Повалили логи -
00:02:41: ISAKMP: received ke message (1/1)
00:02:41: ISAKMP: local port 500, remote port 500
00:02:41: ISAKMP (0:1): beginning Main Mode exchange
00:02:41: ISAKMP (1): sending packet to 1.2.3.36 (I) MM_NO_STATE.....
Success rate is 0 percent (0/5)
dnepr#
00:02:51: %CRYPTO-4-RECVD_PKT_NOT_IPSEC: Rec'd packet not an IPSEC packet.
(ip) dest_addr= 1.2.3.63, src_addr= 1.2.3.40, prot= 17
00:02:51: ISAKMP (0:1): retransmitting phase 1 MM_NO_STATE...
00:02:51: ISAKMP (0:1): incrementing error counter on sa: retransmit phase 1
00:02:51: ISAKMP (1): sending packet to 1.2.3.36 (I) MM_NO_STATE
00:03:01: ISAKMP (0:1): retransmitting phase 1 MM_NO_STATE...
00:03:01: ISAKMP (0:1): incrementing error counter on sa: retransmit phase 1
00:03:01: ISAKMP (1): sending packet to 1.2.3.36 (I) MM_NO_STATE
00:03:11: IPSEC(key_engine): request timer fired: count = 1,
(identity) local= 192.168.88.1, remote= 1.2.3.36,
local_proxy= 0.0.0.0/0.0.0.0/0/0 (type=4),
remote_proxy= 0.0.0.0/0.0.0.0/0/0 (type=4)
00:03:11: IPSEC(sa_request): ,
(key eng. msg.) src= 192.168.88.1, dest= 1.2.3.36,
src_proxy= 0.0.0.0/0.0.0.0/0/0 (type=4),
dest_proxy= 0.0.0.0/0.0.0.0/0/0 (type=4),
protocol= ESP, transform= esp-des esp-md5-hmac ,
lifedur= 3600s and 4608000kb,
spi= 0x830E90(8588944), conn_id= 0, keysize= 0, flags= 0x4004
00:03:11: ISAKMP: received ke message (1/1)
00:03:11: ISAKMP (0:1): SA is still budding. Attached new ipsec request to it.
00:03:11: ISAKMP (0:1): retransmitting phase 1 MM_NO_STATE...
00:03:11: ISAKMP (0:1): incrementing error counter on sa: retransmit phase 1
00:03:11: ISAKMP (1): sending packet to 1.2.3.36 (I) MM_NO_STATE
00:03:21: ISAKMP (0:1): retransmitting phase 1 MM_NO_STATE...
00:03:21: ISAKMP (0:1): incrementing error counter on sa: retransmit phase 1
00:03:21: ISAKMP (1): sending packet to 1.2.3.36 (I) MM_NO_STATE
00:03:31: ISAKMP (0:1): retransmitting phase 1 MM_NO_STATE...
00:03:31: ISAKMP (0:1): incrementing error counter on sa: retransmit phase 1
00:03:31: ISAKMP (1): sending packet to 1.2.3.36 (I) MM_NO_STATE
00:03:41: IPSEC(key_engine): request timer fired: count = 2,
(identity) local= 192.168.88.1, remote= 1.2.3.36,
local_proxy= 0.0.0.0/0.0.0.0/0/0 (type=4),
remote_proxy= 0.0.0.0/0.0.0.0/0/0 (type=4)
00:03:41: ISAKMP: received ke message (3/1)
00:03:41: ISAKMP (0:1): ignoring request to send delete notify (sa not authenticated) src 192.168.88.1 dst 1.2.3.36
00:03:41: ISAKMP (0:1): retransmitting phase 1 MM_NO_STATE...
00:03:41: ISAKMP (0:1): phase 1 going away; let's be paranoid.
00:03:41: ISAKMP (0:1): Bring down phase 2's
00:03:41: ISAKMP (0:1): That phase 1 was the last one of its kind. Taking phase 2's with us.
00:03:41: ISAKMP (0:1): peer does not do paranoid keepalives.
00:03:41: ISAKMP (0:1): deleting SA reason "death by retransmission P1" state (I) MM_NO_STATE (peer 1.2.3.36) input queu000:03:41: ISAKMP (0:1): deleting node -1218323057 error TRUE reason "death by retransmission P1"
00:03:41: ISAKMP (0:1): deleting node 1546138859 error TRUE reason "death by retransmission P1"
00:03:41: IPSEC(key_engine): got a queue event...
00:03:41: IPSEC(key_engine_delete_sas): rec'd delete notify from ISAKMP
00:03:41: IPSEC(key_engine_delete_sas): delete all SAs shared with 1.2.3.36
Что это может быть? Чего-то еще не хватает?
Вариант для распечатки
Маршрутизаторы CISCO и др. оборудование. (Public)
on
15-Сен-03, 10:43 (MSK)
