Openswan e parâmetros de parede de som e criptografia

3

Esse erro me leva a investigar meus parâmetros de criptografia:

003 "sonicwall" #2: ignoring unknown Vendor ID payload [...]

Algum especialista pode dar uma olhada para me dizer o que está errado?

Sonic wall (interface da web):

ESP: 3DES/HMAC SHA1 (IKE)
IKE phase 1: Enc 3DES, auth SHA1
Ipsec Phase 2: Protocol ESP, Enc 3DES, Auth SHA1
Required XAUTH
DH Group 2 

/etc/ipsec.conf

ike=3DES-SHA1;modp1024
phase2alg=3DES-SHA1;modp1024

Isso me faz passar pela fase 1 (troca de chaves), mas fica paralisado na fase 2 (troca de dados), em que ele está em loop e o relatório de carga mal-intencionada notifica:

002 "sonicwall" #2: initiating Main Mode
104 "sonicwall" #2: STATE_MAIN_I1: initiate
003 "sonicwall" #2: ignoring unknown Vendor ID payload [...]
002 "sonicwall" #2: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
106 "sonicwall" #2: STATE_MAIN_I2: sent MI2, expecting MR2
003 "sonicwall" #2: ignoring Vendor ID payload [Sonicwall 1 (TZ 170 Standard?)]
003 "sonicwall" #2: received Vendor ID payload [XAUTH]
003 "sonicwall" #2: received Vendor ID payload [Dead Peer Detection]
002 "sonicwall" #2: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
108 "sonicwall" #2: STATE_MAIN_I3: sent MI3, expecting MR3
002 "sonicwall" #2: received 1 malformed payload notifies
003 "sonicwall" #2: discarding duplicate packet; already STATE_MAIN_I3
010 "sonicwall" #2: STATE_MAIN_I3: retransmission; will wait 20s for response
002 "sonicwall" #2: received 2 malformed payload notifies
003 "sonicwall" #2: discarding duplicate packet; already STATE_MAIN_I3
010 "sonicwall" #2: STATE_MAIN_I3: retransmission; will wait 40s for response
002 "sonicwall" #2: received 3 malformed payload notifies
    
por jcalfee314 21.05.2014 / 17:47

0 respostas

Tags