Cleaning up a few errors and warning



  • I have my IPsec VPN working. I can connect from both my iPhone and my laptop. So as far as working, it seems to be ok. I just want to "fix" a few errors I'm seeing in the logs. I'm not sure that anything is wrong, but I just personally don't like seeing them. There are a ton of references to these errors via Google, but I have yet to find a solution.

    ERROR: notification INITIAL-CONTACT received in aggressive exchange.
    WARNING: Ignored attribute INTERNAL_ADDRESS_EXPIRY
    WARNING: Ignored attribute 28683

    w.w.w.w = wan
    l.l.l.l = lan
    v.v.v.v = vpn

    # This file is automatically generated. Do not edit
    path pre_shared_key "/var/etc/psk.txt";
    
    path certificate  "/var/etc";
    
    listen
    {
    	adminsock "/var/db/racoon/racoon.sock" "root" "wheel" 0660;
    	isakmp W.W.W.W [500];
    	isakmp_natt W.W.W.W [4500];
    }
    
    mode_cfg
    {
    	auth_source system;
    	group_source system;
    	pool_size 61;
    	network4 V.V.V.V;
    	netmask4 255.255.255.192;
    	split_network include L.L.L.L/26;
    	dns4 L.L.L.L;
    	dns4 L.L.L.L;
    	wins4 L.L.L.L;
    	default_domain "DOMAIN";
    	split_dns "DOMAIN";
    	pfs_group 2;
    	banner "/var/etc/racoon.motd";
    	save_passwd on;
    }
    
    remote anonymous
    {
    	ph1id 1;
    	exchange_mode aggressive;
    	my_identifier address W.W.W.W;
    	peers_identifier fqdn "DOMAIN";
    	ike_frag on;
    	generate_policy = unique;
    	initial_contact = off;
    	nat_traversal = force;
    
    	dpd_delay = 10;
    	dpd_maxfail = 5;
    	support_proxy on;
    	proposal_check strict;
    	passive on;
    
    	proposal
    	{
    		authentication_method xauth_psk_server;
    		encryption_algorithm aes 256;
    		hash_algorithm sha1;
    		dh_group 2;
    		lifetime time 3600 secs;
    	}
    }
    
    sainfo   anonymous
    {
    	remoteid 1;
    	encryption_algorithm aes 256, 3des;
    	authentication_algorithm hmac_sha1,hmac_md5;
    	pfs_group 2;
    	lifetime time 3600 secs;
    	compression_algorithm deflate;
    }
    


  • I am having the same issue as well, is there anyway to find out why are these errors are showing up ? I have some difficulty connecting my phone to a SIP registrar server over VPN . sometimes it registers and others it says request time out !


Locked