Jump to content

mluxor

Forum Members
  • Posts

    1
  • Joined

  • Last visited

Equipment

  • Keenetic
    KN-1410

mluxor's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. день добрый! прошу помощи. пытаюсь связать Omni (KN-1410) Версия ОС3.6.10 и USG60, по схеме "site-to-site with dynamic peer" на pre-shared key. Keenetic как клиент. Вроде всё везде прописал, но тоннеля нет. На кенетике в логах 00[DMN] Starting IKE charon daemon (strongSwan 5.8.0, Linux 4.9-ndm-4, mips) Окт 19 16:34:52 ipsec 00[CFG] loading secrets Окт 19 16:34:52 ipsec 00[CFG] loaded IKE secret for 10.136.215.118 80.80.80.82 Окт 19 16:34:52 ipsec 00[CFG] loaded 1 RADIUS server configuration Окт 19 16:34:52 ipsec 00[CFG] starting system time check, interval: 10s Окт 19 16:34:52 ipsec 00[LIB] loaded plugins: charon ndm-pem random save-keys nonce x509 pubkey openssl xcbc cmac hmac ctr attr kernel-netlink resolve socket-default stroke updown eap-identity eap-md5 eap-mschapv2 eap-dynamic eap-radius eap-peap xauth-generic xauth-eap error-notify systime-fix unity Окт 19 16:34:52 ipsec 00[LIB] dropped capabilities, running as uid 65534, gid 65534 Окт 19 16:34:52 ipsec 05[CFG] received stroke: add connection 'vpn_to_of' Окт 19 16:34:52 ipsec 05[CFG] added configuration 'vpn_to_of' Окт 19 16:34:52 ipsec 06[CFG] received stroke: initiate 'vpn_to_of' Окт 19 16:34:52 ipsec 06[IKE] initiating IKE_SA vpn_to_of[1] to 80.80.80.82 Окт 19 16:34:53 ipsec 08[CFG] received proposals: IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024 Окт 19 16:34:53 ipsec 08[CFG] configured proposals: IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024 Окт 19 16:34:53 ipsec 08[CFG] selected proposal: IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024 Окт 19 16:34:54 ipsec 08[IKE] linked key for crypto map 'vpn_to_of' is not found, still searching Окт 19 16:34:54 ipsec 08[IKE] authentication of '10.136.215.118' (myself) with pre-shared key Окт 19 16:34:54 ipsec 08[IKE] establishing CHILD_SA vpn_to_of{1} Окт 19 16:34:54 ipsec 09[IKE] received message ID 1, expected 0, ignored Окт 19 16:34:54 ipsec 09[IKE] received message ID 0, expected 1, ignored Окт 19 16:35:02 ipsec 06[IKE] retransmit 1 of request with message ID 1 Окт 19 16:35:03 ipsec 09[IKE] received message ID 0, expected 1, ignored Окт 19 16:35:10 ipsec 07[IKE] retransmit 2 of request with message ID 1 На этом история заканчивается. в логах на стороне uSG60 тишина. Буду благодарен за советы
×
×
  • Create New...