Problema com VPN IPSEC conecta apenas em uma maquina



  • Boa Tarde Pessoal, estou com um problema que nao consigo entende o que pode estar errado, tenho configurado VPN IPsec para conexoes externas de funcionarios geralmente no MacBook, tenho os usuarios cadastrados no L2TP para acessos, tudo funcionava normalmente porem agora apenas uma maquina especifica conesegeu conectar as outras nao

    Alguem sabe o que poderia ser
    https://imgur.com/a/isnlXut
    vpn



  • @willfranco alguem conseguiria me ajudar?



  • Percebi que refazendo toda a configuração a primeira maquina que conecta na vpn fica sempre funcionando todas as demais não conecta, Exemplo maquina A é a primeira conectar depois da configuração dos túneis vai de boa a Maquina B e C nao conecta, se eu desfazer os túneis e a primeira maquina a se conectar for a B ela vai de boa e as outras não



  • log da maquina que nao conecta, alguém me da uma luz!!!!

    Aug 10 17:40:51	charon		11[IKE] <13> IKE_SA (unnamed)[13] state change: CONNECTING => DESTROYING
    Aug 10 17:40:51	charon		11[JOB] <13> deleting half open IKE_SA with 177.58.239.34 after timeout
    Aug 10 17:40:44	charon		11[IKE] <13> ID_PROT request with message ID 0 processing failed
    Aug 10 17:40:44	charon		11[NET] <13> sending packet: from 177.68.148.144[500] to 177.58.239.34[29556] (76 bytes)
    Aug 10 17:40:44	charon		11[ENC] <13> generating INFORMATIONAL_V1 request 3798514334 [ HASH N(PLD_MAL) ]
    Aug 10 17:40:44	charon		11[IKE] <13> message parsing failed
    Aug 10 17:40:44	charon		11[ENC] <13> could not decrypt payloads
    Aug 10 17:40:44	charon		11[ENC] <13> invalid ID_V1 payload length, decryption failed?
    Aug 10 17:40:44	charon		11[NET] <13> received packet: from 177.58.239.34[29524] to 177.68.148.144[4500] (108 bytes)
    Aug 10 17:40:31	charon		11[IKE] <13> ID_PROT request with message ID 0 processing failed
    Aug 10 17:40:31	charon		11[NET] <13> sending packet: from 177.68.148.144[500] to 177.58.239.34[29556] (76 bytes)
    Aug 10 17:40:31	charon		11[ENC] <13> generating INFORMATIONAL_V1 request 2917947375 [ HASH N(PLD_MAL) ]
    Aug 10 17:40:31	charon		11[IKE] <13> message parsing failed
    Aug 10 17:40:31	charon		11[ENC] <13> could not decrypt payloads
    Aug 10 17:40:31	charon		11[ENC] <13> invalid ID_V1 payload length, decryption failed?
    Aug 10 17:40:31	charon		11[NET] <13> received packet: from 177.58.239.34[29524] to 177.68.148.144[4500] (108 bytes)
    Aug 10 17:40:28	charon		11[IKE] <13> ID_PROT request with message ID 0 processing failed
    Aug 10 17:40:28	charon		11[NET] <13> sending packet: from 177.68.148.144[500] to 177.58.239.34[29556] (76 bytes)
    Aug 10 17:40:28	charon		11[ENC] <13> generating INFORMATIONAL_V1 request 3688728202 [ HASH N(PLD_MAL) ]
    Aug 10 17:40:28	charon		11[IKE] <13> message parsing failed
    Aug 10 17:40:28	charon		11[ENC] <13> could not decrypt payloads
    Aug 10 17:40:28	charon		11[ENC] <13> invalid ID_V1 payload length, decryption failed?
    Aug 10 17:40:28	charon		11[NET] <13> received packet: from 177.58.239.34[29524] to 177.68.148.144[4500] (108 bytes)
    Aug 10 17:40:25	charon		11[IKE] <13> ID_PROT request with message ID 0 processing failed
    Aug 10 17:40:25	charon		11[NET] <13> sending packet: from 177.68.148.144[500] to 177.58.239.34[29556] (76 bytes)
    Aug 10 17:40:25	charon		11[ENC] <13> generating INFORMATIONAL_V1 request 1505104153 [ HASH N(PLD_MAL) ]
    Aug 10 17:40:25	charon		11[IKE] <13> message parsing failed
    Aug 10 17:40:25	charon		11[ENC] <13> could not decrypt payloads
    Aug 10 17:40:25	charon		11[ENC] <13> invalid ID_V1 payload length, decryption failed?
    Aug 10 17:40:25	charon		11[NET] <13> received packet: from 177.58.239.34[29524] to 177.68.148.144[4500] (108 bytes)
    Aug 10 17:40:22	charon		11[IKE] <13> ID_PROT request with message ID 0 processing failed
    Aug 10 17:40:22	charon		11[NET] <13> sending packet: from 177.68.148.144[500] to 177.58.239.34[29556] (76 bytes)
    Aug 10 17:40:22	charon		11[ENC] <13> generating INFORMATIONAL_V1 request 540116142 [ HASH N(PLD_MAL) ]
    Aug 10 17:40:22	charon		11[IKE] <13> message parsing failed
    Aug 10 17:40:22	charon		11[ENC] <13> could not decrypt payloads
    Aug 10 17:40:22	charon		11[ENC] <13> invalid ID_V1 payload length, decryption failed?
    Aug 10 17:40:22	charon		11[NET] <13> received packet: from 177.58.239.34[29524] to 177.68.148.144[4500] (108 bytes)
    Aug 10 17:40:21	charon		11[NET] <13> sending packet: from 177.68.148.144[500] to 177.58.239.34[29556] (244 bytes)
    Aug 10 17:40:21	charon		11[ENC] <13> generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
    Aug 10 17:40:21	charon		11[CFG] <13> candidate "con1", match: 1/1/28 (me/other/ike)
    Aug 10 17:40:21	charon		11[CFG] <13> candidate "bypasslan", match: 1/1/24 (me/other/ike)
    Aug 10 17:40:21	charon		11[IKE] <13> remote host is behind NAT
    Aug 10 17:40:21	charon		11[ENC] <13> parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
    Aug 10 17:40:21	charon		11[NET] <13> received packet: from 177.58.239.34[29556] to 177.68.148.144[500] (228 bytes)
    Aug 10 17:40:21	charon		11[NET] <13> sending packet: from 177.68.148.144[500] to 177.58.239.34[29556] (160 bytes)
    Aug 10 17:40:21	charon		11[ENC] <13> generating ID_PROT response 0 [ SA V V V V ]
    Aug 10 17:40:21	charon		11[IKE] <13> sending NAT-T (RFC 3947) vendor ID
    Aug 10 17:40:21	charon		11[IKE] <13> sending FRAGMENTATION vendor ID
    Aug 10 17:40:21	charon		11[IKE] <13> sending DPD vendor ID
    Aug 10 17:40:21	charon		11[IKE] <13> sending XAuth vendor ID
    Aug 10 17:40:21	charon		11[CFG] <13> selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
    Aug 10 17:40:21	charon		11[CFG] <13> configured proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
    Aug 10 17:40:21	charon		11[CFG] <13> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:AES_CBC_256/HMAC_MD5_96/PRF_HMAC_MD5/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1536, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536, IKE:AES_CBC_256/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1536, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_256/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_128/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024
    Aug 10 17:40:21	charon		11[CFG] <13> proposal matches
    Aug 10 17:40:21	charon		11[CFG] <13> selecting proposal:
    Aug 10 17:40:21	charon		11[CFG] <13> no acceptable PSEUDO_RANDOM_FUNCTION found
    Aug 10 17:40:21	charon		11[CFG] <13> selecting proposal:
    Aug 10 17:40:21	charon		11[CFG] <13> no acceptable PSEUDO_RANDOM_FUNCTION found
    Aug 10 17:40:21	charon		11[CFG] <13> selecting proposal:
    Aug 10 17:40:21	charon		11[CFG] <13> no acceptable DIFFIE_HELLMAN_GROUP found
    Aug 10 17:40:21	charon		11[CFG] <13> selecting proposal:
    Aug 10 17:40:21	charon		11[CFG] <13> no acceptable PSEUDO_RANDOM_FUNCTION found
    Aug 10 17:40:21	charon		11[CFG] <13> selecting proposal:
    Aug 10 17:40:21	charon		11[CFG] <13> no acceptable PSEUDO_RANDOM_FUNCTION found
    Aug 10 17:40:21	charon		11[CFG] <13> selecting proposal:
    Aug 10 17:40:21	charon		11[CFG] <13> no acceptable PSEUDO_RANDOM_FUNCTION found
    Aug 10 17:40:21	charon		11[CFG] <13> selecting proposal:
    Aug 10 17:40:21	charon		11[CFG] <13> no acceptable DIFFIE_HELLMAN_GROUP found
    Aug 10 17:40:21	charon		11[CFG] <13> selecting proposal:
    Aug 10 17:40:21	charon		11[CFG] <13> no acceptable PSEUDO_RANDOM_FUNCTION found
    Aug 10 17:40:21	charon		11[CFG] <13> selecting proposal:
    Aug 10 17:40:21	charon		11[IKE] <13> IKE_SA (unnamed)[13] state change: CREATED => CONNECTING
    Aug 10 17:40:21	charon		11[IKE] <13> 177.58.239.34 is initiating a Main Mode IKE_SA
    Aug 10 17:40:21	charon		11[IKE] <13> received DPD vendor ID
    Aug 10 17:40:21	charon		11[IKE] <13> received FRAGMENTATION vendor ID
    Aug 10 17:40:21	charon		11[IKE] <13> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
    Aug 10 17:40:21	charon		11[IKE] <13> received draft-ietf-ipsec-nat-t-ike-02 vendor ID
    Aug 10 17:40:21	charon		11[IKE] <13> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
    Aug 10 17:40:21	charon		11[IKE] <13> received draft-ietf-ipsec-nat-t-ike-04 vendor ID
    Aug 10 17:40:21	charon		11[IKE] <13> received draft-ietf-ipsec-nat-t-ike-05 vendor ID
    


  • @willfranco
    Boa Tarde @marcelloc consegue me auxiliar nesse quesito?



  • A mensagem está cheia de erros de IPSEC.
    Confere as chaves e identificadores definidos em cada um dos lados.


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy