Existem duas redes conectadas por uma VPN pela Internet, raramente de firewalls Zywall.
Uma semana atrás, a conexão VPN falhou e não conseguiu estabelecê-la desde então.
As redes agora não podem se ver, elas não podem nem fazer ping nos seus endereços públicos. De qualquer outra rede na internet, ambas são visíveis. Eles também podem ver o endereço público do outro ao usar uma saída de 4g em vez de wan1.
Eu tentei desativar a política de segurança (o firewall em si) momentaneamente, sem sucesso. Eles não podem ssh / ping uns aos outros, e menos ainda estabelecer a vpn.
Não existe nenhuma regra de NAT que toque a porta 500 ou qualquer porta estranha. Poderia ser um problema de roteamento? O firewall está esperando usar a rota da VPN para alcançar a outra rede?
Além do traceroute, o que mais eu poderia executar para depurar esse problema de visibilidade?
traceroute reports:
FROM Network 2
# ping 11.22.33.44 -n -c 3 -I eth1
PING 11.22.33.44 (11.22.33.44) from 44.33.22.11 eth1: 56(84) bytes of data.
64 bytes from 11.22.33.44: icmp_seq=1 ttl=46 time=151 ms
64 bytes from 11.22.33.44: icmp_seq=2 ttl=46 time=74.6 ms
64 bytes from 11.22.33.44: icmp_seq=3 ttl=46 time=76.6 ms
--- 11.22.33.44 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 74.645/100.804/151.091/35.568 ms
# traceroute -4 11.22.33.44 -n -i eth1
traceroute to 11.22.33.44 (11.22.33.44), 30 hops max, 60 byte packets
1 192.168.8.1 0.509 ms 0.518 ms 0.370 ms
2 100.64.64.1 35.393 ms 35.274 ms 35.137 ms
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 11.22.33.44 87.177 ms 87.052 ms 87.776 ms
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
# traceroute -4 11.22.33.44 -n -i eth0
traceroute to 11.22.33.44 (11.22.33.44), 30 hops max, 60 byte packets
1 10.17.0.1 10.913 ms 10.704 ms 10.466 ms
2 37.0.32.61 14.442 ms 14.439 ms 15.098 ms
3 10.250.7.1 14.050 ms 14.235 ms 14.105 ms
4 10.253.72.10 14.962 ms 14.820 ms 14.964 ms
5 213.230.56.15 15.026 ms 14.874 ms 19.417 ms
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
FROM network 1
# traceroute -4 44.33.22.11 -n -i eth0
traceroute to 44.33.22.11 (44.33.22.11), 30 hops max, 60 byte packets
1 10.10.254.26 9.157 ms 9.089 ms 8.980 ms
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
# traceroute -4 44.33.22.11 -n -i eth1
traceroute to 44.33.22.11 (44.33.22.11), 30 hops max, 60 byte packets
1 192.168.8.1 0.505 ms 0.769 ms 0.734 ms
2 * * *
3 10.200.102.217 137.352 ms 137.312 ms 137.098 ms
4 10.200.102.65 140.616 ms 140.575 ms 148.781 ms
5 10.200.102.66 140.246 ms 140.062 ms 139.860 ms
6 212.161.142.13 140.036 ms 139.658 ms 139.466 ms
7 91.206.52.172 148.026 ms 41.202 ms 41.152 ms
8 * * *
9 62.192.25.38 58.491 ms 58.504 ms 58.153 ms
10 213.230.52.158 58.334 ms 213.230.52.156 58.097 ms 58.110 ms
11 * * *
12 * * *
13 37.0.32.62 55.943 ms 55.779 ms 55.724 ms
14 44.33.22.11 65.207 ms 59.644 ms 59.476 ms
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
Negociação VPN
Negociação IKE da Rede 1 para a rede 2
[...]
Dec 19 12:06:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Detect deleted tunnel[NET1-NET2](#2, 0x1066eb5c), IKE[NET1-NET2-GW](#4), refcount: 2, deletion: 0" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Not a deleted tunnel[NET1-NET2](#2, 0x1066eb5c), refcount: 2, deletion: 0" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Starting DNS query" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="DNS query ended" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xa39f20188f6f1b51 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Tunnel [NET1-NET2] Sending IKE request" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xa39f20188f6f1b51 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send Main Mode request to [44.33.22.11]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xa39f20188f6f1b51 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:01 helisrv CRON[17748]: (www-data) CMD (/usr/bin/php5 /usr/share/glpi/front/cron.php)
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Starting DNS query" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="DNS query ended" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Auto-start: Auto-start already active for rule NET1-NET2" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xa39f20188f6f1b51 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="ISAKMP SA [NET1-NET2-GW] is disconnected" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKEv1 SA [Initiator] negotiation failed:" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Local IKE peer 11.22.33.44:500 ID (null)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Remote IKE peer 44.33.22.11:500 ID (null)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Message: Timed out (65540)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="[NET1-NET2-GW(#4)] IKE SA negotiations: 7194 done, 0 successful, 7194 failed" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" IKEv1 Error : Timeout" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Peer not reachable" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKE SA destroyed: " note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Initiator SPI a39f2018 8f6f1b51 Responder SPI 00000000 00000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="as_fail_retry: 1, Tunnel:[NET1-NET2](#2, 0x1066eb5c)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0x4217f44e670a69ec / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Tunnel [NET1-NET2] Sending IKE request" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0x4217f44e670a69ec / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send Main Mode request to [44.33.22.11]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0x4217f44e670a69ec / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:01 helisrv CRON[17857]: (www-data) CMD (/usr/bin/php5 /usr/share/glpi/front/cron.php)
Dec 19 12:08:30 2017 helizywall-110 src="44.33.22.11:500" dst="11.22.33.44:500" msg="The cookie pair is : 0xb81615cfd668d493 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="44.33.22.11:500" dst="11.22.33.44:500" msg="Recv Main Mode request from [44.33.22.11]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="44.33.22.11:500" dst="11.22.33.44:500" msg="The cookie pair is : 0x599860b4b9cfb933 / 0xb81615cfd668d493" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="44.33.22.11:500" dst="11.22.33.44:500" msg="Recv:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID][VID]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKE auth method Pre-shared keys, SA lifetime: 3000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="44.33.22.11:500" dst="11.22.33.44:500" msg="Recv IKE sa: SA([0] protocol = IKE (1), DES, HMAC-MD5 PRF, HMAC-MD5-96, 768 bit MODP; )." note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xb81615cfd668d493 / 0x599860b4b9cfb933" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Starting DNS query" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="DNS query ended" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Auto-start: Auto-start already active for rule NET1-NET2" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0x4217f44e670a69ec / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="ISAKMP SA [NET1-NET2-GW] is disconnected" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKEv1 SA [Initiator] negotiation failed:" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Local IKE peer 11.22.33.44:500 ID (null)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Remote IKE peer 44.33.22.11:500 ID (null)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Message: Timed out (65540)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="[NET1-NET2-GW(#4)] IKE SA negotiations: 7195 done, 0 successful, 7195 failed" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" IKEv1 Error : Timeout" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKE SA destroyed: " note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Initiator SPI 4217f44e 670a69ec Responder SPI 00000000 00000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:02 helisrv CRON[17902]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -depth -mindepth 1 -maxdepth 1 -type f -ignore_readdir_race -cmin +$(/usr/lib/php5/maxlifetime) ! -execdir fuser -s {} 2>/dev/null \; -delete)
Dec 19 12:09:02 helisrv CRON[17906]: (www-data) CMD (/usr/bin/php5 /usr/share/glpi/front/cron.php)
Dec 19 12:09:05 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="as_fail_retry: 2, Tunnel:[NET1-NET2](#2, 0x1066eb5c)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:10 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="as_fail_retry: 1, Tunnel:[NET1-NET2](#2, 0x1066eb5c)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xb81615cfd668d493 / 0x599860b4b9cfb933" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="ISAKMP SA [NET1-NET2-GW] is disconnected" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKEv1 SA [Responder] negotiation failed:" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Local IKE peer 11.22.33.44:500 ID (null)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Remote IKE peer 44.33.22.11:500 ID (null)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Message: Timed out (65540)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="[NET1-NET2-GW(#4)] IKE SA negotiations: 7196 done, 0 successful, 7196 failed" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" IKEv1 Error : Timeout" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKE SA destroyed: " note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Initiator SPI b81615cf d668d493 Responder SPI 599860b4 b9cfb933" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="as_fail_retry: 3, Tunnel:[NET1-NET2](#2, 0x1066eb5c)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:35 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="as_fail_retry: 2, Tunnel:[NET1-NET2](#2, 0x1066eb5c)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="as_fail_retry: 1, Tunnel:[NET1-NET2](#2, 0x1066eb5c)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xc17aaf4fa8a5f060 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Tunnel [NET1-NET2] Sending IKE request" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xc17aaf4fa8a5f060 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send Main Mode request to [44.33.22.11]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xc17aaf4fa8a5f060 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Starting DNS query" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="DNS query ended" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Auto-start: Auto-start already active for rule NET1-NET2" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
mtr output Rede 1 para Rede 2
Start: Tue Dec 19 15:16:19 2017
HOST: boo Loss% Snt Last Avg Best Wrst StDev
1.|-- 192.168.30.1 0.0% 10 0.4 0.3 0.2 0.4 0.0
2.|-- 10.10.254.26 0.0% 10 8.3 8.6 6.3 12.6 1.7
3.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
mtr output Rede 2 para Rede 1
HOST: foo Loss% Snt Last Avg Best Wrst StDev
1.|-- 192.168.1.254 0.0% 10 0.4 0.4 0.4 0.5 0.0
2.|-- 10.17.0.1 0.0% 10 29.9 15.8 11.0 29.9 5.4
3.|-- 10.17.0.1 20.0% 10 14.0 14.8 10.5 25.1 5.1
4.|-- 37.0.32.61 0.0% 10 15.7 16.5 12.2 22.9 3.3
5.|-- 10.250.7.1 0.0% 10 16.1 16.2 10.4 23.9 3.9
6.|-- 10.253.72.10 0.0% 10 19.9 18.3 11.8 28.7 5.0
7.|-- 213.230.56.15 40.0% 10 16.8 15.5 12.6 18.3 1.8
8.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
Tags networking vpn zywall