Openswan 和 sonicwall 以及加密参数

Openswan 和 sonicwall 以及加密参数

这个错误促使我调查我的加密参数:

003 "sonicwall" #2: ignoring unknown Vendor ID payload [...]

请一些专家看看并告诉我哪里出了问题?

声波墙(网页界面):

ESP: 3DES/HMAC SHA1 (IKE)
IKE phase 1: Enc 3DES, auth SHA1
Ipsec Phase 2: Protocol ESP, Enc 3DES, Auth SHA1
Required XAUTH
DH Group 2 

/etc/ipsec.conf

ike=3DES-SHA1;modp1024
phase2alg=3DES-SHA1;modp1024

这使我通过了第 1 阶段(密钥交换),但随后它卡在了第 2 阶段(数据交换),在此阶段它循环并报告格式错误的有效负载通知:

002 "sonicwall" #2: initiating Main Mode
104 "sonicwall" #2: STATE_MAIN_I1: initiate
003 "sonicwall" #2: ignoring unknown Vendor ID payload [...]
002 "sonicwall" #2: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
106 "sonicwall" #2: STATE_MAIN_I2: sent MI2, expecting MR2
003 "sonicwall" #2: ignoring Vendor ID payload [Sonicwall 1 (TZ 170 Standard?)]
003 "sonicwall" #2: received Vendor ID payload [XAUTH]
003 "sonicwall" #2: received Vendor ID payload [Dead Peer Detection]
002 "sonicwall" #2: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
108 "sonicwall" #2: STATE_MAIN_I3: sent MI3, expecting MR3
002 "sonicwall" #2: received 1 malformed payload notifies
003 "sonicwall" #2: discarding duplicate packet; already STATE_MAIN_I3
010 "sonicwall" #2: STATE_MAIN_I3: retransmission; will wait 20s for response
002 "sonicwall" #2: received 2 malformed payload notifies
003 "sonicwall" #2: discarding duplicate packet; already STATE_MAIN_I3
010 "sonicwall" #2: STATE_MAIN_I3: retransmission; will wait 40s for response
002 "sonicwall" #2: received 3 malformed payload notifies

相关内容