Sign in with
Sign up | Sign in
Your question

l2tp vpn from windows xp sp2

Last response: in Windows XP
Share
January 5, 2005 8:35:03 AM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Hi
I have set up a L2TP/IPSec VPN using certificates across a LAN and that
works fine. However, when I try to connect to the same VPN Server through
the Internet I get error 789. I am using a dial up connection to connect to
my ISP first and so do not have a permanent IP. Could this be causing
problems?

On the firewall, I have closed and reopened UDP ports 1701, 4500 and 500 to
make sure these are OK. Also, I have created another L2TP/IPSec VPN from a
fixed IP address which passes through fine.

The XP client has SP2 installed.

Event Viewer creates the following Failure Audit for the connection:

Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 547
Date: 05/01/2005
Time: 11:51:17
User: NT AUTHORITY\NETWORK SERVICE
Computer: REDLINELT1
Description:
IKE security association negotiation failed.
Mode:
Key Exchange Mode (Main Mode)

Filter:
Source IP Address 81.174.218.30
Source IP Address Mask 255.255.255.255
Destination IP Address 213.166.4.143
Destination IP Address Mask 255.255.255.255
Protocol 0
Source Port 0
Destination Port 0
IKE Local Addr 81.174.218.30
IKE Peer Addr 213.166.4.143

Peer Identity:

Failure Point:
Me

Failure Reason:
No response from peer

Extra Status:
0x0 0x0


For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

Any help would be greatly appreciated.
Thanks.

More about : l2tp vpn windows sp2

Anonymous
January 5, 2005 8:21:27 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Save the following as a .vbs and run it:

'This is a script to convert Windows XP Service Pack 2 to pre-Service Pack 2
VPN behavior.
'Microsoft could not give a reason why they changed this behavior and
refused to specify
'the supposed dangers of permitting VPN to work in a NAT environment.
'There is no warrantee to this script. To use this script, you take full
risk of any
'damages that may be caused by this script.
'George Ou
'www.LANArchitect.net



Dim WSHShell
Set WSHShell = WScript.CreateObject("WScript.Shell")

WSHShell.Popup "Repairing Microsoft Windows XP Service Pack 2"
WSHShell.RegWrite
"HKLM\System\CurrentControlSet\Services\IPSec\AssumeUDPEncapsulationContextO
nSendRule", "2", "REG_DWORD"


"James" <James@discussions.microsoft.com> wrote in message
news:05DE0EE5-7FD6-4C78-A7BB-B1C14C353A26@microsoft.com...
> Hi
> I have set up a L2TP/IPSec VPN using certificates across a LAN and that
> works fine. However, when I try to connect to the same VPN Server through
> the Internet I get error 789. I am using a dial up connection to connect
to
> my ISP first and so do not have a permanent IP. Could this be causing
> problems?
>
> On the firewall, I have closed and reopened UDP ports 1701, 4500 and 500
to
> make sure these are OK. Also, I have created another L2TP/IPSec VPN from
a
> fixed IP address which passes through fine.
>
> The XP client has SP2 installed.
>
> Event Viewer creates the following Failure Audit for the connection:
>
> Event Type: Failure Audit
> Event Source: Security
> Event Category: Logon/Logoff
> Event ID: 547
> Date: 05/01/2005
> Time: 11:51:17
> User: NT AUTHORITY\NETWORK SERVICE
> Computer: REDLINELT1
> Description:
> IKE security association negotiation failed.
> Mode:
> Key Exchange Mode (Main Mode)
>
> Filter:
> Source IP Address 81.174.218.30
> Source IP Address Mask 255.255.255.255
> Destination IP Address 213.166.4.143
> Destination IP Address Mask 255.255.255.255
> Protocol 0
> Source Port 0
> Destination Port 0
> IKE Local Addr 81.174.218.30
> IKE Peer Addr 213.166.4.143
>
> Peer Identity:
>
> Failure Point:
> Me
>
> Failure Reason:
> No response from peer
>
> Extra Status:
> 0x0 0x0
>
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
> Any help would be greatly appreciated.
> Thanks.
>
January 6, 2005 4:15:02 AM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

I have already implemented this fix and it makes no difference. Currently I
have uninstalled SP2 to remove that as an issue.

"OJ" wrote:

> Save the following as a .vbs and run it:
>
> 'This is a script to convert Windows XP Service Pack 2 to pre-Service Pack 2
> VPN behavior.
> 'Microsoft could not give a reason why they changed this behavior and
> refused to specify
> 'the supposed dangers of permitting VPN to work in a NAT environment.
> 'There is no warrantee to this script. To use this script, you take full
> risk of any
> 'damages that may be caused by this script.
> 'George Ou
> 'www.LANArchitect.net
>
>
>
> Dim WSHShell
> Set WSHShell = WScript.CreateObject("WScript.Shell")
>
> WSHShell.Popup "Repairing Microsoft Windows XP Service Pack 2"
> WSHShell.RegWrite
> "HKLM\System\CurrentControlSet\Services\IPSec\AssumeUDPEncapsulationContextO
> nSendRule", "2", "REG_DWORD"
>
>
> "James" <James@discussions.microsoft.com> wrote in message
> news:05DE0EE5-7FD6-4C78-A7BB-B1C14C353A26@microsoft.com...
> > Hi
> > I have set up a L2TP/IPSec VPN using certificates across a LAN and that
> > works fine. However, when I try to connect to the same VPN Server through
> > the Internet I get error 789. I am using a dial up connection to connect
> to
> > my ISP first and so do not have a permanent IP. Could this be causing
> > problems?
> >
> > On the firewall, I have closed and reopened UDP ports 1701, 4500 and 500
> to
> > make sure these are OK. Also, I have created another L2TP/IPSec VPN from
> a
> > fixed IP address which passes through fine.
> >
> > The XP client has SP2 installed.
> >
> > Event Viewer creates the following Failure Audit for the connection:
> >
> > Event Type: Failure Audit
> > Event Source: Security
> > Event Category: Logon/Logoff
> > Event ID: 547
> > Date: 05/01/2005
> > Time: 11:51:17
> > User: NT AUTHORITY\NETWORK SERVICE
> > Computer: REDLINELT1
> > Description:
> > IKE security association negotiation failed.
> > Mode:
> > Key Exchange Mode (Main Mode)
> >
> > Filter:
> > Source IP Address 81.174.218.30
> > Source IP Address Mask 255.255.255.255
> > Destination IP Address 213.166.4.143
> > Destination IP Address Mask 255.255.255.255
> > Protocol 0
> > Source Port 0
> > Destination Port 0
> > IKE Local Addr 81.174.218.30
> > IKE Peer Addr 213.166.4.143
> >
> > Peer Identity:
> >
> > Failure Point:
> > Me
> >
> > Failure Reason:
> > No response from peer
> >
> > Extra Status:
> > 0x0 0x0
> >
> >
> > For more information, see Help and Support Center at
> > http://go.microsoft.com/fwlink/events.asp.
> >
> > Any help would be greatly appreciated.
> > Thanks.
> >
>
>
>
Related resources
Can't find your answer ? Ask !
Anonymous
January 6, 2005 4:40:27 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

have you applied the 818043 fix if you have removed sp2?

NAT-t translation may be the issue

OJ


"James" <James@discussions.microsoft.com> wrote in message
news:05DE0EE5-7FD6-4C78-A7BB-B1C14C353A26@microsoft.com...
> Hi
> I have set up a L2TP/IPSec VPN using certificates across a LAN and that
> works fine. However, when I try to connect to the same VPN Server through
> the Internet I get error 789. I am using a dial up connection to connect
to
> my ISP first and so do not have a permanent IP. Could this be causing
> problems?
>
> On the firewall, I have closed and reopened UDP ports 1701, 4500 and 500
to
> make sure these are OK. Also, I have created another L2TP/IPSec VPN from
a
> fixed IP address which passes through fine.
>
> The XP client has SP2 installed.
>
> Event Viewer creates the following Failure Audit for the connection:
>
> Event Type: Failure Audit
> Event Source: Security
> Event Category: Logon/Logoff
> Event ID: 547
> Date: 05/01/2005
> Time: 11:51:17
> User: NT AUTHORITY\NETWORK SERVICE
> Computer: REDLINELT1
> Description:
> IKE security association negotiation failed.
> Mode:
> Key Exchange Mode (Main Mode)
>
> Filter:
> Source IP Address 81.174.218.30
> Source IP Address Mask 255.255.255.255
> Destination IP Address 213.166.4.143
> Destination IP Address Mask 255.255.255.255
> Protocol 0
> Source Port 0
> Destination Port 0
> IKE Local Addr 81.174.218.30
> IKE Peer Addr 213.166.4.143
>
> Peer Identity:
>
> Failure Point:
> Me
>
> Failure Reason:
> No response from peer
>
> Extra Status:
> 0x0 0x0
>
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
> Any help would be greatly appreciated.
> Thanks.
>
January 6, 2005 4:40:28 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Yes, still no joy.
Here is Oakley log:

1-06: 14:09:16:594:52c QM PolicyName: L2TP Require Encryption Quick Mode
Policy dwFlags 0
1-06: 14:09:16:594:52c QMOffer[0] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:594:52c QMOffer[0] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:594:52c Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: MD5
1-06: 14:09:16:594:52c QMOffer[1] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:594:52c QMOffer[1] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:594:52c Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: SHA
1-06: 14:09:16:594:52c QMOffer[2] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:594:52c QMOffer[2] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:594:52c Algo[0] Operation: AH Algo: SHA
1-06: 14:09:16:594:52c Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: 0
1-06: 14:09:16:594:52c QMOffer[3] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:594:52c QMOffer[3] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:594:52c Algo[0] Operation: AH Algo: MD5
1-06: 14:09:16:594:52c Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: 0
1-06: 14:09:16:594:52c QMOffer[4] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:594:52c QMOffer[4] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:594:52c Algo[0] Operation: AH Algo: SHA
1-06: 14:09:16:594:52c Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: SHA
1-06: 14:09:16:594:52c QMOffer[5] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:594:52c QMOffer[5] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:604:52c Algo[0] Operation: AH Algo: MD5
1-06: 14:09:16:604:52c Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: MD5
1-06: 14:09:16:604:52c QMOffer[6] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:604:52c QMOffer[6] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:604:52c Algo[0] Operation: ESP Algo: DES CBC HMAC: MD5
1-06: 14:09:16:604:52c QMOffer[7] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:604:52c QMOffer[7] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:604:52c Algo[0] Operation: ESP Algo: DES CBC HMAC: SHA
1-06: 14:09:16:604:52c QMOffer[8] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:604:52c QMOffer[8] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:604:52c Algo[0] Operation: AH Algo: SHA
1-06: 14:09:16:604:52c Algo[1] Operation: ESP Algo: DES CBC HMAC: 0
1-06: 14:09:16:604:52c QMOffer[9] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:604:52c QMOffer[9] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:604:52c Algo[0] Operation: AH Algo: MD5
1-06: 14:09:16:604:52c Algo[1] Operation: ESP Algo: DES CBC HMAC: 0
1-06: 14:09:16:604:52c QMOffer[10] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:604:52c QMOffer[10] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:604:52c Algo[0] Operation: AH Algo: SHA
1-06: 14:09:16:604:52c Algo[1] Operation: ESP Algo: DES CBC HMAC: SHA
1-06: 14:09:16:604:52c QMOffer[11] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:604:52c QMOffer[11] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:604:52c Algo[0] Operation: AH Algo: MD5
1-06: 14:09:16:604:52c Algo[1] Operation: ESP Algo: DES CBC HMAC: MD5
1-06: 14:09:16:604:52c Internal Acquire: op=00000001
src=81.174.216.131.1701 dst=213.166.4.143.1701 proto = 17,
SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 0,
TunnelEndpt=0.0.0.0 Inbound TunnelEndpt=0.0.0.0, InitiateEvent=00000458, IKE
SrcPort=500 IKE DstPort=500
1-06: 14:09:16:604:254 Filter to match: Src 213.166.4.143 Dst 81.174.216.131
1-06: 14:09:16:604:254 MM PolicyName: L2TP Main Mode Policy
1-06: 14:09:16:604:254 MMPolicy dwFlags 8 SoftSAExpireTime 28800
1-06: 14:09:16:604:254 MMOffer[0] LifetimeSec 28800 QMLimit 0 DHGroup
268435457
1-06: 14:09:16:604:254 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
1-06: 14:09:16:604:254 MMOffer[1] LifetimeSec 28800 QMLimit 0 DHGroup 2
1-06: 14:09:16:604:254 MMOffer[1] Encrypt: Triple DES CBC Hash: SHA
1-06: 14:09:16:604:254 MMOffer[2] LifetimeSec 28800 QMLimit 0 DHGroup 2
1-06: 14:09:16:604:254 MMOffer[2] Encrypt: Triple DES CBC Hash: MD5
1-06: 14:09:16:604:254 MMOffer[3] LifetimeSec 28800 QMLimit 0 DHGroup 1
1-06: 14:09:16:604:254 MMOffer[3] Encrypt: DES CBC Hash: SHA
1-06: 14:09:16:604:254 MMOffer[4] LifetimeSec 28800 QMLimit 0 DHGroup 1
1-06: 14:09:16:604:254 MMOffer[4] Encrypt: DES CBC Hash: MD5
1-06: 14:09:16:604:254 Auth[0]:RSA Sig DC=local, DC=redline,
CN=DakarEntRoot AuthFlags 0
1-06: 14:09:16:604:254 QM PolicyName: L2TP Require Encryption Quick Mode
Policy dwFlags 0
1-06: 14:09:16:604:254 QMOffer[0] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:604:254 QMOffer[0] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:604:254 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: MD5
1-06: 14:09:16:604:254 QMOffer[1] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:604:254 QMOffer[1] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:604:254 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: SHA
1-06: 14:09:16:604:254 QMOffer[2] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:604:254 QMOffer[2] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:604:254 Algo[0] Operation: AH Algo: SHA
1-06: 14:09:16:604:254 Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: 0
1-06: 14:09:16:604:254 QMOffer[3] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:604:254 QMOffer[3] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:604:254 Algo[0] Operation: AH Algo: MD5
1-06: 14:09:16:604:254 Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: 0
1-06: 14:09:16:604:254 QMOffer[4] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:604:254 QMOffer[4] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:604:254 Algo[0] Operation: AH Algo: SHA
1-06: 14:09:16:604:254 Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: SHA
1-06: 14:09:16:604:254 QMOffer[5] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:604:254 QMOffer[5] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:614:254 Algo[0] Operation: AH Algo: MD5
1-06: 14:09:16:614:254 Algo[1] Operation: ESP Algo: Triple DES CBC HMAC: MD5
1-06: 14:09:16:614:254 QMOffer[6] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:614:254 QMOffer[6] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:614:254 Algo[0] Operation: ESP Algo: DES CBC HMAC: MD5
1-06: 14:09:16:614:254 QMOffer[7] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:614:254 QMOffer[7] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:614:254 Algo[0] Operation: ESP Algo: DES CBC HMAC: SHA
1-06: 14:09:16:614:254 QMOffer[8] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:614:254 QMOffer[8] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:614:254 Algo[0] Operation: AH Algo: SHA
1-06: 14:09:16:614:254 Algo[1] Operation: ESP Algo: DES CBC HMAC: 0
1-06: 14:09:16:614:254 QMOffer[9] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:614:254 QMOffer[9] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:614:254 Algo[0] Operation: AH Algo: MD5
1-06: 14:09:16:614:254 Algo[1] Operation: ESP Algo: DES CBC HMAC: 0
1-06: 14:09:16:614:254 QMOffer[10] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:614:254 QMOffer[10] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:614:254 Algo[0] Operation: AH Algo: SHA
1-06: 14:09:16:614:254 Algo[1] Operation: ESP Algo: DES CBC HMAC: SHA
1-06: 14:09:16:614:254 QMOffer[11] LifetimeKBytes 250000 LifetimeSec 3600
1-06: 14:09:16:614:254 QMOffer[11] dwFlags 0 dwPFSGroup 0
1-06: 14:09:16:614:254 Algo[0] Operation: AH Algo: MD5
1-06: 14:09:16:614:254 Algo[1] Operation: ESP Algo: DES CBC HMAC: MD5
1-06: 14:09:16:614:254 Starting Negotiation: src = 81.174.216.131.0500, dst
= 213.166.4.143.0500, proto = 17, context = 00000000, ProxySrc =
81.174.216.131.1701, ProxyDst = 213.166.4.143.1701 SrcMask = 0.0.0.0 DstMask
= 0.0.0.0
1-06: 14:09:16:614:254 constructing ISAKMP Header
1-06: 14:09:16:614:254 constructing SA (ISAKMP)
1-06: 14:09:16:614:254 Constructing Vendor MS NT5 ISAKMPOAKLEY
1-06: 14:09:16:614:254 Constructing Vendor FRAGMENTATION
1-06: 14:09:16:614:254 Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
1-06: 14:09:16:614:254 Constructing Vendor Vid-Initial-Contact
1-06: 14:09:16:614:254
1-06: 14:09:16:614:254 Sending: SA = 0x00162D90 to 213.166.4.143:Type 2.500
1-06: 14:09:16:614:254 ISAKMP Header: (V1.0), len = 312
1-06: 14:09:16:614:254 I-COOKIE ffb12588ba3d1a04
1-06: 14:09:16:614:254 R-COOKIE 0000000000000000
1-06: 14:09:16:614:254 exchange: Oakley Main Mode
1-06: 14:09:16:614:254 flags: 0
1-06: 14:09:16:614:254 next payload: SA
1-06: 14:09:16:614:254 message ID: 00000000
1-06: 14:09:16:614:254 Ports S:f401 D:f401
1-06: 14:09:16:614:254 Activating InitiateEvent 00000458
1-06: 14:09:17:315:b4 retransmit: sa = 00162D90 centry 00000000 , count = 1
1-06: 14:09:17:315:b4
1-06: 14:09:17:315:b4 Sending: SA = 0x00162D90 to 213.166.4.143:Type 2.500
1-06: 14:09:17:315:b4 ISAKMP Header: (V1.0), len = 312
1-06: 14:09:17:315:b4 I-COOKIE ffb12588ba3d1a04
1-06: 14:09:17:315:b4 R-COOKIE 0000000000000000
1-06: 14:09:17:315:b4 exchange: Oakley Main Mode
1-06: 14:09:17:315:b4 flags: 0
1-06: 14:09:17:315:b4 next payload: SA
1-06: 14:09:17:315:b4 message ID: 00000000
1-06: 14:09:17:315:b4 Ports S:f401 D:f401
1-06: 14:09:19:318:b4 retransmit: sa = 00162D90 centry 00000000 , count = 2
1-06: 14:09:19:318:b4
1-06: 14:09:19:318:b4 Sending: SA = 0x00162D90 to 213.166.4.143:Type 2.500
1-06: 14:09:19:318:b4 ISAKMP Header: (V1.0), len = 312
1-06: 14:09:19:318:b4 I-COOKIE ffb12588ba3d1a04
1-06: 14:09:19:318:b4 R-COOKIE 0000000000000000
1-06: 14:09:19:318:b4 exchange: Oakley Main Mode
1-06: 14:09:19:318:b4 flags: 0
1-06: 14:09:19:318:b4 next payload: SA
1-06: 14:09:19:318:b4 message ID: 00000000
1-06: 14:09:19:318:b4 Ports S:f401 D:f401
1-06: 14:09:23:324:b4 retransmit: sa = 00162D90 centry 00000000 , count = 3
1-06: 14:09:23:324:b4
1-06: 14:09:23:324:b4 Sending: SA = 0x00162D90 to 213.166.4.143:Type 2.500
1-06: 14:09:23:324:b4 ISAKMP Header: (V1.0), len = 312
1-06: 14:09:23:324:b4 I-COOKIE ffb12588ba3d1a04
1-06: 14:09:23:324:b4 R-COOKIE 0000000000000000
1-06: 14:09:23:324:b4 exchange: Oakley Main Mode
1-06: 14:09:23:324:b4 flags: 0
1-06: 14:09:23:324:b4 next payload: SA
1-06: 14:09:23:324:b4 message ID: 00000000
1-06: 14:09:23:324:b4 Ports S:f401 D:f401
1-06: 14:09:31:361:b4 retransmit: sa = 00162D90 centry 00000000 , count = 4
1-06: 14:09:31:361:b4
1-06: 14:09:31:361:b4 Sending: SA = 0x00162D90 to 213.166.4.143:Type 2.500
1-06: 14:09:31:361:b4 ISAKMP Header: (V1.0), len = 312
1-06: 14:09:31:361:b4 I-COOKIE ffb12588ba3d1a04
1-06: 14:09:31:361:b4 R-COOKIE 0000000000000000
1-06: 14:09:31:361:b4 exchange: Oakley Main Mode
1-06: 14:09:31:361:b4 flags: 0
1-06: 14:09:31:361:b4 next payload: SA
1-06: 14:09:31:361:b4 message ID: 00000000
1-06: 14:09:31:361:b4 Ports S:f401 D:f401
1-06: 14:09:47:526:b4 retransmit: sa = 00162D90 centry 00000000 , count = 5
1-06: 14:09:47:526:b4
1-06: 14:09:47:526:b4 Sending: SA = 0x00162D90 to 213.166.4.143:Type 2.500
1-06: 14:09:47:526:b4 ISAKMP Header: (V1.0), len = 312
1-06: 14:09:47:526:b4 I-COOKIE ffb12588ba3d1a04
1-06: 14:09:47:526:b4 R-COOKIE 0000000000000000
1-06: 14:09:47:526:b4 exchange: Oakley Main Mode
1-06: 14:09:47:526:b4 flags: 0
1-06: 14:09:47:526:b4 next payload: SA
1-06: 14:09:47:526:b4 message ID: 00000000
1-06: 14:09:47:526:b4 Ports S:f401 D:f401
1-06: 14:10:19:857:b4 retransmit exhausted: sa = 00162D90 centry 00000000,
count = 6
1-06: 14:10:19:857:b4 SA Dead. sa:00162D90 status:35ed
1-06: 14:10:19:857:b4 isadb_set_status sa:00162D90 centry:00000000 status
35ed
1-06: 14:10:19:857:b4 Key Exchange Mode (Main Mode)
1-06: 14:10:19:857:b4 Source IP Address 81.174.216.131 Source IP Address
Mask 255.255.255.255 Destination IP Address 213.166.4.143 Destination IP
Address Mask 255.255.255.255 Protocol 0 Source Port 0 Destination Port 0
IKE Local Addr 81.174.216.131 IKE Peer Addr 213.166.4.143
1-06: 14:10:19:857:b4
1-06: 14:10:19:857:b4 Me
1-06: 14:10:19:857:b4 No response from peer
1-06: 14:10:19:857:b4 0x0 0x0
1-06: 14:10:19:857:b4 isadb_set_status InitiateEvent 00000458: Setting
Status 35f5
1-06: 14:10:19:857:b4 Clearing sa 00162D90 InitiateEvent 00000458
1-06: 14:10:19:857:b4 constructing ISAKMP Header
1-06: 14:10:19:857:b4 constructing DELETE. MM 00162D90
1-06: 14:10:19:857:b4
1-06: 14:10:19:857:b4 Sending: SA = 0x00162D90 to 213.166.4.143:Type 1.500
1-06: 14:10:19:857:b4 ISAKMP Header: (V1.0), len = 56
1-06: 14:10:19:857:b4 I-COOKIE ffb12588ba3d1a04
1-06: 14:10:19:857:b4 R-COOKIE 0000000000000000
1-06: 14:10:19:857:b4 exchange: ISAKMP Informational Exchange
1-06: 14:10:19:857:b4 flags: 0
1-06: 14:10:19:857:b4 next payload: DELETE
1-06: 14:10:19:857:b4 message ID: f86caea6
1-06: 14:10:19:857:b4 Ports S:f401 D:f401
1-06: 14:10:19:857:6f8 CloseNegHandle 00000458
1-06: 14:10:19:857:6f8 SE cookie ffb12588ba3d1a04
1-06: 14:10:19:897:6f8 isadb_schedule_kill_oldPolicy_sas:
f1022d93-9d66-4852-b4d709c2ea0bc5cb 4
1-06: 14:10:19:908:254 entered kill_old_policy_sas 4
1-06: 14:10:19:908:6c8 isadb_schedule_kill_oldPolicy_sas:
da870090-81b5-40ad-9b241b6ed894bcbc 3
1-06: 14:10:19:908:52c isadb_schedule_kill_oldPolicy_sas:
0bd1757a-9b13-4caf-bcf730d954a1906d 2
1-06: 14:10:19:908:6f8 isadb_schedule_kill_oldPolicy_sas:
947d52bd-5122-49dd-a40628407440e0e4 1
1-06: 14:10:19:918:254 entered kill_old_policy_sas 3
1-06: 14:10:19:918:254 entered kill_old_policy_sas 2
1-06: 14:10:19:918:254 entered kill_old_policy_sas 1
1-06: 14:10:20:800:50c ClearFragList


"OJ" wrote:

> have you applied the 818043 fix if you have removed sp2?
>
> NAT-t translation may be the issue
>
> OJ
>
>
> "James" <James@discussions.microsoft.com> wrote in message
> news:05DE0EE5-7FD6-4C78-A7BB-B1C14C353A26@microsoft.com...
> > Hi
> > I have set up a L2TP/IPSec VPN using certificates across a LAN and that
> > works fine. However, when I try to connect to the same VPN Server through
> > the Internet I get error 789. I am using a dial up connection to connect
> to
> > my ISP first and so do not have a permanent IP. Could this be causing
> > problems?
> >
> > On the firewall, I have closed and reopened UDP ports 1701, 4500 and 500
> to
> > make sure these are OK. Also, I have created another L2TP/IPSec VPN from
> a
> > fixed IP address which passes through fine.
> >
> > The XP client has SP2 installed.
> >
> > Event Viewer creates the following Failure Audit for the connection:
> >
> > Event Type: Failure Audit
> > Event Source: Security
> > Event Category: Logon/Logoff
> > Event ID: 547
> > Date: 05/01/2005
> > Time: 11:51:17
> > User: NT AUTHORITY\NETWORK SERVICE
> > Computer: REDLINELT1
> > Description:
> > IKE security association negotiation failed.
> > Mode:
> > Key Exchange Mode (Main Mode)
> >
> > Filter:
> > Source IP Address 81.174.218.30
> > Source IP Address Mask 255.255.255.255
> > Destination IP Address 213.166.4.143
> > Destination IP Address Mask 255.255.255.255
> > Protocol 0
> > Source Port 0
> > Destination Port 0
> > IKE Local Addr 81.174.218.30
> > IKE Peer Addr 213.166.4.143
> >
> > Peer Identity:
> >
> > Failure Point:
> > Me
> >
> > Failure Reason:
> > No response from peer
> >
> > Extra Status:
> > 0x0 0x0
> >
> >
> > For more information, see Help and Support Center at
> > http://go.microsoft.com/fwlink/events.asp.
> >
> > Any help would be greatly appreciated.
> > Thanks.
> >
>
>
>
Anonymous
January 7, 2005 7:20:17 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

what happens if you open up all ports on the firewall - as a temporary
measire just to see if it works?

OJ

"James" <James@discussions.microsoft.com> wrote in message
news:B3E99D27-9D3B-419F-AB1D-B9879280F84E@microsoft.com...
> Yes, still no joy.
> Here is Oakley log:
>
> 1-06: 14:09:16:594:52c QM PolicyName: L2TP Require Encryption Quick Mode
> Policy dwFlags 0
> 1-06: 14:09:16:594:52c QMOffer[0] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:594:52c QMOffer[0] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:594:52c Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
MD5
> 1-06: 14:09:16:594:52c QMOffer[1] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:594:52c QMOffer[1] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:594:52c Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
SHA
> 1-06: 14:09:16:594:52c QMOffer[2] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:594:52c QMOffer[2] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:594:52c Algo[0] Operation: AH Algo: SHA
> 1-06: 14:09:16:594:52c Algo[1] Operation: ESP Algo: Triple DES CBC HMAC:
0
> 1-06: 14:09:16:594:52c QMOffer[3] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:594:52c QMOffer[3] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:594:52c Algo[0] Operation: AH Algo: MD5
> 1-06: 14:09:16:594:52c Algo[1] Operation: ESP Algo: Triple DES CBC HMAC:
0
> 1-06: 14:09:16:594:52c QMOffer[4] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:594:52c QMOffer[4] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:594:52c Algo[0] Operation: AH Algo: SHA
> 1-06: 14:09:16:594:52c Algo[1] Operation: ESP Algo: Triple DES CBC HMAC:
SHA
> 1-06: 14:09:16:594:52c QMOffer[5] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:594:52c QMOffer[5] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:604:52c Algo[0] Operation: AH Algo: MD5
> 1-06: 14:09:16:604:52c Algo[1] Operation: ESP Algo: Triple DES CBC HMAC:
MD5
> 1-06: 14:09:16:604:52c QMOffer[6] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:604:52c QMOffer[6] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:604:52c Algo[0] Operation: ESP Algo: DES CBC HMAC: MD5
> 1-06: 14:09:16:604:52c QMOffer[7] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:604:52c QMOffer[7] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:604:52c Algo[0] Operation: ESP Algo: DES CBC HMAC: SHA
> 1-06: 14:09:16:604:52c QMOffer[8] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:604:52c QMOffer[8] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:604:52c Algo[0] Operation: AH Algo: SHA
> 1-06: 14:09:16:604:52c Algo[1] Operation: ESP Algo: DES CBC HMAC: 0
> 1-06: 14:09:16:604:52c QMOffer[9] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:604:52c QMOffer[9] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:604:52c Algo[0] Operation: AH Algo: MD5
> 1-06: 14:09:16:604:52c Algo[1] Operation: ESP Algo: DES CBC HMAC: 0
> 1-06: 14:09:16:604:52c QMOffer[10] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:604:52c QMOffer[10] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:604:52c Algo[0] Operation: AH Algo: SHA
> 1-06: 14:09:16:604:52c Algo[1] Operation: ESP Algo: DES CBC HMAC: SHA
> 1-06: 14:09:16:604:52c QMOffer[11] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:604:52c QMOffer[11] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:604:52c Algo[0] Operation: AH Algo: MD5
> 1-06: 14:09:16:604:52c Algo[1] Operation: ESP Algo: DES CBC HMAC: MD5
> 1-06: 14:09:16:604:52c Internal Acquire: op=00000001
> src=81.174.216.131.1701 dst=213.166.4.143.1701 proto = 17,
> SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 0,
> TunnelEndpt=0.0.0.0 Inbound TunnelEndpt=0.0.0.0, InitiateEvent=00000458,
IKE
> SrcPort=500 IKE DstPort=500
> 1-06: 14:09:16:604:254 Filter to match: Src 213.166.4.143 Dst
81.174.216.131
> 1-06: 14:09:16:604:254 MM PolicyName: L2TP Main Mode Policy
> 1-06: 14:09:16:604:254 MMPolicy dwFlags 8 SoftSAExpireTime 28800
> 1-06: 14:09:16:604:254 MMOffer[0] LifetimeSec 28800 QMLimit 0 DHGroup
> 268435457
> 1-06: 14:09:16:604:254 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
> 1-06: 14:09:16:604:254 MMOffer[1] LifetimeSec 28800 QMLimit 0 DHGroup 2
> 1-06: 14:09:16:604:254 MMOffer[1] Encrypt: Triple DES CBC Hash: SHA
> 1-06: 14:09:16:604:254 MMOffer[2] LifetimeSec 28800 QMLimit 0 DHGroup 2
> 1-06: 14:09:16:604:254 MMOffer[2] Encrypt: Triple DES CBC Hash: MD5
> 1-06: 14:09:16:604:254 MMOffer[3] LifetimeSec 28800 QMLimit 0 DHGroup 1
> 1-06: 14:09:16:604:254 MMOffer[3] Encrypt: DES CBC Hash: SHA
> 1-06: 14:09:16:604:254 MMOffer[4] LifetimeSec 28800 QMLimit 0 DHGroup 1
> 1-06: 14:09:16:604:254 MMOffer[4] Encrypt: DES CBC Hash: MD5
> 1-06: 14:09:16:604:254 Auth[0]:RSA Sig DC=local, DC=redline,
> CN=DakarEntRoot AuthFlags 0
> 1-06: 14:09:16:604:254 QM PolicyName: L2TP Require Encryption Quick Mode
> Policy dwFlags 0
> 1-06: 14:09:16:604:254 QMOffer[0] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:604:254 QMOffer[0] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:604:254 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
MD5
> 1-06: 14:09:16:604:254 QMOffer[1] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:604:254 QMOffer[1] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:604:254 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
SHA
> 1-06: 14:09:16:604:254 QMOffer[2] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:604:254 QMOffer[2] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:604:254 Algo[0] Operation: AH Algo: SHA
> 1-06: 14:09:16:604:254 Algo[1] Operation: ESP Algo: Triple DES CBC HMAC:
0
> 1-06: 14:09:16:604:254 QMOffer[3] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:604:254 QMOffer[3] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:604:254 Algo[0] Operation: AH Algo: MD5
> 1-06: 14:09:16:604:254 Algo[1] Operation: ESP Algo: Triple DES CBC HMAC:
0
> 1-06: 14:09:16:604:254 QMOffer[4] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:604:254 QMOffer[4] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:604:254 Algo[0] Operation: AH Algo: SHA
> 1-06: 14:09:16:604:254 Algo[1] Operation: ESP Algo: Triple DES CBC HMAC:
SHA
> 1-06: 14:09:16:604:254 QMOffer[5] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:604:254 QMOffer[5] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:614:254 Algo[0] Operation: AH Algo: MD5
> 1-06: 14:09:16:614:254 Algo[1] Operation: ESP Algo: Triple DES CBC HMAC:
MD5
> 1-06: 14:09:16:614:254 QMOffer[6] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:614:254 QMOffer[6] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:614:254 Algo[0] Operation: ESP Algo: DES CBC HMAC: MD5
> 1-06: 14:09:16:614:254 QMOffer[7] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:614:254 QMOffer[7] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:614:254 Algo[0] Operation: ESP Algo: DES CBC HMAC: SHA
> 1-06: 14:09:16:614:254 QMOffer[8] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:614:254 QMOffer[8] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:614:254 Algo[0] Operation: AH Algo: SHA
> 1-06: 14:09:16:614:254 Algo[1] Operation: ESP Algo: DES CBC HMAC: 0
> 1-06: 14:09:16:614:254 QMOffer[9] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:614:254 QMOffer[9] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:614:254 Algo[0] Operation: AH Algo: MD5
> 1-06: 14:09:16:614:254 Algo[1] Operation: ESP Algo: DES CBC HMAC: 0
> 1-06: 14:09:16:614:254 QMOffer[10] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:614:254 QMOffer[10] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:614:254 Algo[0] Operation: AH Algo: SHA
> 1-06: 14:09:16:614:254 Algo[1] Operation: ESP Algo: DES CBC HMAC: SHA
> 1-06: 14:09:16:614:254 QMOffer[11] LifetimeKBytes 250000 LifetimeSec 3600
> 1-06: 14:09:16:614:254 QMOffer[11] dwFlags 0 dwPFSGroup 0
> 1-06: 14:09:16:614:254 Algo[0] Operation: AH Algo: MD5
> 1-06: 14:09:16:614:254 Algo[1] Operation: ESP Algo: DES CBC HMAC: MD5
> 1-06: 14:09:16:614:254 Starting Negotiation: src = 81.174.216.131.0500,
dst
> = 213.166.4.143.0500, proto = 17, context = 00000000, ProxySrc =
> 81.174.216.131.1701, ProxyDst = 213.166.4.143.1701 SrcMask = 0.0.0.0
DstMask
> = 0.0.0.0
> 1-06: 14:09:16:614:254 constructing ISAKMP Header
> 1-06: 14:09:16:614:254 constructing SA (ISAKMP)
> 1-06: 14:09:16:614:254 Constructing Vendor MS NT5 ISAKMPOAKLEY
> 1-06: 14:09:16:614:254 Constructing Vendor FRAGMENTATION
> 1-06: 14:09:16:614:254 Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
> 1-06: 14:09:16:614:254 Constructing Vendor Vid-Initial-Contact
> 1-06: 14:09:16:614:254
> 1-06: 14:09:16:614:254 Sending: SA = 0x00162D90 to 213.166.4.143:Type
2.500
> 1-06: 14:09:16:614:254 ISAKMP Header: (V1.0), len = 312
> 1-06: 14:09:16:614:254 I-COOKIE ffb12588ba3d1a04
> 1-06: 14:09:16:614:254 R-COOKIE 0000000000000000
> 1-06: 14:09:16:614:254 exchange: Oakley Main Mode
> 1-06: 14:09:16:614:254 flags: 0
> 1-06: 14:09:16:614:254 next payload: SA
> 1-06: 14:09:16:614:254 message ID: 00000000
> 1-06: 14:09:16:614:254 Ports S:f401 D:f401
> 1-06: 14:09:16:614:254 Activating InitiateEvent 00000458
> 1-06: 14:09:17:315:b4 retransmit: sa = 00162D90 centry 00000000 , count =
1
> 1-06: 14:09:17:315:b4
> 1-06: 14:09:17:315:b4 Sending: SA = 0x00162D90 to 213.166.4.143:Type
2.500
> 1-06: 14:09:17:315:b4 ISAKMP Header: (V1.0), len = 312
> 1-06: 14:09:17:315:b4 I-COOKIE ffb12588ba3d1a04
> 1-06: 14:09:17:315:b4 R-COOKIE 0000000000000000
> 1-06: 14:09:17:315:b4 exchange: Oakley Main Mode
> 1-06: 14:09:17:315:b4 flags: 0
> 1-06: 14:09:17:315:b4 next payload: SA
> 1-06: 14:09:17:315:b4 message ID: 00000000
> 1-06: 14:09:17:315:b4 Ports S:f401 D:f401
> 1-06: 14:09:19:318:b4 retransmit: sa = 00162D90 centry 00000000 , count =
2
> 1-06: 14:09:19:318:b4
> 1-06: 14:09:19:318:b4 Sending: SA = 0x00162D90 to 213.166.4.143:Type
2.500
> 1-06: 14:09:19:318:b4 ISAKMP Header: (V1.0), len = 312
> 1-06: 14:09:19:318:b4 I-COOKIE ffb12588ba3d1a04
> 1-06: 14:09:19:318:b4 R-COOKIE 0000000000000000
> 1-06: 14:09:19:318:b4 exchange: Oakley Main Mode
> 1-06: 14:09:19:318:b4 flags: 0
> 1-06: 14:09:19:318:b4 next payload: SA
> 1-06: 14:09:19:318:b4 message ID: 00000000
> 1-06: 14:09:19:318:b4 Ports S:f401 D:f401
> 1-06: 14:09:23:324:b4 retransmit: sa = 00162D90 centry 00000000 , count =
3
> 1-06: 14:09:23:324:b4
> 1-06: 14:09:23:324:b4 Sending: SA = 0x00162D90 to 213.166.4.143:Type
2.500
> 1-06: 14:09:23:324:b4 ISAKMP Header: (V1.0), len = 312
> 1-06: 14:09:23:324:b4 I-COOKIE ffb12588ba3d1a04
> 1-06: 14:09:23:324:b4 R-COOKIE 0000000000000000
> 1-06: 14:09:23:324:b4 exchange: Oakley Main Mode
> 1-06: 14:09:23:324:b4 flags: 0
> 1-06: 14:09:23:324:b4 next payload: SA
> 1-06: 14:09:23:324:b4 message ID: 00000000
> 1-06: 14:09:23:324:b4 Ports S:f401 D:f401
> 1-06: 14:09:31:361:b4 retransmit: sa = 00162D90 centry 00000000 , count =
4
> 1-06: 14:09:31:361:b4
> 1-06: 14:09:31:361:b4 Sending: SA = 0x00162D90 to 213.166.4.143:Type
2.500
> 1-06: 14:09:31:361:b4 ISAKMP Header: (V1.0), len = 312
> 1-06: 14:09:31:361:b4 I-COOKIE ffb12588ba3d1a04
> 1-06: 14:09:31:361:b4 R-COOKIE 0000000000000000
> 1-06: 14:09:31:361:b4 exchange: Oakley Main Mode
> 1-06: 14:09:31:361:b4 flags: 0
> 1-06: 14:09:31:361:b4 next payload: SA
> 1-06: 14:09:31:361:b4 message ID: 00000000
> 1-06: 14:09:31:361:b4 Ports S:f401 D:f401
> 1-06: 14:09:47:526:b4 retransmit: sa = 00162D90 centry 00000000 , count =
5
> 1-06: 14:09:47:526:b4
> 1-06: 14:09:47:526:b4 Sending: SA = 0x00162D90 to 213.166.4.143:Type
2.500
> 1-06: 14:09:47:526:b4 ISAKMP Header: (V1.0), len = 312
> 1-06: 14:09:47:526:b4 I-COOKIE ffb12588ba3d1a04
> 1-06: 14:09:47:526:b4 R-COOKIE 0000000000000000
> 1-06: 14:09:47:526:b4 exchange: Oakley Main Mode
> 1-06: 14:09:47:526:b4 flags: 0
> 1-06: 14:09:47:526:b4 next payload: SA
> 1-06: 14:09:47:526:b4 message ID: 00000000
> 1-06: 14:09:47:526:b4 Ports S:f401 D:f401
> 1-06: 14:10:19:857:b4 retransmit exhausted: sa = 00162D90 centry
00000000,
> count = 6
> 1-06: 14:10:19:857:b4 SA Dead. sa:00162D90 status:35ed
> 1-06: 14:10:19:857:b4 isadb_set_status sa:00162D90 centry:00000000 status
> 35ed
> 1-06: 14:10:19:857:b4 Key Exchange Mode (Main Mode)
> 1-06: 14:10:19:857:b4 Source IP Address 81.174.216.131 Source IP Address
> Mask 255.255.255.255 Destination IP Address 213.166.4.143 Destination IP
> Address Mask 255.255.255.255 Protocol 0 Source Port 0 Destination Port
0
> IKE Local Addr 81.174.216.131 IKE Peer Addr 213.166.4.143
> 1-06: 14:10:19:857:b4
> 1-06: 14:10:19:857:b4 Me
> 1-06: 14:10:19:857:b4 No response from peer
> 1-06: 14:10:19:857:b4 0x0 0x0
> 1-06: 14:10:19:857:b4 isadb_set_status InitiateEvent 00000458: Setting
> Status 35f5
> 1-06: 14:10:19:857:b4 Clearing sa 00162D90 InitiateEvent 00000458
> 1-06: 14:10:19:857:b4 constructing ISAKMP Header
> 1-06: 14:10:19:857:b4 constructing DELETE. MM 00162D90
> 1-06: 14:10:19:857:b4
> 1-06: 14:10:19:857:b4 Sending: SA = 0x00162D90 to 213.166.4.143:Type
1.500
> 1-06: 14:10:19:857:b4 ISAKMP Header: (V1.0), len = 56
> 1-06: 14:10:19:857:b4 I-COOKIE ffb12588ba3d1a04
> 1-06: 14:10:19:857:b4 R-COOKIE 0000000000000000
> 1-06: 14:10:19:857:b4 exchange: ISAKMP Informational Exchange
> 1-06: 14:10:19:857:b4 flags: 0
> 1-06: 14:10:19:857:b4 next payload: DELETE
> 1-06: 14:10:19:857:b4 message ID: f86caea6
> 1-06: 14:10:19:857:b4 Ports S:f401 D:f401
> 1-06: 14:10:19:857:6f8 CloseNegHandle 00000458
> 1-06: 14:10:19:857:6f8 SE cookie ffb12588ba3d1a04
> 1-06: 14:10:19:897:6f8 isadb_schedule_kill_oldPolicy_sas:
> f1022d93-9d66-4852-b4d709c2ea0bc5cb 4
> 1-06: 14:10:19:908:254 entered kill_old_policy_sas 4
> 1-06: 14:10:19:908:6c8 isadb_schedule_kill_oldPolicy_sas:
> da870090-81b5-40ad-9b241b6ed894bcbc 3
> 1-06: 14:10:19:908:52c isadb_schedule_kill_oldPolicy_sas:
> 0bd1757a-9b13-4caf-bcf730d954a1906d 2
> 1-06: 14:10:19:908:6f8 isadb_schedule_kill_oldPolicy_sas:
> 947d52bd-5122-49dd-a40628407440e0e4 1
> 1-06: 14:10:19:918:254 entered kill_old_policy_sas 3
> 1-06: 14:10:19:918:254 entered kill_old_policy_sas 2
> 1-06: 14:10:19:918:254 entered kill_old_policy_sas 1
> 1-06: 14:10:20:800:50c ClearFragList
>
>
> "OJ" wrote:
>
> > have you applied the 818043 fix if you have removed sp2?
> >
> > NAT-t translation may be the issue
> >
> > OJ
> >
> >
> > "James" <James@discussions.microsoft.com> wrote in message
> > news:05DE0EE5-7FD6-4C78-A7BB-B1C14C353A26@microsoft.com...
> > > Hi
> > > I have set up a L2TP/IPSec VPN using certificates across a LAN and
that
> > > works fine. However, when I try to connect to the same VPN Server
through
> > > the Internet I get error 789. I am using a dial up connection to
connect
> > to
> > > my ISP first and so do not have a permanent IP. Could this be causing
> > > problems?
> > >
> > > On the firewall, I have closed and reopened UDP ports 1701, 4500 and
500
> > to
> > > make sure these are OK. Also, I have created another L2TP/IPSec VPN
from
> > a
> > > fixed IP address which passes through fine.
> > >
> > > The XP client has SP2 installed.
> > >
> > > Event Viewer creates the following Failure Audit for the connection:
> > >
> > > Event Type: Failure Audit
> > > Event Source: Security
> > > Event Category: Logon/Logoff
> > > Event ID: 547
> > > Date: 05/01/2005
> > > Time: 11:51:17
> > > User: NT AUTHORITY\NETWORK SERVICE
> > > Computer: REDLINELT1
> > > Description:
> > > IKE security association negotiation failed.
> > > Mode:
> > > Key Exchange Mode (Main Mode)
> > >
> > > Filter:
> > > Source IP Address 81.174.218.30
> > > Source IP Address Mask 255.255.255.255
> > > Destination IP Address 213.166.4.143
> > > Destination IP Address Mask 255.255.255.255
> > > Protocol 0
> > > Source Port 0
> > > Destination Port 0
> > > IKE Local Addr 81.174.218.30
> > > IKE Peer Addr 213.166.4.143
> > >
> > > Peer Identity:
> > >
> > > Failure Point:
> > > Me
> > >
> > > Failure Reason:
> > > No response from peer
> > >
> > > Extra Status:
> > > 0x0 0x0
> > >
> > >
> > > For more information, see Help and Support Center at
> > > http://go.microsoft.com/fwlink/events.asp.
> > >
> > > Any help would be greatly appreciated.
> > > Thanks.
> > >
> >
> >
> >
!