Manuals / Billion Electric Company / Computer Equipment / Network Card

Billion Electric Company CO1 user manual No response to phase 2 requests

Models: CO1

1 42

Download 42 pages 51.47 Kb

Page 40

No response to phase 2 requests

Billion BiGuard VPN Client

No response to phase 2 requests

120348 Default (SA CnxVpn1-CnxVpn1-P2) SEND phase 2 Quick Mode [HASH] [SA] [NONCE] [ID] [ID]

120349 Default (SA CnxVpn1-CnxVpn1-P2) SEND phase 2 Quick Mode [HASH] [SA] [NONCE] [ID] [ID]

120351 Default (SA CnxVpn1-CnxVpn1-P2) SEND phase 2 Quick Mode [HASH] [SA] [NONCE] [ID] [ID]

120351 Default (SA CnxVpn1-CnxVpn1-P2) SEND phase 2 Quick Mode [HASH] [SA] [NONCE] [ID] [ID]

Check algorithms and phase 2 identities (“Local address” and “Network address”). Some settings must mismatch between the VPN and the VPN gateway.

I clicked on “Open tunnel”, but nothing happens.

Read logs of each VPN tunnel endpoint. IKE requests can be dropped by firewalls. An IPSec Client uses UDP port 500 and protocol ESP (protocol 50).

The VPN tunnel is up but I can’t ping!

If the VPN tunnel is up, but you still cannot ping the remote LAN, here are a few guidelines:

1.Check Phase 2 settings: VPN Client address and Remote LAN address. Usually, VPN Client IP address should not belong to the remote LAN subnet.

2.Once VPN tunnel is up, packets are sent with ESP protocol. This protocol can be blocked by firewall. Check that every device between the client and the VPN server does accept ESP.

3.Check your VPN server logs. Packets can be dropped by one of its firewall rules.

4.Check your ISP support ESP.

5.If you still cannot ping, follow ICMP traffic on VPN server LAN interface and on LAN computer interface (with Ethereal for example). You will have an indication that encryption works.

6.Check the “default gateway” value in VPN Server LAN. A target on your remote LAN can receive pings but does not answer because there is a no “Default gateway” setting.

7.You cannot access to the computers in the LAN by their name. You must specify their IP address inside the LAN.

We recommend you to install ethereal (http://www.ethereal.com) on one of your target computer. You can check that your pings arrive inside the LAN.

37

Chapter 5: Troubleshooting

Image 40

Billion Electric Company CO1 user manual No response to phase 2 requests, I clicked on “Open tunnel”, but nothing happens

Contents

Version Release Secure access to Company NetworkBiGuard C01 BiGuard VPN ClientTable of Contents CHAPTER 2 INSTALLING BIGUARD VPN CLIENTCHAPTER 4 VPN CONFIGURATION CHAPTER 1 INTRODUCTIONVPN CLIENT CHAPTER 5 TROUBLESHOOTINGAPPENDIX B PRODUCT SUPPORT AND CONTACT INFORMATION Features User Authentication Please see Appendix AChapter 1 Introduction Introduction to BiGuard VPN ClientConfiguration building Invisible User InterfaceUser Interface and Command Line Chapter 1 IntroductionChapter 2 Installing BiGuard VPN Client Software installationActivation Wizard Software EvaluationTwo easy step Wizard Step 1 of 2 Enter License Number Error codes Error messagesError explanations Activation errorsSoftware Uninstallation Navigation the user interface Chapter 3 Navigation the User InterfaceSystem Tray A left-button click on VPN icon opens configuration user interface Main Window Main MenusStatus Bar Windows “About”Hidden Interface WizardsPreferences VPN Client start modeStart VPN Client software after MS Windows logon MiscellaneousConfiguration Wizard Chapter 4 VPN ConfigurationFour easy step Wizard Step 1 of Step 2 ofStep 3 of Step 4 ofHow to create a VPN Tunnel? VPN Tunnel ConfigurationMultiple Authentication or IPSec Configuration Phase Advanced Features Authentication or PhaseWhat is Phase 1? Phase 1 Settings Description Phase 1 Advanced configuration Advanced featuresLocal and Remote ID What is Phase 2? IPSec Configuration or PhasePhase 2 Settings Description Phase 2 Advanced configuration Auto open this tunnel when the VPN Client starts up Lifetime sec Global Parameters - Global Settings DescriptionDead Peer Detection DPD VPN Tunnel View - How to view opened tunnels? MiscellaneousHow to set USB Mode on? What is USB Mode?USB Mode How to enable a new USB Stick? How to configure IPSec VPN Client with Certificates? Additional support documents1. Importing a configuration, select File Import VPN Configuration Configuration Tools Command line toolsImport VPN Configuration option “/import” and “/importance” Hiding VPN Client configuration user interface VPNHIDEConsole and Logs Console WindowsPlcy Policy not used Chapter 5 Troubleshooting VPN IPSec Troubleshooting« PAYLOAD MALFORMED » error wrong Phase 1 SA « INVALID COOKIE » error« received remote ID other than expected » error « no keystate » error« NO PROPOSAL CHOSEN » error No response for phase 1 requests « INVALID ID INFORMATION » errorSEND, RECV and that is all I clicked on “Open tunnel”, but nothing happens No response to phase 2 requestsThe VPN tunnel is up but I can’t ping x = not support Contact Billion WORLDWIDE APPENDIX B Product Support and Contact InformationAppendix B Product Support and Contact Information