Advertisement

11.19.2008 at 07:36AM PST, ID: 23918122 | Points: 500
[x]
Attachment Details

VPN issue using Watchguard Firebox X700

Zones:

Watchguard Firewall, Virtual Private Networking (VPN), IPSec Security Protocol

Tags:

Watchguard, Firebox X700, Fireware System Manager 10.2.3, VPN
Hi All,
I've got a VPN IPSec issue using a Watchguard Firebox X700 on my side running Fireware 10.2.3.
This is the error log (renamed the real remote host IP with "***REMOTE_HOST_IP***"):

Debug Logs
=============
2008-11-19 16:24:58 iked Ignore a DPD R_U_THERE message from ***REMOTE_HOST_IP***:500(Reason: Unexpected sequence number) msg_id="0203-5274"       Debug
2008-11-19 16:24:58 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2008-11-19 16:25:03 iked Ignore a DPD R_U_THERE message from ***REMOTE_HOST_IP***:500(Reason: Unexpected sequence number) msg_id="0203-5274"       Debug
2008-11-19 16:25:03 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2008-11-19 16:25:04 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2008-11-19 16:25:07 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2008-11-19 16:25:07 wgcgi_bin path: /cmm/cmd 3 msg_id="0F00-0003"       Debug
2008-11-19 16:25:07 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2008-11-19 16:25:07 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2008-11-19 16:25:08 wgcgi_bin path: /cmm/cmd 8 msg_id="0F00-0003"       Debug
2008-11-19 16:25:08 iked Phase 1 started by peer with policy [Gateway_Ipeer] from ***REMOTE_HOST_IP***:500 main mode msg_id="0203-5021"       Debug
2008-11-19 16:25:08 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2008-11-19 16:25:08 wgcgi_bin path: /cmm/cmd 4 msg_id="0F00-0003"       Debug
2008-11-19 16:25:08 iked Initiating phase 2 negotiation to peer ***REMOTE_HOST_IP*** for replacing SPIs: inbound 0x317bec8e outbound 0x9462af7d msg_id="0205-5252"       Debug
2008-11-19 16:25:09 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2008-11-19 16:25:09 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2008-11-19 16:25:09 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2008-11-19 16:25:11 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2008-11-19 16:25:16 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2008-11-19 16:25:17 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2008-11-19 16:25:20 iked Drop negotiation to peer ***REMOTE_HOST_IP***:500 due to phase 1 retry timeout msg_id="0203-5161"       Debug
2008-11-19 16:25:20 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2008-11-19 16:25:21 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2008-11-19 16:25:21 wgcgi_bin path: /cmm/cmd msg_id="0F00-0003"       Debug
2008-11-19 16:25:22 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2008-11-19 16:25:23 iked Phase 1 started by peer with policy [Gateway_Ipeer] from ***REMOTE_HOST_IP***:500 main mode msg_id="0203-5021"       Debug
2008-11-19 16:25:24 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2008-11-19 16:25:28 iked Phase 1 completed as responder msg_id="0203-5002"       Debug
2008-11-19 16:25:28 iked  MM hash_alg=2 encr_alg=5 key_len=168 auth_alg=1 dh_group=5 seconds=28803 kbytes=0 msg_id="0203-5003"       Debug
2008-11-19 16:25:29 wgcgi_bin path: /cmm/sync/cli msg_id="0F00-0003"       Debug
2008-11-19 16:25:29 iked Phase 2 started by peer with message(id 4f6f877d) from ***REMOTE_HOST_IP***:500 quick mode msg_id="0203-5081"       Debug
2008-11-19 16:25:29 iked Initiating phase 2 negotiation to peer ***REMOTE_HOST_IP*** for replacing SPIs: inbound 0x317bec8e outbound 0x9462af7d msg_id="0205-5252"       Debug
2008-11-19 16:25:29 iked Starting phase 2 to ***REMOTE_HOST_IP***:500 quick mode message(id ce40de90) msg_id="0203-5091"       Debug
2008-11-19 16:25:30 wgcgi_bin path: /snmp/request msg_id="0F00-0003"       Debug
2008-11-19 16:25:35 iked Phase 2 started by peer with message(id 4f6f877d) from ***REMOTE_HOST_IP***:500 quick mode msg_id="0203-5081"       Debug

Any suggestion?
Thanks!
Start your 7 day free trial to see this answer
Top Expert: dpk_wal
Expert Since: 05/11/2007
Accepted Solutions: 487
Computer Expertise: Advanced
Education: IGNOU, Master's Degree
dpk_wal has been an Expert for 1 year 8 months, during which he has posted 1914 comments and answered 487 questions. dpk_wal is just one of 255 experts in the Watchguard Firewall Zone.
 
 
20081119-EE-VQP-48 - Hierarchy / EE_QW_2_20070628