Iphone Verbindet sich nicht mit IPSec/L2TP

DanielZ87

Hallo Zusammen,

ich bin grade am testen der neuen 3.0 UTM. Jedoch bekomme ich leider keine Verbindung mit meinem Iphone Zustande.

Das Protokoll:

Zitat

System
2014-02-03 15:47:51
ipsec: 08[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (76 bytes)
System
2014-02-03 15:47:51
ipsec 08[ENC] parsed INFORMATIONAL_V1 request 2422197145 [ HASH D ]
System
2014-02-03 15:47:51
ipsec 08[IKE] received DELETE for ESP CHILD_SA with SPI 0598388f
System
2014-02-03 15:47:51
ipsec 08[IKE] closing CHILD_SA Iphone{3} with SPIs cbb112dd_i (498 bytes) 0598388f_o (0 bytes) and TS 198.200.0.251/32[udp/l2tp] === 80.187.96.20/32[udp/54498]
System
2014-02-03 15:47:51
ipsec: 15[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (92 bytes)
System
2014-02-03 15:47:51
ipsec 15[ENC] parsed INFORMATIONAL_V1 request 3254382666 [ HASH D ]
System
2014-02-03 15:47:51
Iphone (31) 15[IKE] received DELETE for IKE_SA Iphone[31]
System
2014-02-03 15:47:51
Iphone (31) 15[IKE] deleting IKE_SA Iphone[31] between 198.200.0.251[Iphone]...80.187.96.20[172.23.177.113]
System
2014-02-03 15:47:51
ipsec: 12[NET] received packet from 217.91.156.57[25280] to 192.168.57.251[4500] (420 bytes)
System
2014-02-03 15:47:51
ipsec 12[ENC] parsed ID_PROT request 0 [ SA V V V V V ]
System
2014-02-03 15:47:51
ipsec 12[IKE] no IKE config found for 192.168.57.251...217.91.156.57, sending NO_PROPOSAL_CHOSEN
System
2014-02-03 15:47:51
ipsec 12[ENC] generating INFORMATIONAL_V1 request 957700175 [ N(NO_PROP) ]
System
2014-02-03 15:47:51
ipsec: 12[NET] sending packet from 192.168.57.251[4500] to 217.91.156.57[25280] (40 bytes)
System
2014-02-03 15:47:53
ipsec: 10[NET] received packet from 80.187.96.20[500] to 198.200.0.251[500] (500 bytes)
System
2014-02-03 15:47:53
ipsec 10[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V V V V V ]
System
2014-02-03 15:47:53
ipsec 10[IKE] received NAT-T (RFC 3947) vendor ID
System
2014-02-03 15:47:53
ipsec 10[IKE] received draft-ietf-ipsec-nat-t-ike vendor ID
System
2014-02-03 15:47:53
ipsec 10[IKE] received draft-ietf-ipsec-nat-t-ike-08 vendor ID
System
2014-02-03 15:47:53
ipsec 10[IKE] received draft-ietf-ipsec-nat-t-ike-07 vendor ID
System
2014-02-03 15:47:53
ipsec 10[IKE] received draft-ietf-ipsec-nat-t-ike-06 vendor ID
System
2014-02-03 15:47:53
ipsec 10[IKE] received draft-ietf-ipsec-nat-t-ike-05 vendor ID
System
2014-02-03 15:47:53
ipsec 10[IKE] received draft-ietf-ipsec-nat-t-ike-04 vendor ID
System
2014-02-03 15:47:53
ipsec 10[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
System
2014-02-03 15:47:53
ipsec 10[IKE] received draft-ietf-ipsec-nat-t-ike-02 vendor ID
System
2014-02-03 15:47:53
ipsec 10[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
System
2014-02-03 15:47:53
ipsec 10[IKE] received FRAGMENTATION vendor ID
System
2014-02-03 15:47:53
ipsec 10[IKE] received DPD vendor ID
System
2014-02-03 15:47:53
ipsec 10[IKE] 80.187.96.20 is initiating a Main Mode IKE_SA
System
2014-02-03 15:47:53
ipsec 10[ENC] generating ID_PROT response 0 [ SA V V V V ]
System
2014-02-03 15:47:53
ipsec: 10[NET] sending packet from 198.200.0.251[500] to 80.187.96.20[500] (156 bytes)
System
2014-02-03 15:47:56
ipsec: 12[NET] received packet from 80.187.96.20[500] to 198.200.0.251[500] (228 bytes)
System
2014-02-03 15:47:56
ipsec 12[ENC] parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
System
2014-02-03 15:47:56
ipsec 12[IKE] local host is behind NAT, sending keep alives
System
2014-02-03 15:47:56
ipsec 12[IKE] remote host is behind NAT
System
2014-02-03 15:47:56
ipsec 12[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
System
2014-02-03 15:47:56
ipsec: 12[NET] sending packet from 198.200.0.251[500] to 80.187.96.20[500] (244 bytes)
System
2014-02-03 15:47:58
ipsec: 11[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (108 bytes)
System
2014-02-03 15:47:58
ipsec 11[ENC] parsed ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
System
2014-02-03 15:47:58
ipsec 11[CFG] looking for pre-shared key peer configs matching 198.200.0.251...80.187.96.20[172.23.177.113]
System
2014-02-03 15:47:58
ipsec 11[CFG] selected peer config "Iphone"
System
2014-02-03 15:47:58
Iphone (33) 11[IKE] IKE_SA Iphone[33] established between 198.200.0.251[Iphone]...80.187.96.20[172.23.177.113]
System
2014-02-03 15:47:58
ipsec 11[IKE] scheduling reauthentication in 6215s
System
2014-02-03 15:47:58
ipsec 11[IKE] maximum IKE_SA lifetime 6755s
System
2014-02-03 15:47:58
ipsec 11[ENC] generating ID_PROT response 0 [ ID HASH ]
System
2014-02-03 15:47:58
ipsec: 11[NET] sending packet from 198.200.0.251[4500] to 80.187.96.20[30065] (76 bytes)
System
2014-02-03 15:48:00
ipsec: 13[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (316 bytes)
System
2014-02-03 15:48:00
ipsec 13[ENC] parsed QUICK_MODE request 2359129104 [ HASH SA No ID ID NAT-OA NAT-OA ]
System
2014-02-03 15:48:00
ipsec 13[IKE] received 3600s lifetime, configured 28800s
System
2014-02-03 15:48:00
ipsec 13[ENC] generating QUICK_MODE response 2359129104 [ HASH SA No ID ID NAT-OA NAT-OA ]
System
2014-02-03 15:48:00
ipsec: 13[NET] sending packet from 198.200.0.251[4500] to 80.187.96.20[30065] (204 bytes)
System
2014-02-03 15:48:00
ipsec: 03[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (60 bytes)
System
2014-02-03 15:48:00
ipsec 03[ENC] parsed QUICK_MODE request 2359129104 [ HASH ]
System
2014-02-03 15:48:00
ipsec 03[IKE] CHILD_SA Iphone{4} established with SPIs cec6ed39_i 0520d9d7_o and TS 198.200.0.251/32[udp/l2tp] === 80.187.96.20/32[udp/57108]
System
2014-02-03 15:48:20
ipsec: 02[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (76 bytes)
System
2014-02-03 15:48:20
ipsec 02[ENC] parsed INFORMATIONAL_V1 request 4245028433 [ HASH D ]
System
2014-02-03 15:48:20
ipsec 02[IKE] received DELETE for ESP CHILD_SA with SPI 0520d9d7
System
2014-02-03 15:48:20
ipsec 02[IKE] closing CHILD_SA Iphone{4} with SPIs cec6ed39_i (581 bytes) 0520d9d7_o (0 bytes) and TS 198.200.0.251/32[udp/l2tp] === 80.187.96.20/32[udp/57108]
System
2014-02-03 15:48:20
ipsec: 01[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (92 bytes)
System
2014-02-03 15:48:20
ipsec 01[ENC] parsed INFORMATIONAL_V1 request 3391769773 [ HASH D ]
System
2014-02-03 15:48:20
Iphone (33) 01[IKE] received DELETE for IKE_SA Iphone[33]
System
2014-02-03 15:48:20
Iphone (33) 01[IKE] deleting IKE_SA Iphone[33] between 198.200.0.251[Iphone]...80.187.96.20[172.23.177.113]
System
2014-02-03 15:48:31
ipsec: 14[NET] received packet from 217.91.156.57[25280] to 192.168.57.251[4500] (420 bytes)
System
2014-02-03 15:48:31
ipsec 14[ENC] parsed ID_PROT request 0 [ SA V V V V V ]
System
2014-02-03 15:48:31
ipsec 14[IKE] no IKE config found for 192.168.57.251...217.91.156.57, sending NO_PROPOSAL_CHOSEN
System
2014-02-03 15:48:31
ipsec 14[ENC] generating INFORMATIONAL_V1 request 133958465 [ N(NO_PROP) ]
System
2014-02-03 15:48:31
ipsec: 14[NET] sending packet from 192.168.57.251[4500] to 217.91.156.57[25280] (40 bytes)
System
2014-02-03 15:49:11
ipsec: 01[NET] received packet from 80.187.96.20[500] to 198.200.0.251[500] (500 bytes)
System
2014-02-03 15:49:11
ipsec 01[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V V V V V ]
System
2014-02-03 15:49:11
ipsec 01[IKE] received NAT-T (RFC 3947) vendor ID
System
2014-02-03 15:49:11
ipsec 01[IKE] received draft-ietf-ipsec-nat-t-ike vendor ID
System
2014-02-03 15:49:11
ipsec 01[IKE] received draft-ietf-ipsec-nat-t-ike-08 vendor ID
System
2014-02-03 15:49:11
ipsec 01[IKE] received draft-ietf-ipsec-nat-t-ike-07 vendor ID
System
2014-02-03 15:49:11
ipsec 01[IKE] received draft-ietf-ipsec-nat-t-ike-06 vendor ID
System
2014-02-03 15:49:11
ipsec 01[IKE] received draft-ietf-ipsec-nat-t-ike-05 vendor ID
System
2014-02-03 15:49:11
ipsec 01[IKE] received draft-ietf-ipsec-nat-t-ike-04 vendor ID
System
2014-02-03 15:49:11
ipsec 01[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
System
2014-02-03 15:49:11
ipsec 01[IKE] received draft-ietf-ipsec-nat-t-ike-02 vendor ID
System
2014-02-03 15:49:11
ipsec 01[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
System
2014-02-03 15:49:11
ipsec 01[IKE] received FRAGMENTATION vendor ID
System
2014-02-03 15:49:11
ipsec 01[IKE] received DPD vendor ID
System
2014-02-03 15:49:11
ipsec 01[IKE] 80.187.96.20 is initiating a Main Mode IKE_SA
System
2014-02-03 15:49:11
ipsec 01[ENC] generating ID_PROT response 0 [ SA V V V V ]
System
2014-02-03 15:49:11
ipsec: 01[NET] sending packet from 198.200.0.251[500] to 80.187.96.20[500] (156 bytes)
System
2014-02-03 15:49:11
ipsec: 02[NET] received packet from 80.187.96.20[500] to 198.200.0.251[500] (228 bytes)
System
2014-02-03 15:49:11
ipsec 02[ENC] parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
System
2014-02-03 15:49:11
ipsec 02[IKE] local host is behind NAT, sending keep alives
System
2014-02-03 15:49:11
ipsec 02[IKE] remote host is behind NAT
System
2014-02-03 15:49:11
ipsec 02[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
System
2014-02-03 15:49:11
ipsec: 02[NET] sending packet from 198.200.0.251[500] to 80.187.96.20[500] (244 bytes)
System
2014-02-03 15:49:11
ipsec: 10[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (108 bytes)
System
2014-02-03 15:49:11
ipsec 10[ENC] parsed ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
System
2014-02-03 15:49:11
ipsec 10[CFG] looking for pre-shared key peer configs matching 198.200.0.251...80.187.96.20[172.23.177.113]
System
2014-02-03 15:49:11
ipsec 10[CFG] selected peer config "Iphone"
System
2014-02-03 15:49:11
Iphone (35) 10[IKE] IKE_SA Iphone[35] established between 198.200.0.251[Iphone]...80.187.96.20[172.23.177.113]
System
2014-02-03 15:49:11
ipsec 10[IKE] scheduling reauthentication in 6269s
System
2014-02-03 15:49:11
ipsec 10[IKE] maximum IKE_SA lifetime 6809s
System
2014-02-03 15:49:11
ipsec 10[ENC] generating ID_PROT response 0 [ ID HASH ]
System
2014-02-03 15:49:11
ipsec: 10[NET] sending packet from 198.200.0.251[4500] to 80.187.96.20[30065] (76 bytes)
System
2014-02-03 15:49:11
ipsec: 09[NET] received packet from 217.91.156.57[25280] to 192.168.57.251[4500] (420 bytes)
System
2014-02-03 15:49:11
ipsec 09[ENC] parsed ID_PROT request 0 [ SA V V V V V ]
System
2014-02-03 15:49:11
ipsec 09[IKE] no IKE config found for 192.168.57.251...217.91.156.57, sending NO_PROPOSAL_CHOSEN
System
2014-02-03 15:49:11
ipsec 09[ENC] generating INFORMATIONAL_V1 request 517533928 [ N(NO_PROP) ]
System
2014-02-03 15:49:11
ipsec: 09[NET] sending packet from 192.168.57.251[4500] to 217.91.156.57[25280] (40 bytes)
System
2014-02-03 15:49:12
ipsec: 08[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (316 bytes)
System
2014-02-03 15:49:12
ipsec 08[ENC] parsed QUICK_MODE request 1792434643 [ HASH SA No ID ID NAT-OA NAT-OA ]
System
2014-02-03 15:49:12
ipsec 08[IKE] received 3600s lifetime, configured 28800s
System
2014-02-03 15:49:12
ipsec 08[ENC] generating QUICK_MODE response 1792434643 [ HASH SA No ID ID NAT-OA NAT-OA ]
System
2014-02-03 15:49:12
ipsec: 08[NET] sending packet from 198.200.0.251[4500] to 80.187.96.20[30065] (204 bytes)
System
2014-02-03 15:49:12
ipsec: 12[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (60 bytes)
System
2014-02-03 15:49:12
ipsec 12[ENC] parsed QUICK_MODE request 1792434643 [ HASH ]
System
2014-02-03 15:49:12
ipsec 12[IKE] CHILD_SA Iphone{5} established with SPIs cc44c777_i 00d22065_o and TS 198.200.0.251/32[udp/l2tp] === 80.187.96.20/32[udp/61630]
System
2014-02-03 15:49:32
ipsec: 15[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (76 bytes)
System
2014-02-03 15:49:32
ipsec 15[ENC] parsed INFORMATIONAL_V1 request 1495007680 [ HASH D ]
System
2014-02-03 15:49:32
ipsec 15[IKE] received DELETE for ESP CHILD_SA with SPI 00d22065
System
2014-02-03 15:49:32
ipsec 15[IKE] closing CHILD_SA Iphone{5} with SPIs cc44c777_i (498 bytes) 00d22065_o (0 bytes) and TS 198.200.0.251/32[udp/l2tp] === 80.187.96.20/32[udp/61630]
System
2014-02-03 15:49:32
ipsec: 08[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (92 bytes)
System
2014-02-03 15:49:32
ipsec 08[ENC] parsed INFORMATIONAL_V1 request 692584708 [ HASH D ]
System
2014-02-03 15:49:32
Iphone (35) 08[IKE] received DELETE for IKE_SA Iphone[35]
System
2014-02-03 15:49:32
Iphone (35) 08[IKE] deleting IKE_SA Iphone[35] between 198.200.0.251[Iphone]...80.187.96.20[172.23.177.113]
System
2014-02-03 15:49:51
ipsec: 16[NET] received packet from 217.91.156.57[25280] to 192.168.57.251[4500] (420 bytes)
System
2014-02-03 15:49:51
ipsec 16[ENC] parsed ID_PROT request 0 [ SA V V V V V ]
System
2014-02-03 15:49:51
ipsec 16[IKE] no IKE config found for 192.168.57.251...217.91.156.57, sending NO_PROPOSAL_CHOSEN
System
2014-02-03 15:49:51
ipsec 16[ENC] generating INFORMATIONAL_V1 request 3767215516 [ N(NO_PROP) ]
System
2014-02-03 15:49:51
ipsec: 16[NET] sending packet from 192.168.57.251[4500] to 217.91.156.57[25280] (40 bytes)
System
2014-02-03 15:50:29
ipsec: 16[NET] received packet from 80.187.96.20[500] to 198.200.0.251[500] (500 bytes)
System
2014-02-03 15:50:29
ipsec 16[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V V V V V ]
System
2014-02-03 15:50:29
ipsec 16[IKE] received NAT-T (RFC 3947) vendor ID
System
2014-02-03 15:50:29
ipsec 16[IKE] received draft-ietf-ipsec-nat-t-ike vendor ID
System
2014-02-03 15:50:29
ipsec 16[IKE] received draft-ietf-ipsec-nat-t-ike-08 vendor ID
System
2014-02-03 15:50:29
ipsec 16[IKE] received draft-ietf-ipsec-nat-t-ike-07 vendor ID
System
2014-02-03 15:50:29
ipsec 16[IKE] received draft-ietf-ipsec-nat-t-ike-06 vendor ID
System
2014-02-03 15:50:29
ipsec 16[IKE] received draft-ietf-ipsec-nat-t-ike-05 vendor ID
System
2014-02-03 15:50:29
ipsec 16[IKE] received draft-ietf-ipsec-nat-t-ike-04 vendor ID
System
2014-02-03 15:50:29
ipsec 16[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
System
2014-02-03 15:50:29
ipsec 16[IKE] received draft-ietf-ipsec-nat-t-ike-02 vendor ID
System
2014-02-03 15:50:29
ipsec 16[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
System
2014-02-03 15:50:29
ipsec 16[IKE] received FRAGMENTATION vendor ID
System
2014-02-03 15:50:29
ipsec 16[IKE] received DPD vendor ID
System
2014-02-03 15:50:29
ipsec 16[IKE] 80.187.96.20 is initiating a Main Mode IKE_SA
System
2014-02-03 15:50:29
ipsec 16[ENC] generating ID_PROT response 0 [ SA V V V V ]
System
2014-02-03 15:50:29
ipsec: 16[NET] sending packet from 198.200.0.251[500] to 80.187.96.20[500] (156 bytes)
System
2014-02-03 15:50:30
ipsec: 03[NET] received packet from 80.187.96.20[500] to 198.200.0.251[500] (228 bytes)
System
2014-02-03 15:50:30
ipsec 03[ENC] parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
System
2014-02-03 15:50:30
ipsec 03[IKE] local host is behind NAT, sending keep alives
System
2014-02-03 15:50:30
ipsec 03[IKE] remote host is behind NAT
System
2014-02-03 15:50:30
ipsec 03[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
System
2014-02-03 15:50:30
ipsec: 03[NET] sending packet from 198.200.0.251[500] to 80.187.96.20[500] (244 bytes)
System
2014-02-03 15:50:30
ipsec: 02[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (108 bytes)
System
2014-02-03 15:50:30
ipsec 02[ENC] parsed ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
System
2014-02-03 15:50:30
ipsec 02[CFG] looking for pre-shared key peer configs matching 198.200.0.251...80.187.96.20[172.23.177.113]
System
2014-02-03 15:50:30
ipsec 02[CFG] selected peer config "Iphone"
System
2014-02-03 15:50:30
Iphone (38) 02[IKE] IKE_SA Iphone[38] established between 198.200.0.251[Iphone]...80.187.96.20[172.23.177.113]
System
2014-02-03 15:50:30
ipsec 02[IKE] scheduling reauthentication in 6311s
System
2014-02-03 15:50:30
ipsec 02[IKE] maximum IKE_SA lifetime 6851s
System
2014-02-03 15:50:30
ipsec 02[ENC] generating ID_PROT response 0 [ ID HASH ]
System
2014-02-03 15:50:30
ipsec: 02[NET] sending packet from 198.200.0.251[4500] to 80.187.96.20[30065] (76 bytes)
System
2014-02-03 15:50:30
ipsec: 15[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (316 bytes)
System
2014-02-03 15:50:30
ipsec 15[ENC] parsed QUICK_MODE request 2770527775 [ HASH SA No ID ID NAT-OA NAT-OA ]
System
2014-02-03 15:50:30
ipsec 15[IKE] received 3600s lifetime, configured 28800s
System
2014-02-03 15:50:30
ipsec 15[ENC] generating QUICK_MODE response 2770527775 [ HASH SA No ID ID NAT-OA NAT-OA ]
System
2014-02-03 15:50:30
ipsec: 15[NET] sending packet from 198.200.0.251[4500] to 80.187.96.20[30065] (204 bytes)
System
2014-02-03 15:50:31
ipsec: 12[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (60 bytes)
System
2014-02-03 15:50:31
ipsec 12[ENC] parsed QUICK_MODE request 2770527775 [ HASH ]
System
2014-02-03 15:50:31
ipsec 12[IKE] CHILD_SA Iphone{6} established with SPIs c7aa9226_i 0c0c99ea_o and TS 198.200.0.251/32[udp/l2tp] === 80.187.96.20/32[udp/49711]
System
2014-02-03 15:50:31
ipsec: 13[NET] received packet from 217.91.156.57[25280] to 192.168.57.251[4500] (420 bytes)
System
2014-02-03 15:50:31
ipsec 13[ENC] parsed ID_PROT request 0 [ SA V V V V V ]
System
2014-02-03 15:50:31
ipsec 13[IKE] no IKE config found for 192.168.57.251...217.91.156.57, sending NO_PROPOSAL_CHOSEN
System
2014-02-03 15:50:31
ipsec 13[ENC] generating INFORMATIONAL_V1 request 2288984980 [ N(NO_PROP) ]
System
2014-02-03 15:50:31
ipsec: 13[NET] sending packet from 192.168.57.251[4500] to 217.91.156.57[25280] (40 bytes)
System
2014-02-03 15:50:41
ipsec: 13[NET] received packet from 217.91.156.57[25280] to 192.168.57.251[4500] (420 bytes)
System
2014-02-03 15:50:41
ipsec 13[ENC] parsed ID_PROT request 0 [ SA V V V V V ]
System
2014-02-03 15:50:41
ipsec 13[IKE] no IKE config found for 192.168.57.251...217.91.156.57, sending NO_PROPOSAL_CHOSEN
System
2014-02-03 15:50:41
ipsec 13[ENC] generating INFORMATIONAL_V1 request 1842528814 [ N(NO_PROP) ]
System
2014-02-03 15:50:41
ipsec: 13[NET] sending packet from 192.168.57.251[4500] to 217.91.156.57[25280] (40 bytes)
System
2014-02-03 15:50:51
ipsec: 15[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (76 bytes)
System
2014-02-03 15:50:51
ipsec 15[ENC] parsed INFORMATIONAL_V1 request 1352067928 [ HASH D ]
System
2014-02-03 15:50:51
ipsec 15[IKE] received DELETE for ESP CHILD_SA with SPI 0c0c99ea
System
2014-02-03 15:50:51
ipsec 15[IKE] closing CHILD_SA Iphone{6} with SPIs c7aa9226_i (581 bytes) 0c0c99ea_o (0 bytes) and TS 198.200.0.251/32[udp/l2tp] === 80.187.96.20/32[udp/49711]
System
2014-02-03 15:50:51
ipsec: 12[NET] received packet from 80.187.96.20[30065] to 198.200.0.251[4500] (92 bytes)
System
2014-02-03 15:50:51
ipsec 12[ENC] parsed INFORMATIONAL_V1 request 587836367 [ HASH D ]
System
2014-02-03 15:50:51
Iphone (38) 12[IKE] received DELETE for IKE_SA Iphone[38]
System
2014-02-03 15:50:51
Iphone (38) 12[IKE] deleting IKE_SA Iphone[38] between 198.200.0.251[Iphone]...80.187.96.20[172.23.177.113]
System
2014-02-03 15:51:01
ipsec: 10[NET] received packet from 217.91.156.57[25280] to 192.168.57.251[4500] (420 bytes)
System
2014-02-03 15:51:01
ipsec 10[ENC] parsed ID_PROT request 0 [ SA V V V V V ]
System
2014-02-03 15:51:02
ipsec 10[IKE] no IKE config found for 192.168.57.251...217.91.156.57, sending NO_PROPOSAL_CHOSEN
System
2014-02-03 15:51:02
ipsec 10[ENC] generating INFORMATIONAL_V1 request 939404540 [ N(NO_PROP) ]
System
2014-02-03 15:51:02
ipsec: 10[NET] sending packet from 192.168.57.251[4500] to 217.91.156.57[25280] (40 bytes)

Alles anzeigen

Ich habe die Ports in der Firewall freigeschalten, jedoch kein Erfolg....das Iphone meldet keine antwort vom VPN Server (aber ich sehe ja im Protokoll das etwas passiert)

Jemand eine Idee?

flyinghuman

Ich habe das gleiche Problem. Ich tippe auf ein NAT Problem der EFW. Wäre schön wenn das funktionieren würde! Ich bin für jeden Tippp dankbar...

DanielZ87

Ich habe mit der Endian Hotline telefoniert...

Also die Endian Firewall kann das nur wenn die Firewall vor eineme NAT Gerät hängt (z.B Router).... sobald Router -> Endian Firewall geht es nicht...

Die 3.0 ist noch in der Entwicklerphase....Warum wird Sie dann als Final angeboten !!

Ich habe es jetzt mit dem OpenVPN Client zum laufen bekommen, was auch nicht grade "mal schnell" geht.

Also Flyinghuman, beiss dir nicht die Zähne aus, es geht nicht

flyinghuman

ja, ich habe jetzt auch softEther auf einem PC genommen. Selbst dort bekomme ich jedoch keine Verbindung hinter der Endian via L2TP/Ipsec. Via OpenVPN und Portwordwarding gehts dann.

Schade eig. die Endian muss sozusagen per DSL-Modem via PPPoE ans Netz und dann sollte es funktionieren?!

flyinghuman

wieso kann man hier seinen Beitrag nicht bearbeiten? Egal.

Ich wollte noch anfügen, dass es auch ohne Software aber mit dem OpenVPN Server auf der endian Funktioniert. Hier eine Beispiel-Konfig für den OpenVPN-Klienten aus dem Apple-Store:

Code

client
dev tun
proto udp
remote <Hostname or IP> 1194
resolv-retry infinite
nobind
persist-key
persist-tun
#pkcs12 user.p12
auth-user-pass
verb 3
comp-lzo
ns-cert-type server


<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>


<key>
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
</key>

Alles anzeigen

man muss vorher die p12 Datei von endian entsprechend aufteilen:

Code

openssl pkcs12 -in ZERTIFIKAT.p12 -clcerts -nokeys -nodes -out user.pem
openssl pkcs12 -in ZERTIFIKAT.p12 -nocerts -nodes -out keys.pem
openssl pkcs12 -in ZERTIFIKAT.p12 -cacerts -nodes -out ca.pem

Gruß