Hi All
It seems that my IPSEC connection from my iphone (5.01 ios) to my asg 8.300 is being randomly dropped every time I try to perfrom any action on my iphone (i.e. view emails etc).
Also I am not able to view the user connected under the "Remote Access Status>>online users" (when connecting using manual VPN- I am able to see the user connected)
Thanks
It seems that my IPSEC connection from my iphone (5.01 ios) to my asg 8.300 is being randomly dropped every time I try to perfrom any action on my iphone (i.e. view emails etc).
Code:
2011:12:30-09:41:30 ****** pluto[19226]: packet from 192.168.2.6:500: received Vendor ID payload [RFC 3947]
2011:12:30-09:41:30 ****** pluto[19226]: packet from 192.168.2.6:500: ignoring Vendor ID payload [4df37928e9fc4fd1b3262170d515c662]
2011:12:30-09:41:30 ****** pluto[19226]: packet from 192.168.2.6:500: ignoring Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
2011:12:30-09:41:30 ****** pluto[19226]: packet from 192.168.2.6:500: ignoring Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
2011:12:30-09:41:30 ****** pluto[19226]: packet from 192.168.2.6:500: ignoring Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
2011:12:30-09:41:30 ****** pluto[19226]: packet from 192.168.2.6:500: ignoring Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
2011:12:30-09:41:30 ****** pluto[19226]: packet from 192.168.2.6:500: ignoring Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
2011:12:30-09:41:30 ****** pluto[19226]: packet from 192.168.2.6:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
2011:12:30-09:41:30 ****** pluto[19226]: packet from 192.168.2.6:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
2011:12:30-09:41:30 ****** pluto[19226]: packet from 192.168.2.6:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2011:12:30-09:41:30 ****** pluto[19226]: packet from 192.168.2.6:500: received Vendor ID payload [XAUTH]
2011:12:30-09:41:30 ****** pluto[19226]: packet from 192.168.2.6:500: ignoring Vendor ID payload [Cisco-Unity]
2011:12:30-09:41:30 ****** pluto[19226]: packet from 192.168.2.6:500: received Vendor ID payload [Dead Peer Detection]
2011:12:30-09:41:30 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: responding to Main Mode from unknown peer 192.168.2.6
2011:12:30-09:41:31 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: NAT-Traversal: Result using RFC 3947: no NAT detected
2011:12:30-09:41:32 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: ignoring informational payload, type IPSEC_INITIAL_CONTACT
2011:12:30-09:41:32 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: Peer ID is ID_DER_ASN1_DN: 'C=*********x, L=*********x, O=*********x, CN=*********x, E=*********x'
2011:12:30-09:41:32 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: crl not found
2011:12:30-09:41:32 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: certificate status unknown
2011:12:30-09:41:32 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: we have a cert and are sending it
2011:12:30-09:41:32 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: Dead Peer Detection (RFC 3706) enabled
2011:12:30-09:41:32 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: sent MR3, ISAKMP SA established
2011:12:30-09:41:32 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: sending XAUTH request
2011:12:30-09:41:41 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: parsing XAUTH reply
2011:12:30-09:41:41 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: extended authentication was successful
2011:12:30-09:41:41 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: sending XAUTH status
2011:12:30-09:41:42 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: parsing XAUTH ack
2011:12:30-09:41:42 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: received XAUTH ack, established
2011:12:30-09:41:42 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: parsing ModeCfg request
2011:12:30-09:41:42 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: unknown attribute type (28683)
2011:12:30-09:41:42 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: peer requested virtual IP %any
2011:12:30-09:41:42 ****** pluto[19226]: acquired existing lease for address 10.242.5.1 in pool 'VPN Pool (Cisco)'
2011:12:30-09:41:42 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: assigning virtual IP 10.242.5.1 to peer
2011:12:30-09:41:42 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: sending ModeCfg reply
2011:12:30-09:41:42 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: sent ModeCfg reply, established
2011:12:30-09:41:42 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #8: responding to Quick Mode
2011:12:30-09:41:42 ****** pluto[19226]: id="2201" severity="info" sys="SecureNet" sub="vpn" event="Connection started" username="wingman" variant="ipsec" srcip="192.168.2.6" virtual_ip="10.242.5.1"
2011:12:30-09:41:43 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #8: IPsec SA established {ESP=>0x0d479440 <0x9dfb7c27 DPD}
2011:12:30-09:41:46 ****** pluto[19226]: listening for IKE messages
2011:12:30-09:41:46 ****** pluto[19226]: forgetting secrets
2011:12:30-09:41:46 ****** pluto[19226]: loading secrets from "/etc/ipsec.secrets"
2011:12:30-09:41:46 ****** pluto[19226]: loaded private key from 'WebAdmin certificate for ****** .home.dyndns.org.pem'
2011:12:30-09:41:46 ****** pluto[19226]: forgetting secrets
2011:12:30-09:41:46 ****** pluto[19226]: loading secrets from "/etc/ipsec.secrets"
2011:12:30-09:41:46 ****** pluto[19226]: loaded private key from 'WebAdmin certificate for ****** .home.dyndns.org.pem'
2011:12:30-09:41:46 ****** pluto[19226]: loading ca certificates from '/etc/ipsec.d/cacerts'
2011:12:30-09:41:46 ****** pluto[19226]: loaded ca certificate from '/etc/ipsec.d/cacerts/VPN Signing CA.pem'
2011:12:30-09:41:46 ****** pluto[19226]: loading aa certificates from '/etc/ipsec.d/aacerts'
2011:12:30-09:41:46 ****** pluto[19226]: loading ocsp certificates from '/etc/ipsec.d/ocspcerts'
2011:12:30-09:41:46 ****** pluto[19226]: loading attribute certificates from '/etc/ipsec.d/acerts'
2011:12:30-09:41:46 ****** pluto[19226]: Changing to directory '/etc/ipsec.d/crls'
2011:12:30-09:43:30 ****** pluto[19226]: ERROR: asynchronous network error report on ppp0 for message to 192.168.2.6 port 500, complainant 86.166.221.215: No route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)]
2011:12:30-09:44:00 ****** pluto[19226]: ERROR: asynchronous network error report on ppp0 for message to 192.168.2.6 port 500, complainant 86.166.221.215: No route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)]
2011:12:30-09:44:30 ****** pluto[19226]: ERROR: asynchronous network error report on ppp0 for message to 192.168.2.6 port 500, complainant 86.166.221.215: No route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)]
2011:12:30-09:44:57 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: DPD: No response from peer - declaring peer dead
2011:12:30-09:44:57 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: DPD: Terminating all SAs using this connection
2011:12:30-09:44:57 ****** pluto[19226]: "D_for SuperAdmins to Any"[4] 192.168.2.6 #7: deleting connection "D_for SuperAdmins to Any"[4] instance with peer 192.168.2.6 {isakmp=#7/ipsec=#8}
2011:12:30-09:44:57 ****** pluto[19226]: "D_for SuperAdmins to Any" #8: deleting state (STATE_QUICK_R2)
2011:12:30-09:44:57 ****** pluto[19226]: id="2202" severity="info" sys="SecureNet" sub="vpn" event="Connection terminated" username="wingman" variant="ipsec" srcip="192.168.2.6" virtual_ip="10.242.5.1"
2011:12:30-09:44:59 ****** pluto[19226]: "D_for SuperAdmins to Any" #7: deleting state (STATE_MODE_CFG_R1)
2011:12:30-09:45:00 ****** pluto[19226]: ERROR: asynchronous network error report on ppp0 for message to 192.168.2.6 port 500, complainant 86.166.221.215: No route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)]
2011:12:30-09:45:00 ****** pluto[19226]: ERROR: asynchronous network error report on ppp0 for message to 192.168.2.6 port 500, complainant 86.166.221.215: No route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)]
2011:12:30-09:45:02 ****** pluto[19226]: listening for IKE messages
2011:12:30-09:45:02 ****** pluto[19226]: forgetting secrets
2011:12:30-09:45:02 ****** pluto[19226]: loading secrets from "/etc/ipsec.secrets"
2011:12:30-09:45:02 ****** pluto[19226]: loaded private key from 'WebAdmin certificate for ****** .home.dyndns.org.pem'
2011:12:30-09:45:02 ****** pluto[19226]: forgetting secrets
2011:12:30-09:45:02 ****** pluto[19226]: loading secrets from "/etc/ipsec.secrets"
2011:12:30-09:45:02 ****** pluto[19226]: loaded private key from 'WebAdmin certificate for ****** .home.dyndns.org.pem'
2011:12:30-09:45:02 ****** pluto[19226]: loading ca certificates from '/etc/ipsec.d/cacerts'
2011:12:30-09:45:02 ****** pluto[19226]: loaded ca certificate from '/etc/ipsec.d/cacerts/VPN Signing CA.pem'
2011:12:30-09:45:02 ****** pluto[19226]: loading aa certificates from '/etc/ipsec.d/aacerts'
2011:12:30-09:45:02 ****** pluto[19226]: loading ocsp certificates from '/etc/ipsec.d/ocspcerts'
2011:12:30-09:45:02 ****** pluto[19226]: loading attribute certificates from '/etc/ipsec.d/acerts'Thanks