4. Zyxel p662hw-d1 ipsec

Zyxel p662hw-d1 ipsec

  • Y

    merkezde pfsense  kullanıyorum ve 2 tanede şube var onlarda da zyxel modem var forumdaki kurulum yönergelerine göre kurulum yaptım ama sonuçta aşşağıdaki gibi log oluştur daha önce kurulum yapan ve uygulayan arkadaşlardan yardımcı olurlarsa sevinirim
    racoon: [sube]: [83.66.99.176] ERROR: phase2 negotiation failed due to time up waiting for phase1 [Remote Side not responding]. ESP 83.66.99.176[0]->192.168.1.35[0]
    Jan 14 10:00:57 racoon: INFO: delete phase 2 handler.
    Jan 14 10:01:40 racoon: [sube]: INFO: IPsec-SA request for 83.66.99.176 queued due to no phase1 found.
    Jan 14 10:01:40 racoon: [sube]: INFO: initiate new phase 1 negotiation: 192.168.1.35[500]<=>83.66.99.176[500]
    Jan 14 10:01:40 racoon: INFO: begin Aggressive mode.
    Jan 14 10:02:11 racoon: [sube]: [83.66.99.176] ERROR: phase2 negotiation failed due to time up waiting for phase1 [Remote Side not responding]. ESP 83.66.99.176[0]->192.168.1.35[0]
    Jan 14 10:02:11 racoon: INFO: delete phase 2 handler.

    0

  • pfsense ve modem ekran görüntülerini yollayın bakalım

    0
  • Y

    pfsense görüntüleri




    0
  • Y

    modem resimleri




    0

  • 1- her iki tarftaki lifetime'ları eşitleyin kimisi 2600 kimisi 28800 olmasın hepsi 28800 olsun (hem pfsense phase1 phase2 hem de modem tarafını eşitleyin))
    2- zyxel tarafında address information kısmında local id content (dikkat sadece bunu) kısmıdaki 83.66 . lı ip adresini 192.168.1.1 ile dğiştirin

    böyle deneyein
    olmaz ise

    3- pfsense phase2 ayarlarında pfs key grup 2 seçip zyxelde de phase2 altında pfs'yi 2 seçin

    bir de böyle deneyin

    0
  • Y

    en son aldığım hatalar aşşağıdaki gibi birde modem tarafında Address Information> content mi yoksa my ıp adress tarafına mı local ıp yi yazacağım.

    Jan 14 13:07:03 racoon: [sube]: [83.66.99.176] ERROR: phase2 negotiation failed due to time up waiting for phase1 [Remote Side not responding]. ESP 83.66.99.176[0]->192.168.1.35[0]
    Jan 14 13:07:03 racoon: INFO: delete phase 2 handler.
    Jan 14 13:07:22 racoon: ERROR: phase1 negotiation failed due to time up. 4c2b7770cf046f18:0000000000000000
    Jan 14 13:07:34 racoon: INFO: unsupported PF_KEY message REGISTER
    Jan 14 13:07:34 racoon: ERROR: such policy already exists. anyway replace it: 192.168.1.1/24[0] 192.168.0.0/24[0] proto=any dir=in
    Jan 14 13:07:34 racoon: ERROR: such policy already exists. anyway replace it: 192.168.0.0/24[0] 192.168.1.1/24[0] proto=any dir=out
    Jan 14 13:07:34 racoon: INFO: unsupported PF_KEY message REGISTER
    Jan 14 13:07:40 racoon: [sube]: INFO: IPsec-SA request for 83.66.99.176 queued due to no phase1 found.
    Jan 14 13:07:40 racoon: [sube]: INFO: initiate new phase 1 negotiation: 192.168.1.35[500]<=>83.66.99.176[500]
    Jan 14 13:07:40 racoon: INFO: begin Identity Protection mode.
    Jan 14 13:08:11 racoon: [sube]: [83.66.99.176] ERROR: phase2 negotiation failed due to time up waiting for phase1 [Remote Side not responding]. ESP 83.66.99.176[0]->192.168.1.35[0]
    Jan 14 13:08:11 racoon: INFO: delete phase 2 handler.
    Jan 14 13:08:15 racoon: [sube]: [83.66.99.176] INFO: request for establishing IPsec-SA was queued due to no phase1 found.
    Jan 14 13:08:30 racoon: ERROR: phase1 negotiation failed due to time up. b778326356c69679:0000000000000000

    0
  • A

    *Şubelerdeki Zyxel leri bridge moda al
    *pfsense makineler koy böylesi daha kolay olur
    *wan bacağını pppoe yaparsın
    *elinde eski makine varsa bunlarıda değerlendirmiş olursun
    *pf den pf e ipsec daha rahat kuruluyor.

    0

  • @yozbek6:

    en son aldığım hatalar aşşağıdaki gibi birde modem tarafında Address Information> content mi yoksa my ıp adress tarafına mı local ıp yi yazacağım.

    Jan 14 13:07:03 racoon: [sube]: [83.66.99.176] ERROR: phase2 negotiation failed due to time up waiting for phase1 [Remote Side not responding]. ESP 83.66.99.176[0]->192.168.1.35[0]
    Jan 14 13:07:03 racoon: INFO: delete phase 2 handler.
    Jan 14 13:07:22 racoon: ERROR: phase1 negotiation failed due to time up. 4c2b7770cf046f18:0000000000000000
    Jan 14 13:07:34 racoon: INFO: unsupported PF_KEY message REGISTER
    Jan 14 13:07:34 racoon: ERROR: such policy already exists. anyway replace it: 192.168.1.1/24[0] 192.168.0.0/24[0] proto=any dir=in
    Jan 14 13:07:34 racoon: ERROR: such policy already exists. anyway replace it: 192.168.0.0/24[0] 192.168.1.1/24[0] proto=any dir=out
    Jan 14 13:07:34 racoon: INFO: unsupported PF_KEY message REGISTER
    Jan 14 13:07:40 racoon: [sube]: INFO: IPsec-SA request for 83.66.99.176 queued due to no phase1 found.
    Jan 14 13:07:40 racoon: [sube]: INFO: initiate new phase 1 negotiation: 192.168.1.35[500]<=>83.66.99.176[500]
    Jan 14 13:07:40 racoon: INFO: begin Identity Protection mode.
    Jan 14 13:08:11 racoon: [sube]: [83.66.99.176] ERROR: phase2 negotiation failed due to time up waiting for phase1 [Remote Side not responding]. ESP 83.66.99.176[0]->192.168.1.35[0]
    Jan 14 13:08:11 racoon: INFO: delete phase 2 handler.
    Jan 14 13:08:15 racoon: [sube]: [83.66.99.176] INFO: request for establishing IPsec-SA was queued due to no phase1 found.
    Jan 14 13:08:30 racoon: ERROR: phase1 negotiation failed due to time up. b778326356c69679:0000000000000000

    Content e yazacaksın

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy