Cisco SRP500 Manuale di configurazione - Pagina 8

Sfoglia online o scarica il pdf Manuale di configurazione per Router di rete Cisco SRP500. Cisco SRP500 9. Small business managed router feature site to site ipsec vpns

Stampa la pagina
Cisco SRP500 Manuale di configurazione
spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x0
Crypto mapdb : proxy_match
src addr
dst addr
protocol
src port
dst port
ISAKMP:(2026): processing NONCE payload. message ID = 1985749619
ISAKMP:(2026): processing KE payload. message ID = 1985749619
ISAKMP:(2026): processing ID payload. message ID = 1985749619
ISAKMP:(2026): processing ID payload. message ID = 1985749619
ISAKMP:(2026):QM Responder gets spi
ISAKMP:(2026):Node 1985749619, Input = IKE_MESG_FROM_PEER, IKE_QM_EXCH
ISAKMP:(2026):Old State = IKE_QM_READY
ISAKMP:(2026): Creating IPSec SAs
inbound SA from 192.168.200.162 to 192.168.200.146 (f/i)
(proxy 192.168.15.0 to 192.168.9.0)
has spi 0xBDE1EBFF and conn_id 0
lifetime of 7800 seconds
outbound SA from 192.168.200.146 to 192.168.200.162 (f/i) 0/0
(proxy 192.168.9.0 to 192.168.15.0)
has spi
0xFD490D63 and conn_id 0
lifetime of 7800 seconds
ISAKMP:(2026): sending packet to 192.168.200.162 my_port 500 peer_port 500 (R) QM_IDLE
ISAKMP:(2026):Sending an IKE IPv4 Packet.
ISAKMP:(2026):Node 1985749619, Input = IKE_MESG_INTERNAL, IKE_GOT_SPI
ISAKMP:(2026):Old State = IKE_QM_SPI_STARVE
IPSEC(key_engine): got a queue event with 1 KMI message(s)
Crypto mapdb : proxy_match
src addr
dst addr
protocol
src port
dst port
IPSEC(crypto_ipsec_sa_find_ident_head): reconnecting with the same proxies and peer
192.168.200.162
IPSEC(policy_db_add_ident): src 192.168.9.0, dest 192.168.15.0, dest_port 0
IPSEC(create_sa): sa created,
(sa) sa_dest= 192.168.200.146, sa_proto= 50,
sa_spi= 0xBDE1EBFF(3185699839),
sa_trans= esp-3des esp-sha-hmac , sa_conn_id= 353
sa_lifetime(k/sec)= (4519827/3600)
IPSEC(create_sa): sa created,
(sa) sa_dest= 192.168.200.162, sa_proto= 50,
sa_spi= 0xFD490D63(4249423203),
sa_trans= esp-3des esp-sha-hmac , sa_conn_id= 354
sa_lifetime(k/sec)= (4519827/3600)
ISAKMP (2026): received packet from 192.168.200.162 dport 500 sport 500 Global (R)
QM_IDLE
ISAKMP:(2026):deleting node 1985749619 error FALSE reason "QM done (await)"
ISAKMP:(2026):Node 1985749619, Input = IKE_MESG_FROM_PEER, IKE_QM_EXCH
ISAKMP:(2026):Old State = IKE_QM_R_QM2
IPSEC(key_engine): got a queue event with 1 KMI message(s)
IPSEC(key_engine_enable_outbound): rec'd enable notify from ISAKMP
IPSEC(key_engine_enable_outbound): enable SA with spi 4249423203/50
IPSEC(update_current_outbound_sa): updated peer 192.168.200.162 current outbound sa to
SPI FD490D63
ISAKMP:(2025):purging node -1226010635
ISAKMP:(2025):purging node -605868871
#######
Site 2 SRP500 Disconnects the tunnel here using the status page
ISAKMP (2026): received packet from 192.168.200.162 dport 500 sport 500 Global (R)
QM_IDLE
ISAKMP: set new node -528070160 to QM_IDLE
ISAKMP:(2026): processing HASH payload. message ID = -528070160
ISAKMP:(2026): processing DELETE payload. message ID = -528070160
All contents are Copyright © 1992-2011 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 8 of 9
: 192.168.9.0
: 192.168.15.0
: 0
: 0
: 0
New State = IKE_QM_SPI_STARVE
: 192.168.9.0
: 192.168.15.0
: 0
: 0
: 0
New State = IKE_QM_PHASE2_COMPLETE
New State = IKE_QM_R_QM2
0/ 0