Watchguard Firebox X1000 + ADSL + VPN = Connection failure
am 12.09.2006 10:32:03 von vahlrothHello,
First of all I'm not familiar with Watchguard X1000 system forehand.
Mobile VPN client is previously installed on my desktop (WinXP), then I
connection via GPRS line that works just fine. After couple of days I
was tend to to connect with ADSL (just connected to my new apartment)
but problems occured.
Mobile VPN client asks user authentication but then nothing happens.
After apx. three minutes login interrupts and client returns error msg
"Unable to connect to RDP to work\192.89.15.170-194.197.xx.0. Please
check log for further details."
My collegues have this same problem with their ADSL lines. So I quess
this is not ADSL operator depended prombem, i.e. all three tested
networks gave this same results.
VPN support is never used before in our organization, thus we had no
historical experience about configuring VPN connections with WG Firebox
X1000.
Log file is attached below on this message.
We all preciate your help.
Log file of ADSL connection (not working):
9-11: 23:07:21.968 My Connections\192.89.15.170-194.197.95.0 (IP
ADDR=192.89.15.170) - Error validating Proxy ID
9-11: 23:07:31.937 My Connections\192.89.15.170-194.197.95.0 -
RECEIVED<<< ISAKMP OAK QM *(HASH, SA, NON, ID 2x)
9-11: 23:07:31.953 My Connections\192.89.15.170-194.197.95.0 -
Received IKE Phase 2 Client IDs (message id: 50C0F44E)
9-11: 23:07:31.953 Initiator = IP
SUBNET/MASK=194.197.95.0/255.255.255.0, prot = 0 port = 0
9-11: 23:07:31.953 Responder = IP ADDR=192.168.1.5, prot = 0 port =
0
9-11: 23:07:31.953 Failure finding or creating filter entry
It begins to display this same entry repeately.
Log file of GPRS connection (works ok, before the IR link was removed):
9-12: 09:38:25.984 Interface added: 62.78.105.196/255.0.0.0 on MODEM
"Standard Modem over IR link".
9-12: 09:38:26.015 My Connections\192.xxx.15.170-xxx.xxx.95.0 - Filter
record 1 updated.
9-12: 09:38:26.312
9-12: 09:38:26.312 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
Initiating IKE Phase 1 (IP ADDR=192.xxx.15.170)
9-12: 09:38:26.546 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
SENDING>>>> ISAKMP OAK AG (SA, KE, NON, ID, VID 6x)
9-12: 09:38:28.078 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
RECEIVED<<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID 3x, NAT-D 2x)
9-12: 09:38:28.109 My Connections\192.xxx.15.170-xxx.xxx.95.0 - Peer
is NAT-T draft-02 capable
9-12: 09:38:28.109 My Connections\192.xxx.15.170-xxx.xxx.95.0 - Peer
supports Keepalive processing
9-12: 09:38:28.109 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
Keepalive processing enabled
9-12: 09:38:28.281 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
SENDING>>>> ISAKMP OAK AG *(HASH, NAT-D 2x,
NOTIFY:STATUS_REPLAY_STATUS, NOTIFY:STATUS_INITIAL_CONTACT)
9-12: 09:38:28.281 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
Established IKE SA
9-12: 09:38:28.281 MY COOKIE c8 6 a0 e5 20 2 e4 ee
9-12: 09:38:28.281 HIS COOKIE 79 af 21 ff f9 90 ed ef
9-12: 09:38:29.015 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
RECEIVED<<< ISAKMP OAK TRANS *(HASH, ATTR)
9-12: 09:38:37.718 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
RECEIVED<<< ISAKMP OAK AG (Retransmission)
9-12: 09:38:38.578 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
SENDING>>>> ISAKMP OAK TRANS *(HASH, ATTR)
9-12: 09:38:39.500 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
RECEIVED<<< ISAKMP OAK TRANS *(Retransmission)
9-12: 09:38:39.500 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
SENDING>>>> ISAKMP OAK TRANS *(Retransmission)
9-12: 09:38:39.500 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
RECEIVED<<< ISAKMP OAK TRANS *(HASH, ATTR)
9-12: 09:38:39.500 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
SENDING>>>> ISAKMP OAK TRANS *(HASH, ATTR)
9-12: 09:38:39.515 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
RECEIVED<<< ISAKMP OAK TRANS *(HASH, ATTR)
9-12: 09:38:39.515 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
Received Private IP Address = IP ADDR=192.168.1.39
9-12: 09:38:39.515 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
SENDING>>>> ISAKMP OAK TRANS *(HASH, ATTR)
9-12: 09:38:40.515 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
RECEIVED<<< ISAKMP OAK QM *(HASH, SA, NON, ID 2x)
9-12: 09:38:40.515 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
Received IKE Phase 2 Client IDs (message id: BF3F64)
9-12: 09:38:40.515 Initiator = IP
SUBNET/MASK=xxx.xxx.95.0/255.255.255.0, prot = 0 port = 0
9-12: 09:38:40.515 Responder = IP ADDR=192.168.1.39, prot = 0 port =
0
9-12: 09:38:40.656 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
SENDING>>>> ISAKMP OAK QM *(HASH, SA, NON, ID 2x)
9-12: 09:38:40.812 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
RECEIVED<<< ISAKMP OAK QM *(HASH, SA, NON, ID 2x)
9-12: 09:38:40.812 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
Received IKE Phase 2 Client IDs (message id: 6C27F816)
9-12: 09:38:40.812 Initiator = IP
SUBNET/MASK=xxx.xxx.95.0/255.255.255.0, prot = 0 port = 0
9-12: 09:38:40.812 Responder = IP ADDR=192.168.1.39, prot = 0 port =
0
9-12: 09:38:40.953 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
SENDING>>>> ISAKMP OAK QM *(HASH, SA, NON, ID 2x)
9-12: 09:38:43.406 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
RECEIVED<<< ISAKMP OAK QM *(HASH)
9-12: 09:38:43.406 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
Loading IPSec SA (Message ID = BF3F64 OUTBOUND SPI = AD056B29 INBOUND
SPI = BCE99E11)
9-12: 09:38:43.406
9-12: 09:38:43.625 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
RECEIVED<<< ISAKMP OAK QM *(HASH)
9-12: 09:38:43.625 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
Loading IPSec SA (Message ID = 6C27F816 OUTBOUND SPI = AE059B48 INBOUND
SPI = 52D13C6F)
9-12: 09:38:43.625
9-12: 09:38:49.984 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
Deleting IPSec SA (OUTBOUND SPI = AD056B29 INBOUND SPI = BCE99E11)
9-12: 09:38:49.984 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
SENDING>>>> ISAKMP OAK INFO *(HASH, DEL)
9-12: 09:41:39.937 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
RECEIVED<<< ISAKMP OAK INFO *(HASH, NOTIFY:KEEPALIVE_REQUEST)
9-12: 09:41:39.953 My Connections\192.xxx.15.170-xxx.xxx.95.0 -
SENDING>>>> ISAKMP OAK INFO *(HASH, NOTIFY:KEEPALIVE_ACK)
9-12: 09:43:06.203 Remote access device 'Standard Modem over IR link'
removed.
br,
Vellu