500] to xxx.xxxx.xxx.x[500] (180 bytes) Feb 7 14:07:00 charon 13[NET] <con1000|3>received packet: from xxx.xxx.xxx.x[500] to 172.16.200.20[500] (160 bytes) Feb 7 14:07:00 charon 13[ENC] <con1000|3>parsed ID_PROT response 0 [ SA V V V V ] Feb 7 14:07:00 charon 13[IKE] <con1000|3>received XAuth vendor ID Feb 7 14:07:00 charon 13[IKE] <con1000|3>received DPD vendor ID Feb 7 14:07:00 charon 13[IKE] <con1000|3>received FRAGMENTATION vendor ID Feb 7 14:07:00 charon 13[IKE] <con1000|3>received NAT-T (RFC 3947) vendor ID Feb 7 14:07:00 charon 13[ENC] <con1000|3>generating ID_PROT request 0 [ KE No NAT-D NAT-D ] Feb 7 14:07:00 charon 13[NET] <con1000|3>sending packet: from 172.16.200.20[500] to xxx.xxxx.xxx.x[500] (244 bytes) Feb 7 14:07:00 charon 13[NET] <con1000|3>received packet: from xxx.xxx.xxx.x[500] to 172.16.200.20[500] (244 bytes) Feb 7 14:07:00 charon 13[ENC] <con1000|3>parsed ID_PROT response 0 [ KE No NAT-D NAT-D ] Feb 7 14:07:00 charon 13[IKE] <con1000|3>local host is behind NAT, sending keep alives Feb 7 14:07:00 charon 13[ENC] <con1000|3>generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ] Feb 7 14:07:00 charon 13[NET] <con1000|3>sending packet: from 172.16.200.20[4500] to xxx.xxx.xxx.x[4500] (108 bytes) Feb 7 14:07:01 charon 13[NET] <con1000|3>received packet: from xxx.xxx.xxx.x[4500] to 172.16.200.20[4500] (92 bytes) Feb 7 14:07:01 charon 13[ENC] <con1000|3>parsed INFORMATIONAL_V1 request 907020096 [ HASH N(AUTH_FAILED) ] Feb 7 14:07:01 charon 13[IKE] <con1000|3>received AUTHENTICATION_FAILED error notify Feb 7 14:09:19 charon 00[DMN] signal of type SIGINT received. Shutting down</con1000|3></con1000|3></con1000|3></con1000|3></con1000|3></con1000|3></con1000|3></con1000|3></con1000|3></con1000|3></con1000|3></con1000|3></con1000|3></con1000|3></con1000|3></con1000|3></con1000|3>