Jump to content
  • 0
Sign in to follow this  
t800

Windows 10 Pro не подключается к VPN IPSec

Question

Windows 10 настроена согласно рекомендациям статьи в вашей базе знаний. Маршрутизатор - тоже. Пробовал из-за ната (ноутбук через мобильник). 

Вот такое сообщение выдаёт винда:

image.png.48417513240623954e130ee041c2216a.png

Вот такие сообщения выдаёт маршрутизатор

Цитата
Апр 26 13:34:57
 
ipsec
14[IKE] received MS NT5 ISAKMPOAKLEY vendor ID
Апр 26 13:34:57
 
ipsec
14[IKE] received NAT-T (RFC 3947) vendor ID
Апр 26 13:34:57
 
ipsec
14[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Апр 26 13:34:57
 
ipsec
14[IKE] received FRAGMENTATION vendor ID
Апр 26 13:34:57
 
ipsec
14[IKE] 188.170.196.19 is initiating a Main Mode IKE_SA
Апр 26 13:34:57
 
ipsec
14[CFG] received proposals: IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_384, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Апр 26 13:34:57
 
ipsec
14[CFG] configured proposals: IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_384, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_384, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Апр 26 13:34:57
 
ipsec
14[CFG] selected proposal: IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256
Апр 26 13:34:57
 
ipsec
14[IKE] sending XAuth vendor ID
Апр 26 13:34:57
 
ipsec
14[IKE] sending DPD vendor ID
Апр 26 13:34:57
 
ipsec
14[IKE] sending Cisco Unity vendor ID
Апр 26 13:34:57
 
ipsec
14[IKE] sending FRAGMENTATION vendor ID
Апр 26 13:34:57
 
ipsec
14[IKE] sending NAT-T (RFC 3947) vendor ID
Апр 26 13:34:57
 
ipsec
16[IKE] remote host is behind NAT
Апр 26 13:34:57
 
ipsec
16[IKE] linked key for crypto map '(unnamed)' is not found, still searching
Апр 26 13:34:57
 
ipsec
07[CFG] looking for pre-shared key peer configs matching 85.172.38.71...188.170.196.19[192.168.43.91]
Апр 26 13:34:57
 
ipsec
07[IKE] found 1 matching config, but none allows pre-shared key authentication using Main Mode
Апр 26 13:34:57
 
ipsec
05[IKE] received MS NT5 ISAKMPOAKLEY vendor ID
Апр 26 13:34:57
 
ipsec
05[IKE] received NAT-T (RFC 3947) vendor ID
Апр 26 13:34:57
 
ipsec
05[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Апр 26 13:34:57
 
ipsec
05[IKE] received FRAGMENTATION vendor ID
Апр 26 13:34:57
 
ipsec
05[IKE] 188.170.196.19 is initiating a Main Mode IKE_SA
Апр 26 13:34:57
 
ipsec
05[CFG] received proposals: IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_384, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Апр 26 13:34:57
 
ipsec
05[CFG] configured proposals: IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_384, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_384, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Апр 26 13:34:57
 
ipsec
05[CFG] selected proposal: IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256
Апр 26 13:34:57
 
ipsec
05[IKE] sending XAuth vendor ID
Апр 26 13:34:57
 
ipsec
05[IKE] sending DPD vendor ID
Апр 26 13:34:57
 
ipsec
05[IKE] sending Cisco Unity vendor ID
Апр 26 13:34:57
 
ipsec
05[IKE] sending FRAGMENTATION vendor ID
Апр 26 13:34:57
 
ipsec
05[IKE] sending NAT-T (RFC 3947) vendor ID
Апр 26 13:34:57
 
ipsec
06[IKE] remote host is behind NAT
Апр 26 13:34:57
 
ipsec
06[IKE] linked key for crypto map '(unnamed)' is not found, still searching
Апр 26 13:34:57
 
ipsec
09[CFG] looking for pre-shared key peer configs matching 85.172.38.71...188.170.196.19[192.168.43.91]
Апр 26 13:34:57
 
ipsec
09[IKE] found 1 matching config, but none allows pre-shared key authentication using Main Mode

Селф-тест будет в скрытом сообщении, я его снимал в режиме отладки. Но прошу обратить внимание, вывод из журнала взят для более поздней попытке, отладка шла чуть раньше

Share this post


Link to post
Share on other sites

2 answers to this question

Recommended Posts

  • 0

У вас только Virtual IP сервер, это другое - он работать не будет. Вам нужен L2TP/IPsec.

Share this post


Link to post
Share on other sites
  • 0
В 13.05.2019 в 12:00, Le ecureuil сказал:

У вас только Virtual IP сервер, это другое - он работать не будет. Вам нужен L2TP/IPsec.

Спасибо, это решило вопрос

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...