Fabian Schroeter
2013-05-17 12:08:26 UTC
Hi,
when trying to connect to my AVM Fritz!Box 7390 (firmware up-to-date) with
ShrewSoft VPN Client, I get the following message:
config loaded for site 'FRITZ!Box-VPN'
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
ipcomp proposal configured
client configured
local id configured
remote id configured
pre-shared key configured
bringing up tunnel ...
negotiation timout occurred
tunnel disabled
detached from key daemon
I configured the VPN-profile according to the instructions on that page:
http://www.avm.de/de/Service/Service-Portale/Service-Portal/VPN_Interoperabi
litaet/15729.php.
Nevertheless, it does not work. I get VPN-access (IPSEC) without any
problems via two iPhones I configured recently so I suppose the Box is not
the problem.
Of course I googled the problem and also searched the Shrew-database but did
not find anything which helped. In the system configuration, I found another
VPN-adapter installed by TeamViewer which I deactivated for testing but with
no change.
So maybe anyone out there might help me or at least tell me at which point
the problem occurs as I am novice at VPN. For that I attached my debug
report as well as my system information.
Any help is highly appreciated!
Thanks
Fabian
--
VPN Client Version = 2.2.0
Windows OS Version = Windows Vista Home Premium SP2
Gateway Make/Model = AVM FRITZ!Box 7390
Gateway OS Version = FRITZ!OS 5.50 (84.05.50)
--
Debug report:
13/05/17 13:03:22 ## : IKE Daemon, ver 2.2.0
13/05/17 13:03:22 ## : Copyright 2013 Shrew Soft Inc.
13/05/17 13:03:22 ## : This product linked OpenSSL 1.0.1c 10 May 2012
13/05/17 13:03:22 ii : opened 'C:\Program
Files\ShrewVPNClient\debug\iked.log'
13/05/17 13:03:22 ii : rebuilding vnet device list ...
13/05/17 13:03:22 ii : device ROOT\VNET\0000 disabled
13/05/17 13:03:22 ii : network process thread begin ...
13/05/17 13:03:22 ii : pfkey process thread begin ...
13/05/17 13:03:22 ii : ipc server process thread begin ...
13/05/17 13:03:38 ii : ipc client process thread begin ...
13/05/17 13:03:38 <A : peer config add message
13/05/17 13:03:38 <A : proposal config message
13/05/17 13:03:38 <A : proposal config message
13/05/17 13:03:38 <A : proposal config message
13/05/17 13:03:38 <A : client config message
13/05/17 13:03:38 <A : local id 'XXX at XXX.XX' message
13/05/17 13:03:38 <A : preshared key message
13/05/17 13:03:38 <A : remote resource message
13/05/17 13:03:38 <A : peer tunnel enable message
13/05/17 13:03:38 DB : peer added ( obj count = 1 )
13/05/17 13:03:38 ii : local address 192.168.0.23 selected for peer
13/05/17 13:03:38 DB : tunnel added ( obj count = 1 )
13/05/17 13:03:38 DB : new phase1 ( ISAKMP initiator )
13/05/17 13:03:38 DB : exchange type is aggressive
13/05/17 13:03:38 DB : 192.168.0.23:500 <-> XX.XXX.XX.XXX:500
13/05/17 13:03:38 DB : a89a19dff2be5329:0000000000000000
13/05/17 13:03:38 DB : phase1 added ( obj count = 1 )
13/05/17 13:03:38 >> : security association payload
13/05/17 13:03:38 >> : - proposal #1 payload
13/05/17 13:03:38 >> : -- transform #1 payload
13/05/17 13:03:38 >> : key exchange payload
13/05/17 13:03:38 >> : nonce payload
13/05/17 13:03:38 >> : identification payload
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports nat-t ( draft v00 )
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports nat-t ( draft v01 )
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports nat-t ( draft v02 )
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports nat-t ( draft v03 )
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports nat-t ( rfc )
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports FRAGMENTATION
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports DPDv1
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local is SHREW SOFT compatible
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local is NETSCREEN compatible
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local is SIDEWINDER compatible
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local is CISCO UNITY compatible
13/05/17 13:03:38 >= : cookies a89a19dff2be5329:0000000000000000
13/05/17 13:03:38 >= : message 00000000
13/05/17 13:03:38 -> : send IKE packet 192.168.0.23:500 -> XX.XXX.XX.XXX:500
( 562 bytes )
13/05/17 13:03:38 DB : phase1 resend event scheduled ( ref count = 2 )
13/05/17 13:03:43 -> : resend 1 phase1 packet(s) [0/2] 192.168.0.23:500 ->
XX.XXX.XX.XXX:500
13/05/17 13:03:48 -> : resend 1 phase1 packet(s) [1/2] 192.168.0.23:500 ->
XX.XXX.XX.XXX:500
13/05/17 13:03:53 -> : resend 1 phase1 packet(s) [2/2] 192.168.0.23:500 ->
XX.XXX.XX.XXX:500
13/05/17 13:03:58 ii : resend limit exceeded for phase1 exchange
13/05/17 13:03:58 ii : phase1 removal before expire time
13/05/17 13:03:58 DB : phase1 deleted ( obj count = 0 )
13/05/17 13:03:58 DB : policy not found
13/05/17 13:03:58 DB : policy not found
13/05/17 13:03:58 DB : policy not found
13/05/17 13:03:58 DB : policy not found
13/05/17 13:03:58 DB : policy not found
13/05/17 13:03:58 DB : policy not found
13/05/17 13:03:58 DB : removing tunnel config references
13/05/17 13:03:58 DB : removing tunnel phase2 references
13/05/17 13:03:58 DB : removing tunnel phase1 references
13/05/17 13:03:58 DB : tunnel deleted ( obj count = 0 )
13/05/17 13:03:58 DB : removing all peer tunnel references
13/05/17 13:03:58 DB : peer deleted ( obj count = 0 )
13/05/17 13:03:58 ii : ipc client process thread exit ...
13/05/17 13:04:07 ii : hard halt signal received, shutting down
13/05/17 13:04:07 ii : network process thread exit ...
13/05/17 13:04:07 ii : pfkey process thread exit ...
13/05/17 13:04:07 ii : ipc server process thread exit ...
when trying to connect to my AVM Fritz!Box 7390 (firmware up-to-date) with
ShrewSoft VPN Client, I get the following message:
config loaded for site 'FRITZ!Box-VPN'
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
ipcomp proposal configured
client configured
local id configured
remote id configured
pre-shared key configured
bringing up tunnel ...
negotiation timout occurred
tunnel disabled
detached from key daemon
I configured the VPN-profile according to the instructions on that page:
http://www.avm.de/de/Service/Service-Portale/Service-Portal/VPN_Interoperabi
litaet/15729.php.
Nevertheless, it does not work. I get VPN-access (IPSEC) without any
problems via two iPhones I configured recently so I suppose the Box is not
the problem.
Of course I googled the problem and also searched the Shrew-database but did
not find anything which helped. In the system configuration, I found another
VPN-adapter installed by TeamViewer which I deactivated for testing but with
no change.
So maybe anyone out there might help me or at least tell me at which point
the problem occurs as I am novice at VPN. For that I attached my debug
report as well as my system information.
Any help is highly appreciated!
Thanks
Fabian
--
VPN Client Version = 2.2.0
Windows OS Version = Windows Vista Home Premium SP2
Gateway Make/Model = AVM FRITZ!Box 7390
Gateway OS Version = FRITZ!OS 5.50 (84.05.50)
--
Debug report:
13/05/17 13:03:22 ## : IKE Daemon, ver 2.2.0
13/05/17 13:03:22 ## : Copyright 2013 Shrew Soft Inc.
13/05/17 13:03:22 ## : This product linked OpenSSL 1.0.1c 10 May 2012
13/05/17 13:03:22 ii : opened 'C:\Program
Files\ShrewVPNClient\debug\iked.log'
13/05/17 13:03:22 ii : rebuilding vnet device list ...
13/05/17 13:03:22 ii : device ROOT\VNET\0000 disabled
13/05/17 13:03:22 ii : network process thread begin ...
13/05/17 13:03:22 ii : pfkey process thread begin ...
13/05/17 13:03:22 ii : ipc server process thread begin ...
13/05/17 13:03:38 ii : ipc client process thread begin ...
13/05/17 13:03:38 <A : peer config add message
13/05/17 13:03:38 <A : proposal config message
13/05/17 13:03:38 <A : proposal config message
13/05/17 13:03:38 <A : proposal config message
13/05/17 13:03:38 <A : client config message
13/05/17 13:03:38 <A : local id 'XXX at XXX.XX' message
13/05/17 13:03:38 <A : preshared key message
13/05/17 13:03:38 <A : remote resource message
13/05/17 13:03:38 <A : peer tunnel enable message
13/05/17 13:03:38 DB : peer added ( obj count = 1 )
13/05/17 13:03:38 ii : local address 192.168.0.23 selected for peer
13/05/17 13:03:38 DB : tunnel added ( obj count = 1 )
13/05/17 13:03:38 DB : new phase1 ( ISAKMP initiator )
13/05/17 13:03:38 DB : exchange type is aggressive
13/05/17 13:03:38 DB : 192.168.0.23:500 <-> XX.XXX.XX.XXX:500
13/05/17 13:03:38 DB : a89a19dff2be5329:0000000000000000
13/05/17 13:03:38 DB : phase1 added ( obj count = 1 )
13/05/17 13:03:38 >> : security association payload
13/05/17 13:03:38 >> : - proposal #1 payload
13/05/17 13:03:38 >> : -- transform #1 payload
13/05/17 13:03:38 >> : key exchange payload
13/05/17 13:03:38 >> : nonce payload
13/05/17 13:03:38 >> : identification payload
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports nat-t ( draft v00 )
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports nat-t ( draft v01 )
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports nat-t ( draft v02 )
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports nat-t ( draft v03 )
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports nat-t ( rfc )
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports FRAGMENTATION
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local supports DPDv1
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local is SHREW SOFT compatible
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local is NETSCREEN compatible
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local is SIDEWINDER compatible
13/05/17 13:03:38 >> : vendor id payload
13/05/17 13:03:38 ii : local is CISCO UNITY compatible
13/05/17 13:03:38 >= : cookies a89a19dff2be5329:0000000000000000
13/05/17 13:03:38 >= : message 00000000
13/05/17 13:03:38 -> : send IKE packet 192.168.0.23:500 -> XX.XXX.XX.XXX:500
( 562 bytes )
13/05/17 13:03:38 DB : phase1 resend event scheduled ( ref count = 2 )
13/05/17 13:03:43 -> : resend 1 phase1 packet(s) [0/2] 192.168.0.23:500 ->
XX.XXX.XX.XXX:500
13/05/17 13:03:48 -> : resend 1 phase1 packet(s) [1/2] 192.168.0.23:500 ->
XX.XXX.XX.XXX:500
13/05/17 13:03:53 -> : resend 1 phase1 packet(s) [2/2] 192.168.0.23:500 ->
XX.XXX.XX.XXX:500
13/05/17 13:03:58 ii : resend limit exceeded for phase1 exchange
13/05/17 13:03:58 ii : phase1 removal before expire time
13/05/17 13:03:58 DB : phase1 deleted ( obj count = 0 )
13/05/17 13:03:58 DB : policy not found
13/05/17 13:03:58 DB : policy not found
13/05/17 13:03:58 DB : policy not found
13/05/17 13:03:58 DB : policy not found
13/05/17 13:03:58 DB : policy not found
13/05/17 13:03:58 DB : policy not found
13/05/17 13:03:58 DB : removing tunnel config references
13/05/17 13:03:58 DB : removing tunnel phase2 references
13/05/17 13:03:58 DB : removing tunnel phase1 references
13/05/17 13:03:58 DB : tunnel deleted ( obj count = 0 )
13/05/17 13:03:58 DB : removing all peer tunnel references
13/05/17 13:03:58 DB : peer deleted ( obj count = 0 )
13/05/17 13:03:58 ii : ipc client process thread exit ...
13/05/17 13:04:07 ii : hard halt signal received, shutting down
13/05/17 13:04:07 ii : network process thread exit ...
13/05/17 13:04:07 ii : pfkey process thread exit ...
13/05/17 13:04:07 ii : ipc server process thread exit ...