Adtran
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
icbfan7
New Contributor
‎12-31-2014 02:09 PM

VPN Setup b/w 2 1335p

I am trying to setup a VPN between two NetVanta 1335p units and am having trouble.  I am referencing the "Configuring a VPN using Main Mode in AOS" document.  I am able to ping between both sites public IPs.  I can start the ping from one site to the other (using "ping 10.10.121.254 source 192.168.2.254 [these are both VLAN interfaces on the 1335p units]) and this is what I get.......I get all the way to the fifth message of main mode.  See below:

2014.12.31 14:42:07 CRYPTO_IKE.NEGOTIATION 100: Sent fifth message of main mode

2014.12.31 14:42:09 CRYPTO_IKE.NEGOTIATION IkeStartNegotiation: Already in proce

ss of negotiation  *

2014.12.31 14:42:11 CRYPTO_IKE.NEGOTIATION IkeStartNegotiation: Already in proce

ss of negotiation  *

2014.12.31 14:42:12 CRYPTO_IKE.NEGOTIATION IkeRetryTimeOut :: Retrying 1st phase

..

2014.12.31 14:42:13 CRYPTO_IKE.NEGOTIATION IkeStartNegotiation: Already in proce

ss of negotiation  *

2014.12.31 14:42:15 CRYPTO_IKE.NEGOTIATION IkeStartNegotiation: Already in proce

ss of negotiation  **

Success rate is 0 percent (0/5)

NorwalkNetvanta#

2014.12.31 14:42:17 CRYPTO_IKE.NEGOTIATION IkeRetryTimeOut :: Retrying 1st phase

..

2014.12.31 14:42:22 CRYPTO_IKE.NEGOTIATION IkeRetryTimeOut :: Retrying 1st phase

..

2014.12.31 14:42:27 CRYPTO_IKE.NEGOTIATION <POLICY: 100> PAYLOADS: DEL

2014.12.31 14:42:27 CRYPTO_IKE.NEGOTIATION   DELETE PAYLOAD

2014.12.31 14:42:27 CRYPTO_IKE.NEGOTIATION     DOI: 1

2014.12.31 14:42:27 CRYPTO_IKE.NEGOTIATION     Protocol Id: 1

2014.12.31 14:42:27 CRYPTO_IKE.NEGOTIATION     Size of the SPI field: 16

2014.12.31 14:42:27 CRYPTO_IKE.NEGOTIATION     Number of SPIs being deleted: 1

2014.12.31 14:42:27 CRYPTO_IKE.NEGOTIATION 100: Sent informational exchange mess

age

2014.12.31 14:42:27 CRYPTO_IKE.NEGOTIATION

2014.12.31 14:42:27 CRYPTO_IKE.NEGOTIATION IkeDeleteIsakmpSA :: Deleting any DPD

Requests queued in isakmpsa

Any thoughts as to what might be giving me this error message.  From what I can tell, I have followed the guide step-by-step, and cannot get it to work.  This type of error message was not in the guide under the Troubleshooting section.  Any help would be greatly appreciated.

Labels (1)
Labels
0 Kudos
Reply
1 Reply
Anonymous
Not applicable
‎01-15-2015 11:06 AM

Re: VPN Setup b/w 2 1335p

Brian,

Thanks for posting your question on the forum!

Usually, if VPN negotiation gets to the 5th message of main mode, then you will want to check whether the IDs are matching up, the preshared keys are matching, or try disabling NAT-T or forcing NAT-T v2.

However, if you could post the debug from both sides, as well as the configurations of both routers as well, we might be better able to narrow down the cause.

Please do not hesitate to let us know if you have any questions.

Thanks,

Noor

0 Kudos
Accept as Solution Reply