abclinuxu.cz AbcLinuxu.cz itbiz.cz ITBiz.cz HDmag.cz HDmag.cz abcprace.cz AbcPráce.cz
AbcLinuxu hledá autory!
Inzerujte na AbcPráce.cz od 950 Kč
Rozšířené hledání
Přihlášení | Registrace
×
napište » Zprávičky
inzerujte » Pracovní nabídky
    Vláda USA nařídila společnosti Anthropic pozastavit přístup k modelům Fable 5 a Mythos 5 pro všechny cizince
    včera 15:22 | IT novinky

    Vláda USA nařídila společnosti Anthropic pozastavit přístup k modelům Fable 5 a Mythos 5 pro všechny cizince, včetně zaměstnanců Anthropicu.

    Ladislav Hagara | Komentářů: 3
    Murena /e/OS 4.0
    včera 02:22 | Nová verze

    Společnost Murena představila (YouTube) novou verzi 4.0 mobilního operačního systému /e/OS (Wikipedie) založeného na Androidu a LineageOS bez aplikací a služeb od Googlu.

    Ladislav Hagara | Komentářů: 0
    V Arch User Repository (AUR) bylo kompromitováno přes 400 balíčků
    12.6. 16:33 | Bezpečnostní upozornění

    V Arch User Repository (AUR) bylo kompromitováno přes 400 opomíjených balíčků (jejich seznam). Útočník do nich začlenil škodlivý npm balíček atomic-lockfile, který krade citlivá data uživatelů. Publikována byla předběžná analýza spouštěného malwaru deps.

    Ladislav Hagara | Komentářů: 8
    Homebrew 6.0.0
    12.6. 11:33 | Nová verze

    Homebrew, správce balíčků nejen pro macOS, byl vydán ve verzi 6.0.0 (seznam změn). Hlavními novinkami jsou bezpečnostní mechanismus tap trust kvůli důvěryhodnosti závislostí, vylepšení sandboxingu na Linuxu, interní JSON API nebo zlepšení výkonu.

    |🇵🇸 | Komentářů: 0
    Bumsrakete, kritická zranitelnost ve FreeBSD
    12.6. 03:33 | Bezpečnostní upozornění

    Byla nalezena a 9. června opravena kritická zranitelnost ve FreeBSD v Kernel TLS (KTLS). Pojmenována byla Bumsrakete (FreeBSD-SA-26:26.ktls, CVE-2026-45257). Lokální neprivilegovaný uživatel může přepisovat soubory, ke kterým má právo pouze pro čtení. Přepsáním setuid binárky a jejím spuštěním může získat roota. Na všech verzích od verze 13.0 vydané v dubnu 2021.

    Ladislav Hagara | Komentářů: 2
    Half-Life na ReactOS
    11.6. 14:11 | Komunita

    Vývojáři open source operačního systému ReactOS (Wikipedie), jehož cílem je kompletní binární kompatibilita s aplikacemi a ovladači pro Windows, se na síti 𝕏 pochlubili, že ReactOS zvládne počítačovou hru Half-Life.

    Ladislav Hagara | Komentářů: 5
    Lazarus 4.8
    11.6. 10:44 | Nová verze

    Byla vydána nová verze 4.8 multiplatformního integrovaného vývojového prostředí (IDE) pro rychlý vývoj aplikaci (RAD) ve Free Pascalu Lazarus (Wikipedie). Využíván je Free Pascal Compiler (FPC) 3.2.2.

    Ladislav Hagara | Komentářů: 0
    Apple container 1.0.0
    11.6. 04:44 | Nová verze

    Apple container dospěl do verze 1.0.0. Jedná se o open source nástroj pro spouštění linuxových kontejnerů na macOS postavený nad containerization. Napsaný je v programovacím jazyce Swift a optimalizovaný pro Apple silicon.

    Ladislav Hagara | Komentářů: 5
    Eclipse IDE 2026-06 aneb Eclipse 4.40
    11.6. 03:33 | Nová verze

    Bylo vydáno Eclipse IDE 2026-06 aneb Eclipse 4.40. Představení novinek tohoto integrovaného vývojového prostředí také na YouTube.

    Ladislav Hagara | Komentářů: 0
    Asterinas a Asterinas NixOS
    10.6. 15:44 | Zajímavý software

    Asterinas (GitHub) je v Rustu napsané jádro operačního systému poskytující s jádrem Linux kompatibilní ABI. Vydána byla verze 0.18.0. První distribucí postavenou nad jádrem Asterinas je Asterinas NixOS. Nejedná se o oficiální projekt NixOS a nemá nic společného s NixOS Foundation.

    Ladislav Hagara | Komentářů: 2
    Centrum | Napsat | Starší
    navrhněte » Anketa
    Které desktopové prostředí na Linuxu používáte?
     (11%)
     (8%)
     (2%)
     (16%)
     (31%)
     (3%)
     (6%)
     (3%)
     (15%)
     (26%)
    Celkem 1897 hlasů
     Komentářů: 30, poslední 3.4. 20:20
    Rozcestník
    AbcLinuxu
    HDmag.cz
    AbcLinuxu:/ Poradna / Hardwarová poradna / VPN tunel
    Štítky: Cisco, Internet, mikrotik, PPTP, problém, server, VPN


    Dotaz: VPN tunel

    23.5.2013 19:25 Vláďa
    VPN tunel
    Přečteno: 4219×
    Dobrý den,

    Byl by někdo ochoten pomoci či udělat VPN tunel mezi Mikrotik RouterOS v5.4 a Planet MH 3400. Na Planetu již mám tunel na Cisco, který mi již funguje (Osobně jsem nastavoval Planet). Myslím že mám problém to nějak nastavit na tom Mikrotiku, vlastně moc ani nevím jak, nastavil jsem na něm funkční PPTP server ale musel jsem mít vypnutej firewall (nebyl jsem schopnej ho nastavit tak aby mohl být v provozu).

    Jsem ochoten se revanšovat :)

    Řešení dotazu:

    Nástroje: Začni sledovat (0) ?Zašle upozornění na váš email při vložení nového komentáře.

    Odpovědi

    23.5.2013 21:51 NN
    Rozbalit Rozbalit vše Re: VPN tunel
    Pochopil jsem dobre, ze to bude site to site ipsec?
    23.5.2013 22:39 Vláďa
    Rozbalit Rozbalit vše Re: VPN tunel
    Ano

    Ipsec idealni.
    23.5.2013 23:04 NN
    Rozbalit Rozbalit vše Re: VPN tunel
    Teorie je stale stejna a Mikrotik ma dobre zdokumentovanou konfigurci. Cesky je to pekne posano treba tady.
    23.5.2013 23:21 Vláďa
    Rozbalit Rozbalit vše Re: VPN tunel
    Ja jsem to vsechno cetl a stravil jsem nad tim nekolik hodin, ale me schopnosti na to nestacili. Budu rad pokud mi stim dokazete pomoci.
    24.5.2013 09:19 NN
    Rozbalit Rozbalit vše Re: VPN tunel
    No ja Vam prece nebudu vysvetlovat teorii. V kostce se definuji protistrany, dohodnute metody sifrovani a site ktere se budou ucastnit. Ten navod je pruzracny jako sklo. Pokud to konfigurovat nechcete, nabidnete problem jako brigadu, ale rozhodne ne tady.
    24.5.2013 09:31 Vláďa
    Rozbalit Rozbalit vše Re: VPN tunel
    No ja pricip zhruba chapu, ale delam tam nekde chybu a se svoji praxi to nedokazu rozchodit. Doporucite mi kde bych tuto praci (brigadu) mohl poptat?

    dekuji
    24.5.2013 10:19 NN
    Rozbalit Rozbalit vše Re: VPN tunel
    abcprace.cz jobs.cz etc..
    28.5.2013 15:11 Vláďa
    Rozbalit Rozbalit vše Re: VPN tunel
    tak jsem dosel do mrtveho bodu:

    Log na mikrotiku:
    May/28/2013 14:58:40 ipsec,debug failed to get proposal for responder.
    May/28/2013 14:58:40 ipsec,debug failed to pre-process packet.
    May/28/2013 14:58:48 ipsec,debug,packet ==========
    May/28/2013 14:58:48 ipsec,debug,packet 300 bytes message received from 84.242.109.98[500] to 94.112.84.47[500]
    May/28/2013 14:58:48 ipsec,debug,packet 5da6b066 94d1123d 1c6a7eb5 7723e007 08102001 c6ca1f51 0000012c 8d3e6f3d
    May/28/2013 14:58:48 ipsec,debug,packet 7f727aa3 07b421a1 1be04d57 bffac2ac 46f2a2fc efcdf2a1 71bf8973 41d130d6
    May/28/2013 14:58:48 ipsec,debug,packet 35609599 c5ab6cf7 58710e46 c3573309 cac993f3 2dbd7c30 3dc1e3c7 762b23e5
    May/28/2013 14:58:48 ipsec,debug,packet 553ee407 5d725e8f 1d5f6fce 84344083 43a16859 5d35fe75 189474cf 809ee3b7
    May/28/2013 14:58:48 ipsec,debug,packet 666db240 c3446f5b a18e6419 ec27e72c 9dda3240 f5e00df9 8dc791c5 dc6ca8c2
    May/28/2013 14:58:48 ipsec,debug,packet c824d9a3 44ff18f6 887dd2b4 8c298ab2 94862a8a b7971a8e 5f172e11 b1a636cf
    May/28/2013 14:58:48 ipsec,debug,packet 0c71724c e7d52595 9733490a 90493928 8b5d4d12 8b597624 5a94139f 7538a7c1
    May/28/2013 14:58:48 ipsec,debug,packet fc96a691 e34de9be b92a2637 abe77c0d e7658041 eb6f9c6d 506c45dd 4a89e673
    May/28/2013 14:58:48 ipsec,debug,packet 86eb11ed 6d58aa6d 9b066aa8 27200f0e d2ee7538 0c9d8611 088793b5 ed56432b
    May/28/2013 14:58:48 ipsec,debug,packet fd6837a0 4a4e841e 430dbf8d
    May/28/2013 14:58:48 ipsec,debug,packet compute IV for phase2
    May/28/2013 14:58:48 ipsec,debug,packet phase1 last IV:
    May/28/2013 14:58:48 ipsec,debug,packet 673eb185 1a829075 7da5cc5a 7a84235d c6ca1f51
    May/28/2013 14:58:48 ipsec,debug,packet hash(md5)
    May/28/2013 14:58:48 ipsec,debug,packet encryption(aes)
    May/28/2013 14:58:48 ipsec,debug,packet phase2 IV computed:
    May/28/2013 14:58:48 ipsec,debug,packet 1c9b9fa7 7951cf92 f7ed7244 71cc17b9
    May/28/2013 14:58:48 ipsec,debug,packet ===
    May/28/2013 14:58:48 ipsec,debug respond new phase 2 negotiation: X.X.X.X[500]<=>X.X.X.X[500]
    May/28/2013 14:58:48 ipsec,debug,packet encryption(aes)
    May/28/2013 14:58:48 ipsec,debug,packet IV was saved for next processing:
    May/28/2013 14:58:48 ipsec,debug,packet ed56432b fd6837a0 4a4e841e 430dbf8d
    May/28/2013 14:58:48 ipsec,debug,packet encryption(aes)
    May/28/2013 14:58:48 ipsec,debug,packet with key:
    May/28/2013 14:58:48 ipsec,debug,packet 87c48bae 79736e47 2bf36965 b11ee11e
    May/28/2013 14:58:48 ipsec,debug,packet decrypted payload by IV:
    May/28/2013 14:58:48 ipsec,debug,packet 1c9b9fa7 7951cf92 f7ed7244 71cc17b9
    May/28/2013 14:58:48 ipsec,debug,packet decrypted payload, but not trimed.
    May/28/2013 14:58:48 ipsec,debug,packet 01000014 4388782c c6c97581 5eb428a8 0f9186bd 0a000038 00000001 00000001
    May/28/2013 14:58:48 ipsec,debug,packet 0

    Log Planet:

    May 28 15:07:09 2013 VPN Log (g2gips1) #381: [Tunnel Negotiation Info] >>> Initiator send Quick Mode 1st packet
    May 28 15:07:09 2013 VPN Log (g2gips1) #381: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS to replace #375 {using isakmp#379}
    May 28 15:07:09 2013 VPN Log (g2gips1) #375: starting keying attempt 2 of an unlimited number
    May 28 15:07:09 2013 VPN Log (g2gips1) #375: max number of retransmissions (2) reached STATE_QUICK_I1. No acceptable response to our first Quick Mode message: perhaps peer likes no proposal
    May 28 15:07:03 2013 VPN Log (g2gips1) #380: [Tunnel Negotiation Info] >>> Initiator send Quick Mode 1st packet
    May 28 15:07:03 2013 VPN Log (g2gips1) #380: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS {using isakmp#379}
    May 28 15:07:03 2013 VPN Log (g2gips1) #379: sent AR1, expecting AI2
    May 28 15:07:03 2013 VPN Log (g2gips1) #379: [Tunnel Negotiation Info] Main Mode Phase 1 SA Established
    May 28 15:07:03 2013 VPN Log (g2gips1) #379: Peer ID is ID_IPV4_ADDR: 'X.X.X.X'
    May 28 15:07:03 2013 VPN Log (g2gips1) #379: [Tunnel Negotiation Info] >>> Initiator Receive Main Mode 6th packet
    May 28 15:07:03 2013 VPN Log (g2gips1) #379: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 5th packet
    May 28 15:07:03 2013 VPN Log (g2gips1) #379: [Tunnel Negotiation Info] <<< Initiator Received Main Mode 4th packet
    May 28 15:07:03 2013 VPN Log (g2gips1) #379: [Tunnel Negotiation Info] >>> Initiator send Main Mode 3rd packet
    May 28 15:07:03 2013 VPN Log (g2gips1) #379: [Tunnel Negotiation Info] <<< Initiator Received Main Mode 2nd packet
    May 28 15:07:03 2013 VPN Log (g2gips1) #379: received Vendor ID payload [Dead Peer Detection]
    May 28 15:07:03 2013 VPN Log (g2gips1) #379: [Tunnel Negotiation Info] >>> Initiator Send Main Mode 1st packet
    May 28 15:07:03 2013 VPN Log (g2gips1) #379: initiating Main Mode
    May 28 15:07:03 2013 VPN Log (g2gips1) #373: ipsecdoi_initiate: (g2gips1) has retry 3 times [policy:65; serial no:175], so reset this connection!
    May 28 15:07:03 2013 VPN Log (g2gips1) #373: starting keying attempt 3 of an unlimited number
    May 28 15:07:03 2013 VPN Log (g2gips1) #373: max number of retransmissions (2) reached STATE_QUICK_I1. No acceptable response to our first Quick Mode message: perhaps peer likes no proposal
    May 28 15:06:13 2013 VPN Log (g2gips1) #378: [Tunnel Negotiation Info] >>> Initiator send Quick Mode 1st packet
    May 28 15:06:13 2013 VPN Log (g2gips1) #378: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS to replace #372 {using isakmp#376}
    May 28 15:06:13 2013 VPN Log (g2gips1) #372: starting keying attempt 2 of an unlimited number
    May 28 15:06:13 2013 VPN Log (g2gips1) #372: max number of retransmissions (2) reached STATE_QUICK_I1. No acceptable response to our first Quick Mode message: perhaps peer likes no proposal


    Strávil jsem nad tím dost času a už nevím kam dál.

    Napadává vás něco?

    děkuji
    Řešení 1× (phr)
    28.5.2013 16:00 NN
    Rozbalit Rozbalit vše Re: VPN tunel
    Tipuju zle nakonfigurovana druhoa faze(aes?): 
    failed to get proposal for responder
packet encryption(aes)
    Mikrotik pouziva nasledujici default proposal kombinaci Phase 1 SHA1/MODP1024(DH group 2)/MD5 konfigurovane pomoci /ip ipsec peer a Phase 2 SHA1/MODP1024(DH group 2)/3DES konfigurovane pomoci /ip ipsec proposal(optional), na planetu se nastavuje manualne..
    28.5.2013 16:11 Vláďa
    Rozbalit Rozbalit vše Re: VPN tunel
    Zkusil jsem na planetu nastavit do faze dve: 3des misto AES128 a pak i do faze jedna nastavit group2 a v podstate se to chova stejne.

    diky
    28.5.2013 21:36 NN
    Rozbalit Rozbalit vše Re: VPN tunel
    Posli novy log a dost by se hodila konfigurace obou stran..
    28.5.2013 21:49 Vláďa
    Rozbalit Rozbalit vše Re: VPN tunel
    Mikrotik:

    May/28/2013 21:42:00 ipsec,debug,packet ==========
    May/28/2013 21:42:00 ipsec,debug,packet 84 bytes message received from X.X.X.X[500] to X.X.X.X[500]
    May/28/2013 21:42:00 ipsec,debug,packet 21b4cdde 292c060a 00000000 00000000 01100200 00000000 00000054 00000038
    May/28/2013 21:42:00 ipsec,debug,packet 00000001 00000001 0000002c 00010001 00000024 00010000 800b0001 800c7080
    May/28/2013 21:42:00 ipsec,debug,packet 80010007 80020001 800e0080 80030001 80040002
    May/28/2013 21:42:00 ipsec,debug,packet begin.
    May/28/2013 21:42:00 ipsec,debug,packet seen nptype=1(sa)
    May/28/2013 21:42:00 ipsec,debug,packet succeed.
    May/28/2013 21:42:00 ipsec,debug,packet total SA len=52
    May/28/2013 21:42:00 ipsec,debug,packet 00000001 00000001 0000002c 00010001 00000024 00010000 800b0001 800c7080
    May/28/2013 21:42:00 ipsec,debug,packet 80010007 80020001 800e0080 80030001 80040002
    May/28/2013 21:42:00 ipsec,debug,packet begin.
    May/28/2013 21:42:00 ipsec,debug,packet seen nptype=2(prop)
    May/28/2013 21:42:00 ipsec,debug,packet succeed.
    May/28/2013 21:42:00 ipsec,debug,packet proposal #0 len=44
    May/28/2013 21:42:00 ipsec,debug,packet begin.
    May/28/2013 21:42:00 ipsec,debug,packet seen nptype=3(trns)
    May/28/2013 21:42:00 ipsec,debug,packet succeed.
    May/28/2013 21:42:00 ipsec,debug,packet transform #0 len=36
    May/28/2013 21:42:00 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
    May/28/2013 21:42:00 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=28800
    May/28/2013 21:42:00 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
    May/28/2013 21:42:00 ipsec,debug,packet encryption(aes)
    May/28/2013 21:42:00 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=MD5
    May/28/2013 21:42:00 ipsec,debug,packet hash(md5)
    May/28/2013 21:42:00 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
    May/28/2013 21:42:00 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
    May/28/2013 21:42:00 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
    May/28/2013 21:42:00 ipsec,debug,packet hmac(modp1024)
    May/28/2013 21:42:00 ipsec,debug,packet pair 0:
    May/28/2013 21:42:00 ipsec,debug,packet 0x48c0a8: next=(nil) tnext=(nil)
    May/28/2013 21:42:00 ipsec,debug,packet proposal #0: 1 transform
    May/28/2013 21:42:00 ipsec,debug,packet prop#=0, prot-id=ISAKMP, spi-size=0, #trns=1
    May/28/2013 21:42:00 ipsec,debug,packet trns#=0, trns-id=IKE
    May/28/2013 21:42:00 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
    May/28/2013 21:42:00 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=28800
    May/28/2013 21:42:00 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
    May/28/2013 21:42:00 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=MD5
    May/28/2013 21:42:00 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
    May/28/2013 21:42:00 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
    May/28/2013 21:42:00 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
    May/28/2013 21:42:00 ipsec,debug,packet Compared: DB:Peer
    May/28/2013 21:42:00 ipsec,debug,packet (lifetime = 88200:28800)
    May/28/2013 21:42:00 ipsec,debug,packet (lifebyte = 0:0)
    May/28/2013 21:42:00 ipsec,debug,packet enctype = AES-CBC:AES-CBC
    May/28/2013 21:42:00 ipsec,debug,packet (encklen = 128:128)
    May/28/2013 21:42:00 ipsec,debug,packet hashtype = MD5:MD5
    May/28/2013 21:42:00 ipsec,debug,packet authmethod = pre-shared key:pre-shared key
    May/28/2013 21:42:00 ipsec,debug,packet dh_group = 768-bit MODP group:1024-bit MODP group
    May/28/2013 21:42:00 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
    May/28/2013 21:42:00 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=28800
    May/28/2013 21:42:00 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
    May/28/2013 21:42:00 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=MD5
    May/28/2013 21:42:00 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
    May/28/2013 21:42:00 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
    May/28/2013 21:42:00 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
    May/28/2013 21:42:00 ipsec,debug rejected dh_group: DB(prop#1:trns#1):Peer(prop#0:trns#0) = 768-bit MODP group:1024-bit MODP group
    May/28/2013 21:42:00 ipsec,debug no suitable proposal found.
    May/28/2013 21:42:00 ipsec,debug failed to get valid proposal.


    Mas nejaky napad jak dostat z Mikrotiku nastaveni? Zkusim kouknout jak by to slo pres konzoli, pouzivam webovou administraci.

    zatím díky
    28.5.2013 21:55 Vláďa
    Rozbalit Rozbalit vše Re: VPN tunel
    [admin@MikroTik] /ip ipsec policy> print
    Flags: T - template, X - disabled, D - dynamic, I - inactive
    0 src-address=192.168.0.0/24 src-port=any dst-address=192.168.1.0/24
    dst-port=any protocol=all action=encrypt level=require
    ipsec-protocols=esp tunnel=yes sa-src-address=X.X.X.X
    sa-dst-address=X.X.X.X proposal=default priority=0
    [admin@MikroTik] /ip ipsec policy> print stats
    0 ph2-state=no-phase2

    Zminoval si phase2 nebude zde ten problem ?
    29.5.2013 09:08 NN
    Rozbalit Rozbalit vše Re: VPN tunel
    Pokud to opravis, viz nize, a nepojede to znovu posli log..
    28.5.2013 22:01 Vláďa
    Rozbalit Rozbalit vše Re: VPN tunel
    nastaveni PLanet:

    Keying Mode: IKE with Preshared Key
    Phase1 DHGroup: Group2
    Phase1 Encryption: AES-128
    Phase1 Authentication: MD5
    Phase1 SA Life Time: 28800 seconds
    Perfect Forward Secrecy (true)
    Phase2 DHGroup: Group2
    Phase2 Encryption: 3DES
    Phase2 Authentication: MD5
    Phase2 SA Life Time: 3600 seconds
    Preshared Key: xxxxx
    Aggressive Mode (false)
    Keep-Alive (True)
    NetBIOS Broadcast (false)
    NAT Traversal (false)
    Dead Peer Detection(DPD) Enable Automatic Version Check Every 10 seconds (false)
    Heart Beat, Remote Host ... (false)
    Enable Automatic Version Check Every 30 seconds,Retry 5 count
    29.5.2013 09:07 NN
    Rozbalit Rozbalit vše Re: VPN tunel
    Jak je nastavena protistrana(peer) na Mikrotiku zadavana pomoci prikazu /ip ipsec peer? Ocividne ti nesouhlasi HD group: 
    ipsec,debug rejected dh_group: DB(prop#1:trns#1):Peer(prop#0:trns#0) = 768-bit MODP group:1024-bit MODP group
    29.5.2013 10:25 Vláďa
    Rozbalit Rozbalit vše Re: VPN tunel
    Nastavil jsem na Planetu Group 2 pro obe faze a na Mikrotiku je DH Group modp1024, coz by podle toho co jsem nasel na netu mohlo odpovidat.
    Nize je log.

    diky

    gdhMay/29/2013 10:07:00 ipsec,debug,packet begin.
    May/29/2013 10:07:00 ipsec,debug,packet seen nptype=4(ke)
    May/29/2013 10:07:00 ipsec,debug,packet seen nptype=10(nonce)
    May/29/2013 10:07:00 ipsec,debug,packet succeed.
    May/29/2013 10:07:00 ipsec,debug,packet ===
    May/29/2013 10:07:00 ipsec,debug,packet compute DH's private.
    May/29/2013 10:07:00 ipsec,debug,packet 45a8979f 652ad35e 0afbaf61 b7d85cc1 5acf322b 2d271393 aa792d21 173810b8
    May/29/2013 10:07:00 ipsec,debug,packet 04415e26 1903b971 bc5a1085 69a3e3e4 e7b41c16 bf927e4c 909b192b a78eb423
    May/29/2013 10:07:00 ipsec,debug,packet 5832d72b 6cff0c5b 4f6d034a 6d867cf7 65a6d05a 12653702 9570a1a5 460bc9d7
    May/29/2013 10:07:00 ipsec,debug,packet 78eae4a0 c8cf9c5f 08fe01a6 a605509c c2cf01be 60adfd93 94724de0 aabd931e
    May/29/2013 10:07:00 ipsec,debug,packet compute DH's public.
    May/29/2013 10:07:00 ipsec,debug,packet b9c14dc1 5a04a1bb 136fb3a9 4c04421b 06dc2aff 5abac143 9af84b4f 1c4bdcdb
    May/29/2013 10:07:00 ipsec,debug,packet 28c0c744 8b84fdbd 924570c3 563c9535 f1b041e1 a5895789 97cb7dd6 0ae66034
    May/29/2013 10:07:00 ipsec,debug,packet 8ec58597 233c9efa b3b877e2 e55ad236 e7da3280 f71f9e6f eb8e0573 eee37286
    May/29/2013 10:07:00 ipsec,debug,packet 66dc0558 40554f8d 3d17a319 49ee3227 3260c2fd 8330d393 584e85e3 ddf7f7d6
    May/29/2013 10:07:00 ipsec,debug,packet add payload of len 128, next type 10
    May/29/2013 10:07:00 ipsec,debug,packet add payload of len 24, next type 0
    May/29/2013 10:07:00 ipsec,debug,packet 188 bytes from X[500] to X[500]
    May/29/2013 10:07:00 ipsec,debug,packet sockname X[500]
    May/29/2013 10:07:00 ipsec,debug,packet send packet from X[500]
    May/29/2013 10:07:00 ipsec,debug,packet send packet to X[500]
    May/29/2013 10:07:00 ipsec,debug,packet src4 X[500]
    May/29/2013 10:07:00 ipsec,debug,packet dst4 X[500]
    May/29/2013 10:07:00 ipsec,debug,packet 1 times of 188 bytes message will be sent to X[500]
    May/29/2013 10:07:00 ipsec,debug,packet d38db86e e6493457 0b548ac0 98076f87 04100200 00000000 000000bc 0a000084
    May/29/2013 10:07:00 ipsec,debug,packet b9c14dc1 5a04a1bb 136fb3a9 4c04421b 06dc2aff 5abac143 9af84b4f 1c4bdcdb
    May/29/2013 10:07:00 ipsec,debug,packet 28c0c744 8b84fdbd 924570c3 563c9535 f1b041e1 a5895789 97cb7dd6 0ae66034
    May/29/2013 10:07:00 ipsec,debug,packet 8ec58597 233c9efa b3b877e2 e55ad236 e7da3280 f71f9e6f eb8e0573 eee37286
    May/29/2013 10:07:00 ipsec,debug,packet 66dc0558 40554f8d 3d17a319 49ee3227 3260c2fd 8330d393 584e85e3 ddf7f7d6
    May/29/2013 10:07:00 ipsec,debug,packet 0000001c 979ab587 e15293b9 cb34b588 46e67219 2635750c 4c69c855
    May/29/2013 10:07:00 ipsec,debug,packet resend phase1 packet d38db86ee6493457:0b548ac098076f87
    May/29/2013 10:07:00 ipsec,debug,packet compute DH's shared.
    May/29/2013 10:07:00 ipsec,debug,packet
    May/29/2013 10:07:00 ipsec,debug,packet 334e2f7b e55d675f f9efb51b dc4e885a a9aedd5f 5e84c80d 7afacea6 748fec00
    May/29/2013 10:07:00 ipsec,debug,packet 3f1e8dc4 735c3572 8fffb111 a1b9939f 1d2feebd 2b0e26aa 7e61848f d2ebe6d6
    May/29/2013 10:07:00 ipsec,debug,packet 6ace1e1a 899d1bb9 df69602e 0c2ba200 b96af81e 3c41ea71 0cfcb3e1 c79d65da
    May/29/2013 10:07:00 ipsec,debug,packet e26031f9 170944b5 01d8d15a 32dbae3c 53238365 d551758d f1699e0c b657b571
    May/29/2013 10:07:00 ipsec,debug,packet the psk found.
    May/29/2013 10:07:00 ipsec,debug,packet nonce 1:
    May/29/2013 10:07:00 ipsec,debug,packet 985aabba bbf398e8 806c4e05 13669a13
    May/29/2013 10:07:00 ipsec,debug,packet nonce 2:
    May/29/2013 10:07:00 ipsec,debug,packet 979ab587 e15293b9 cb34b588 46e67219 2635750c 4c69c855
    May/29/2013 10:07:00 ipsec,debug,packet hmac(hmac_md5)
    May/29/2013 10:07:00 ipsec,debug,packet SKEYID computed:
    May/29/2013 10:07:00 ipsec,debug,packet 89abcb33 4a7c2f0a 1be2f152 fe356651
    May/29/2013 10:07:00 ipsec,debug,packet hmac(hmac_md5)
    May/29/2013 10:07:00 ipsec,debug,packet SKEYID_d computed:
    May/29/2013 10:07:00 ipsec,debug,packet 11a74254 ac903c8b 497a936e bd0a7401
    May/29/2013 10:07:00 ipsec,debug,packet hmac(hmac_md5)
    May/29/2013 10:07:00 ipsec,debug,packet SKEYID_a computed:
    May/29/2013 10:07:00 ipsec,debug,packet 97afb5d1 164e9f4a 1916d330 35257fdc
    May/29/2013 10:07:00 ipsec,debug,packet hmac(hmac_md5)
    May/29/2013 10:07:00 ipsec,debug,packet SKEYID_e computed:
    May/29/2013 10:07:00 ipsec,debug,packet 97aa77c7 e0fc901e 4ef83e93 03427cfb
    May/29/2013 10:07:00 ipsec,debug,packet encryption(aes)
    May/29/2013 10:07:00 ipsec,debug,packet hash(md5)
    May/29/2013 10:07:00 ipsec,debug,packet final encryption key computed:
    May/29/2013 10:07:00 ipsec,debug,packet 97aa77c7 e0fc901e 4ef83e93 03427cfb
    May/29/2013 10:07:00 ipsec,debug,packet hash(md5)
    May/29/2013 10:07:00 ipsec,debug,packet encryption(aes)
    May/29/2013 10:07:00 ipsec,debug,packet IV computed:
    May/29/2013 10:07:00 ipsec,debug,packet b7112c5d 086c306e 49e6abd6 b37fcb8d
    May/29/2013 10:07:00 ipsec,debug,packet ==========
    May/29/2013 10:07:00 ipsec,debug,packet 60 bytes message received from X[500] to X[500]
    May/29/2013 10:07:00 ipsec,debug,packet d38db86e e6493457 0b548ac0 98076f87 05100201 00000000 0000003c e5da4fec
    May/29/2013 10:07:00 ipsec,debug,packet 8faf517e 5ba5bd51 f47ede15 96976de0 764c88f1 9573f6a8 ad42cef3
    May/29/2013 10:07:00 ipsec,debug,packet encryption(aes)
    May/29/2013 10:07:00 ipsec,debug,packet IV was saved for next processing:
    May/29/2013 10:07:00 ipsec,debug,packet 96976de0 764c88f1 9573f6a8 ad42cef3
    May/29/2013 10:07:00 ipsec,debug,packet encryption(aes)
    May/29/2013 10:07:00 ipsec,debug,packet with key:
    May/29/2013 10:07:00 ipsec,debug,packet 97aa77c7 e0fc901e 4ef83e93 03427cfb
    May/29/2013 10:07:00 ipsec,debug,packet decrypted payload by IV:
    May/29/2013 10:07:00 ipsec,debug,packet b7112c5d 086c306e 49e6abd6 b37fcb8d
    May/29/2013 10:07:00 ipsec,debug,packet decrypted payload, but not trimed.
    May/29/2013 10:07:00 ipsec,debug,packet 0800000c 01000000 54f26d62 00000014 9ad7fa73 94d10872 736a0bff 59fa6edd
    May/29/2013 10:07:00 ipsec,debug,packet padding len=222
    May/29/2013 10:07:00 ipsec,debug,packet skip to trim padding.
    May/29/2013 10:07:00 ipsec,debug,packet decrypted.
    May/29/2013 10:07:00 ipsec,debug,packet d38db86e e6493457 0b548ac0 98076f87 05100201 00000000 0000003c 0800000c
    May/29/2013 10:07:00 ipsec,debug,packet 01000000 54f26d62 00000014 9ad7fa73 94d10872 736a0bff 59fa6edd
    May/29/2013 10:07:00 ipsec,debug,packet begin.
    May/29/2013 10:07:00 ipsec,debug,packet seen nptype=5(id)
    May/29/2013 10:07:00 ipsec,debug,packet seen nptype=8(hash)
    May/29/2013 10:07:00 ipsec,debug,packet succeed.
    May/29/2013 10:07:00 ipsec,debug,packet HASH received:
    May/29/2013 10:07:00 ipsec,debug,packet 9ad7fa73 94d10872 736a0bff 59fa6edd
    May/29/2013 10:07:00 ipsec,debug,packet HASH with:
    May/29/2013 10:07:00 ipsec,debug,packet f830dc88 1f3e92e0 4c4cd0b8 f3c71297 431bfc11 6ba00e0a 78d57943 e21ce216
    May/29/2013 10:07:00 ipsec,debug,packet f6fb51c5 6af6e16f e3f77ff4 a1042ba0 d4847852 6161c24d 0c923788 365554d3
    May/29/2013 10:07:00 ipsec,debug,packet fc5f5c15 6b1d9218 e710d29d 1a6ff3de f8364669 b95a3290 3826ced8 af7f9a88
    May/29/2013 10:07:00 ipsec,debug,packet 62f76bfa 3688acae 2a57e7aa fcf4d1c5 2f86c5d7 ee6dd957 c47225d0 5f69e25f
    May/29/2013 10:07:00 ipsec,debug,packet b9c14dc1 5a04a1bb 136fb3a9 4c04421b 06dc2aff 5abac143 9af84b4f 1c4bdcdb
    May/29/2013 10:07:00 ipsec,debug,packet 28c0c744 8b84fdbd 924570c3 563c9535 f1b041e1 a5895789 97cb7dd6 0ae66034
    May/29/2013 10:07:00 ipsec,debug,packet 8ec58597 233c9efa b3b877e2 e55ad236 e7da3280 f71f9e6f eb8e0573 eee37286
    May/29/2013 10:07:00 ipsec,debug,packet 66dc0558 40554f8d 3d17a319 49ee3227 3260c2fd 8330d393 584e85e3 ddf7f7d6
    May/29/2013 10:07:00 ipsec,debug,packet d38db86e e6493457 0b548ac0 98076f87 00000001 00000001 0000002c 00010001
    May/29/2013 10:07:00 ipsec,debug,packet 00000024 00010000 800b0001 800c7080 80010007 80020001 800e0080 80030001
    May/29/2013 10:07:00 ipsec,debug,packet 80040002 01000000 54f26d62
    May/29/2013 10:07:00 ipsec,debug,packet hmac(hmac_md5)
    May/29/2013 10:07:00 ipsec,debug,packet HASH computed:
    May/29/2013 10:07:00 ipsec,debug,packet 9ad7fa73 94d10872 736a0bff 59fa6edd
    May/29/2013 10:07:00 ipsec,debug,packet HASH for PSK validated.
    May/29/2013 10:07:00 ipsec,debug,packet peer's ID
    May/29/2013 10:07:00 ipsec,debug,packet 01000000 54f26d62
    May/29/2013 10:07:00 ipsec,debug,packet ===
    May/29/2013 10:07:00 ipsec,debug,packet use ID type of IPv4_address
    May/29/2013 10:07:00 ipsec,debug,packet generate HASH_R
    May/29/2013 10:07:00 ipsec,debug,packet HASH with:
    May/29/2013 10:07:00 ipsec,debug,packet b9c14dc1 5a04a1bb 136fb3a9 4c04421b 06dc2aff 5abac143 9af84b4f 1c4bdcdb
    May/29/2013 10:07:00 ipsec,debug,packet 28c0c744 8b84fdbd 924570c3 563c9535 f1b041e1 a5895789 97cb7dd6 0ae66034
    May/29/2013 10:07:00 ipsec,debug,packet 8ec58597 233c9efa b3b877e2 e55ad236 e7da3280 f71f9e6f eb8e0573 eee37286
    May/29/2013 10:07:00 ipsec,debug,packet 66dc0558 40554f8d 3d17a319 49ee3227 3260c2fd 8330d393 584e85e3 ddf7f7d6
    May/29/2013 10:07:00 ipsec,debug,packet f830dc88 1f3e92e0 4c4cd0b8 f3c71297 431bfc11 6ba00e0a 78d57943 e21ce216
    May/29/2013 10:07:00 ipsec,debug,packet f6fb51c5 6af6e16f e3f77ff4 a1042ba0 d4847852 6161c24d 0c923788 365554d3
    May/29/2013 10:07:00 ipsec,debug,packet fc5f5c15 6b1d9218 e710d29d 1a6ff3de f8364669 b95a3290 3826ced8 af7f9a88
    May/29/2013 10:07:00 ipsec,debug,packet 62f76bfa 3688acae 2a57e7aa fcf4d1c5 2f86c5d7 ee6dd957 c47225d0 5f69e25f
    May/29/2013 10:07:00 ipsec,debug,packet 0b548ac0 98076f87 d38db86e e6493457 00000001 00000001 0000002c 00010001
    May/29/2013 10:07:00 ipsec,debug,packet 00000024 00010000 800b0001 800c7080 80010007 80020001 800e0080 80030001
    May/29/2013 10:07:00 ipsec,debug,packet 80040002 011101f4 5e70542f
    May/29/2013 10:07:00 ipsec,debug,packet hmac(hmac_md5)
    May/29/2013 10:07:00 ipsec,debug,packet HASH computed:
    May/29/2013 10:07:00 ipsec,debug,packet 9f8e08cd e413ccee f3a2bd00 5496df0c
    May/29/2013 10:07:00 ipsec,debug,packet add payload of len 8, next type 8
    May/29/2013 10:07:00 ipsec,debug,packet add payload of len 16, next type 0
    May/29/2013 10:07:00 ipsec,debug,packet begin encryption.
    May/29/2013 10:07:00 ipsec,debug,packet encryption(aes)
    May/29/2013 10:07:00 ipsec,debug,packet pad length = 16
    May/29/2013 10:07:00 ipsec,debug,packet 0800000c 011101f4 5e70542f 00000014 9f8e08cd e413ccee f3a2bd00 5496df0c
    May/29/2013 10:07:00 ipsec,debug,packet b6912d82 b5cefef6 457dfdd0 1253380f
    May/29/2013 10:07:00 ipsec,debug,packet encryption(aes)
    May/29/2013 10:07:00 ipsec,debug,packet with key:
    May/29/2013 10:07:00 ipsec,debug,packet 97aa77c7 e0fc901e 4ef83e93 03427cfb
    May/29/2013 10:07:00 ipsec,debug,packet encrypted payload by IV:
    May/29/2013 10:07:00 ipsec,debug,packet 96976de0 764c88f1 9573f6a8 ad42cef3
    May/29/2013 10:07:00 ipsec,debug,packet save IV for next:
    May/29/2013 10:07:00 ipsec,debug,packet 7755f09f 55077c5f d0698a05 4fe20338
    May/29/2013 10:07:00 ipsec,debug,packet encrypted.
    May/29/2013 10:07:00 ipsec,debug,packet 76 bytes from X[500] to X[500]
    May/29/2013 10:07:00 ipsec,debug,packet sockname X[500]
    May/29/2013 10:07:00 ipsec,debug,packet send packet from X[500]
    May/29/2013 10:07:00 ipsec,debug,packet send packet to X[500]
    May/29/2013 10:07:00 ipsec,debug,packet src4 X[500]
    May/29/2013 10:07:00 ipsec,debug,packet dst4 X[500]
    May/29/2013 10:07:00 ipsec,debug,packet 1 times of 76 bytes message will be sent to Y.Y.Y.Y[500]
    May/29/2013 10:07:00 ipsec,debug,packet d38db86e e6493457 0b548ac0 98076f87 05100201 00000000 0000004c 6d3eb009
    May/29/2013 10:07:00 ipsec,debug,packet 146ce026 bf52cb51 38cd3493 9fa4bb01 c946e986 42bb2ab1 af97f9f8 7755f09f
    May/29/2013 10:07:00 ipsec,debug,packet 55077c5f d0698a05 4fe20338
    May/29/2013 10:07:00 ipsec,debug ISAKMP-SA established X.X.X.X[500]-Y.Y.Y.Y[500] spi:d38db86ee6493457:0b548ac098076f87
    May/29/2013 10:07:00 ipsec,debug,packet ===
    May/29/2013 10:07:00 ipsec,debug,packet ==========
    May/29/2013 10:07:00 ipsec,debug,packet 284 bytes message received from Y.Y.Y.Y[500] to X.X.X.X[500]
    May/29/2013 10:07:00 ipsec,debug,packet d38db86e e6493457 0b548ac0 98076f87 08102001 2c739cd6 0000011c 15d60fc3
    May/29/2013 10:07:00 ipsec,debug,packet 99003612 43c7f4b7 08501c36 e26781cb e0ade6bb b58691c3 f6b78adb c5fed04b
    May/29/2013 10:07:00 ipsec,debug,packet 7a413175 5ecb04e2 21c1f3e5 fbe394d2 e4236384 f2a2516e 7c311a96 f088604c
    May/29/2013 10:07:00 ipsec,debug,packet 31cacd62 787bbdac 784ca33f 43f7c24a fb3508a0 3541b7aa 9d8d621c 567473e6
    May/29/2013 10:07:00 ipsec,debug,packet 8b4d8623 77dfe903 8105d6bf 27fd3f19 03065c83 8d38f79e ebcdf68f e0509e13
    May/29/2013 10:07:00 ipsec,debug,packet 16d14e6d 338c673c 3b943be6 ecb29f29 24b2ecd5 08eddc9f cdb295c5 1fa455d7
    May/29/2013 10:07:00 ipsec,debug,packet 7063b1b3 cfe29bc7 9230437a 35e9433f f3626a9a 032e6527 c0fb592c 3805d3aa
    May/29/2013 10:07:00 ipsec,debug,packet f46394ed 50875096 faeca3c7 4091ae34 9ccef401 3f758e7c 917598fb 3993a23d
    May/29/2013 10:07:00 ipsec,debug,packet 80c747d4 0c626a45 2546c1ad 2d57f257 9f146a20 7c499c30 4c292c0a
    May/29/2013 10:07:00 ipsec,debug,packet compute IV for phase2
    May/29/2013 10:07:00 ipsec,debug,packet phase1 last IV:
    May/29/2013 10:07:00 ipsec,debug,packet 7755f09f 55077c5f d0698a05 4fe20338 2c739cd6
    May/29/2013 10:07:00 ipsec,debug,packet hash(md5)
    May/29/2013 10:07:00 ipsec,debug,packet encryption(aes)
    May/29/2013 10:07:00 ipsec,debug,packet phase2 IV computed:
    May/29/2013 10:07:00 ipsec,debug,packet 818256b3 312dcb2d 7fd5d802 fd2f28a5
    May/29/2013 10:07:00 ipsec,debug,packet ===
    May/29/2013 10:07:00 ipsec,debug respond new phase 2 negotiation: X.X.X.X[500]<=>Y.Y.Y.Y[500]
    May/29/2013 10:07:00 ipsec,debug,packet encryption(aes)
    May/29/2013 10:07:00 ipsec,debug,packet IV was saved for next processing:
    May/29/2013 10:07:00 ipsec,debug,packet 2d57f257 9f146a20 7c499c30 4c292c0a
    May/29/2013 10:07:00 ipsec,debug,packet encryption(aes)
    May/29/2013 10:07:00 ipsec,debug,packet with key:
    May/29/2013 10:07:00 ipsec,debug,packet 97aa77c7 e0fc901e 4ef83e93 03427cfb
    May/29/2013 10:07:00 ipsec,debug,packet decrypted payload by IV:
    May/29/2013 10:07:00 ipsec,debug,packet 818256b3 312dcb2d 7fd5d802 fd2f28a5
    May/29/2013 10:07:00 ipsec,debug,packet decrypted payload, but not trimed.
    May/29/2013 10:07:00 ipsec,debug,packet 01000014 eb5eeeea c70eb089 ff94d7d8 52e53ad1 0a000034 00000001 00000001
    May/29/2013 10:07:00 ipsec,debug,packet 00000028 00030401 2f2d3cb5 0000001c 00030000 80030002 80040001 80010001
    May/29/2013 10:07:00 ipsec,debug,packet 80020e10 80050001 04000014 459e77b7 5ea9fdfe 35a00d29 05cf61e3 05000084
    May/29/2013 10:07:00 ipsec,debug,packet 29507632 25900b5d d59b72c3 726a2fc3 6998f46e 414a1939 ea0ee3e0 ef8da028
    May/29/2013 10:07:00 ipsec,debug,packet ec11d400 bbacc921 0bf38bb4 d1f0041b 0968ffac fcd4df51 b8ce32b8 c1419e65
    May/29/2013 10:07:00 ipsec,debug,packet 0e90476b eb23da89 b229577c 8ec2c802 eaa3b98c 43ad20bb 27b38b0e 40e34c89
    May/29/2013 10:07:00 ipsec,debug,packet 1afad7e8 7f0973e3 e3f3b765 e72ee8b0 3d188487 426a6f17 4a3dfafa 4f0a37b0
    May/29/2013 10:07:00 ipsec,debug,packet 05000010 04000000 c0a80000 ffffff00 00000010 04000000 c0a80100 ffffff00
    May/29/2013 10:07:00 ipsec,debug,packet padding len=1
    May/29/2013 10:07:00 ipsec,debug,packet skip to trim padding.
    May/29/2013 10:07:00 ipsec,debug,packet decrypted.
    May/29/2013 10:07:00 ipsec,debug,packet d38db86e e6493457 0b548ac0 98076f87 08102001 2c739cd6 0000011c 01000014
    May/29/2013 10:07:00 ipsec,debug,packet eb5eeeea c70eb089 ff94d7d8 52e53ad1 0a000034 00000001 00000001 00000028
    May/29/2013 10:07:00 ipsec,debug,packet 00030401 2f2d3cb5 0000001c 00030000 80030002 80040001 80010001 80020e10
    May/29/2013 10:07:00 ipsec,debug,packet 80050001 04000014 459e77b7 5ea9fdfe 35a00d29 05cf61e3 05000084 29507632
    May/29/2013 10:07:00 ipsec,debug,packet 25900b5d d59b72c3 726a2fc3 6998f46e 414a1939 ea0ee3e0 ef8da028 ec11d400
    May/29/2013 10:07:00 ipsec,debug,packet bbacc921 0bf38bb4 d1f0041b 0968ffac fcd4df51 b8ce32b8 c1419e65 0e90476b
    May/29/2013 10:07:00 ipsec,debug,packet eb23da89 b229577c 8ec2c802 eaa3b98c 43ad20bb 27b38b0e 40e34c89 1afad7e8
    May/29/2013 10:07:00 ipsec,debug,packet 7f0973e3 e3f3b765 e72ee8b0 3d188487 426a6f17 4a3dfafa 4f0a37b0 05000010
    May/29/2013 10:07:00 ipsec,debug,packet 04000000 c0a80000 ffffff00 00000010 04000000 c0a80100 ffffff00
    May/29/2013 10:07:00 ipsec,debug,packet begin.
    May/29/2013 10:07:00 ipsec,debug,packet seen nptype=8(hash)
    May/29/2013 10:07:00 ipsec,debug,packet seen nptype=1(sa)
    May/29/2013 10:07:00 ipsec,debug,packet seen nptype=10(nonce)
    May/29/2013 10:07:00 ipsec,debug,packet seen nptype=4(ke)
    May/29/2013 10:07:00 ipsec,debug,packet seen nptype=5(id)
    May/29/2013 10:07:00 ipsec,debug,packet seen nptype=5(id)
    May/29/2013 10:07:00 ipsec,debug,packet succeed.
    May/29/2013 10:07:00 ipsec,debug,packet received IDci2:
    May/29/2013 10:07:00 ipsec,debug,packet 04000000 c0a80000 ffffff00
    May/29/2013 10:07:00 ipsec,debug,packet received IDcr2:
    May/29/2013 10:07:00 ipsec,debug,packet 04000000 c0a80100 ffffff00
    May/29/2013 10:07:00 ipsec,debug,packet HASH(1) validate:
    May/29/2013 10:07:00 ipsec,debug,packet eb5eeeea c70eb089 ff94d7d8 52e53ad1
    May/29/2013 10:07:00 ipsec,debug,packet HASH with:
    May/29/2013 10:07:00 ipsec,debug,packet 2c739cd6 0a000034 00000001 00000001 00000028 00030401 2f2d3cb5 0000001c
    May/29/2013 10:07:00 ipsec,debug,packet 00030000 80030002 80040001 80010001 80020e10 80050001 04000014 459e77b7
    May/29/2013 10:07:00 ipsec,debug,packet 5ea9fdfe 35a00d29 05cf61e3 05000084 29507632 25900b5d d59b72c3 726a2fc3
    May/29/2013 10:07:00 ipsec,debug,packet 6998f46e 414a1939 ea0ee3e0 ef8da028 ec11d400 bbacc921 0bf38bb4 d1f0041b
    May/29/2013 10:07:00 ipsec,debug,packet 0968ffac fcd4df51 b8ce32b8 c1419e65 0e90476b eb23da89 b229577c 8ec2c802
    May/29/2013 10:07:00 ipsec,debug,packet eaa3b98c 43ad20bb 27b38b0e 40e34c89 1afad7e8 7f0973e3 e3f3b765 e72ee8b0
    May/29/2013 10:07:00 ipsec,debug,packet 3d188487 426a6f17 4a3dfafa 4f0a37b0 05000010 04000000 c0a80000 ffffff00
    May/29/2013 10:07:00 ipsec,debug,packet 00000010 04000000 c0a80100 ffffff00
    May/29/2013 10:07:00 ipsec,debug,packet hmac(hmac_md5)
    May/29/2013 10:07:00 ipsec,debug,packet HASH computed:
    May/29/2013 10:07:00 ipsec,debug,packet eb5eeeea c70eb089 ff94d7d8 52e53ad1
    May/29/2013 10:07:00 ipsec,debug,packet get a src address from ID payload 192.168.0.0[0] prefixlen=24 ul_proto=255
    May/29/2013 10:07:00 ipsec,debug,packet get dst address from ID payload 192.168.1.0[0] prefixlen=24 ul_proto=255
    May/29/2013 10:07:00 ipsec,debug,packet 0x7fbf2f30 masked with /24: 192.168.0.0[0]
    May/29/2013 10:07:00 ipsec,debug,packet 0x482540 masked with /24: 192.168.1.0[0]
    May/29/2013 10:07:00 ipsec,debug no policy found: 192.168.0.0/24[0] 192.168.1.0/24[0] proto=any dir=in
    May/29/2013 10:07:00 ipsec,debug failed to get proposal for responder.
    May/29/2013 10:07:00 ipsec,debug failed to pre-process packet.
    29.5.2013 13:24 NN
    Rozbalit Rozbalit vše Re: VPN tunel
    Dobre, takze dalsi chyba: 
    ipsec,debug no policy found: 192.168.0.0/24[0] 192.168.1.0/24[0] proto=any dir=in
May/29/2013 10:07:00 ipsec,debug failed to get proposal for responder.
May/29/2013 10:07:00 ipsec,debug failed to pre-process packet.
    Takze /ip ipsec policy definuje site ktere spolu budou komunikovat a brany pres ktere pujde provoz. Nakonfigurovane zrcadlove na obous stranach. Viz cesky navod, ktery jsem posilal na zacatku.
    29.5.2013 13:36 Vláďa
    Rozbalit Rozbalit vše Re: VPN tunel
    Bingo! :)

    Kam mam poslat sampansky?

    Díky!!

    V.
    29.5.2013 14:44 Vláďa
    Rozbalit Rozbalit vše Re: VPN tunel
    Tak jeste tomu preci jen neco chybi, tunel se navazal ze strany planetu udelam ping na vnitrni sit za Mikrotikem, ale obracene se mi to zatim nedari. Nejde to ani primo z Miktoriku.
    29.5.2013 15:04 NN
    Rozbalit Rozbalit vše Re: VPN tunel
    Budes muset projit celou cestu, jak odchozi pakety, tak prichozi odpovedi a dohledat kde je to zariznute.
    29.5.2013 21:31 Vláďa
    Rozbalit Rozbalit vše Re: VPN tunel
    Tak jeste mi tam chybel NAT uz to vsechno beha. To sampansky plati pokud mi napises kam.

    diky

    V.
    29.5.2013 22:37 NN
    Rozbalit Rozbalit vše Re: VPN tunel 
    Ladislav Galli - NIDV
Senovážné náměstí 26
110 06 Praha 1
    Hlavne ocenuju, ze jsi to nevzdal a nakonfiguroval.

    Založit nové vláknoNahoru

    Tiskni Sdílej: Linkuj Jaggni to Vybrali.sme.sk Google Del.icio.us Facebook

    Píšeme jinde
    ISSN 1214-1267   www.czech-server.cz
    Redakce | Inzerce | Podmínky použití | Osobní údaje
    © 1999-2015 Nitemedia s. r. o. Všechna práva vyhrazena.