Hi,
I'm trying to use the VPN IPSEC provided with the Fortigate 80C appliance.
On the client side, I want to use the FORTICLIENT software.
My 80C is running with firware v5.2.6, build 711
My Client is running on Win7 Pro and FORTICLIENT 5.4.0.0780
I have configured the VPN tunnel using the wizard on the Fortigate.
On the client side, the configuration has also been done.
When I try to establish the connection, the following problem appears :
- On the client :
"VPN connection failed. Please check your configuration, network connection and pre-shared key then retry your connection.
If the problem persists, contact your network administrator for help"
-On the fortigate :
In "Log&Report" > "Event Log" > "VPN" section, I receive two errors (see attached picture VPN.GIF).
It would be very helpful if anyone could help me making this VPN working :)
Thanks in advance,
Cheers.
Anthony THOMAS.
Below is the log [debug verbosity] from the FortiClient :
3/29/2016 4:49:56 PM Notice FortiShield id=96851 user=DBLOG_SOURCE_SYSTEM msg="FortiShield is enabled" 3/29/2016 4:49:56 PM Notice VPN id=96602 msg="SSLVPN service started successfully." vpntype=ssl 3/29/2016 4:50:35 PM Warning FortiShield id=96855 msg="FortiShield blocked application: \\\\frignhghfile.igny.hgh.fr\\Activites_En_Cours\\Informatique\\Administration\\VPN\\Fortigate\\FortiClientOnlineInstaller.exe from modifying: \\REGISTRY\\MACHINE\\SOFTWARE\\Wow6432Node\\Fortinet\\FortiClient\\FA_UPDATE\\SoftwareUpdate\\IgnoreV" 3/29/2016 4:50:35 PM Warning FortiShield id=96855 msg="FortiShield blocked application: C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe from modifying: c:\\program files (x86)\\fortinet\\forticlient\\forticlient.exe:agc" 3/29/2016 4:52:51 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.3.61 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=IPSEC_HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1" vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 4:53:03 PM Warning VPN id=96561 msg="locip=192.168.3.61 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=IPSEC_HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 4:55:07 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.3.61 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=IPSEC_HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1" vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 4:55:19 PM Warning VPN id=96561 msg="locip=192.168.3.61 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=IPSEC_HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 4:58:23 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.3.61 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=IPSEC_HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1" vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 4:58:35 PM Warning VPN id=96561 msg="locip=192.168.3.61 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=IPSEC_HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 5:01:21 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=IPSEC_HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message " vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 5:01:33 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=IPSEC_HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 5:07:58 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=IPSEC_HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message " vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 5:08:10 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=IPSEC_HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 5:10:36 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=IPSEC_HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message " vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 5:10:48 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=IPSEC_HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 5:16:41 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=IPSEC_HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message " vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 5:16:53 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=IPSEC_HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 5:24:40 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=IPSEC_HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message " vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 5:24:52 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=IPSEC_HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 5:43:51 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=IPSEC_HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message " vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 5:44:03 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=IPSEC_HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=IPSEC_HGH vpntype=ipsec 3/29/2016 5:54:14 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 3/29/2016 5:55:34 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1 (OK" vpntunnel=HGH vpntype=ipsec 3/29/2016 5:55:46 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 3/29/2016 6:04:17 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1 (OK" vpntunnel=HGH vpntype=ipsec 3/29/2016 6:04:29 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 3/29/2016 6:05:24 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1 (OK" vpntunnel=HGH vpntype=ipsec 3/29/2016 6:05:36 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 3/29/2016 6:08:39 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1 (OK" vpntunnel=HGH vpntype=ipsec 3/29/2016 6:08:51 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 3/31/2016 9:39:26 AM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1 (OK" vpntunnel=HGH vpntype=ipsec 3/31/2016 9:39:38 AM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 3/31/2016 9:42:44 AM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1 (OK" vpntunnel=HGH vpntype=ipsec 3/31/2016 9:42:56 AM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 3/31/2016 9:45:33 AM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=4500 rem_ip=248.63.133.133 rem_port=4500 out_if=0 vpn_tunnel=HGH action=negotiate init=remote mode=xauth_client stage=0 dir=inbound status=success Responder: parsed 248.63.133.133 xauth_client mode messag" vpntunnel=HGH vpntype=ipsec 3/31/2016 9:45:49 AM Notice VPN (repeated 1 times in last 17 sec) id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=4500 rem_ip=248.63.133.133 rem_port=4500 out_if=0 vpn_tunnel=HGH action=negotiate init=remote mode=xauth_client stage=0 dir=inbound status=success Responder: parsed 248.63.133.133 xauth_client mode messag" vpntunnel=HGH vpntype=ipsec 3/31/2016 9:45:53 AM Warning VPN id=96563 msg="locip=192.168.43.100 locport=4500 remip=248.63.133.133 remport=4500 outif=0 vpntunnel=HGH status=negotiate_error Received delete payload from peer check xauth password." vpntunnel=HGH vpntype=ipsec 3/31/2016 9:47:07 AM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 4/12/2016 11:48:17 AM Warning VPN id=96561 msg="locip=192.168.3.39 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 4/12/2016 11:50:27 AM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.3.39 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1 (OK)" vpntunnel=HGH vpntype=ipsec 4/12/2016 11:50:39 AM Warning VPN id=96561 msg="locip=192.168.3.39 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 4/12/2016 1:27:21 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.3.39 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1 (OK)" vpntunnel=HGH vpntype=ipsec 4/12/2016 1:27:33 PM Warning VPN id=96561 msg="locip=192.168.3.39 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 4/12/2016 1:56:01 PM Notice WebFilter date=2016-04-12 time=13:56:00 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=universalinstaller.azurewebsites.net destinationport=80 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=http url=/installer.html?loc=US userinitiated=1 browsetime=5 4/12/2016 1:56:06 PM Notice WebFilter date=2016-04-12 time=13:56:05 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=www.google.fr destinationport=443 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=https url=/?gws_rd=ssl userinitiated=1 browsetime=4 4/12/2016 1:56:10 PM Notice WebFilter date=2016-04-12 time=13:56:09 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=www.google.fr destinationport=443 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=https url=/?gws_rd=ssl#q=nmap userinitiated=1 browsetime=4 4/12/2016 1:56:12 PM Notice WebFilter date=2016-04-12 time=13:56:11 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=nmap.org destinationport=443 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=https url=/ userinitiated=1 browsetime=2 4/12/2016 1:56:22 PM Notice WebFilter date=2016-04-12 time=13:56:21 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=nmap.org destinationport=443 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=https url=/download.html userinitiated=1 browsetime=9 4/12/2016 1:56:35 PM Notice WebFilter date=2016-04-12 time=13:56:34 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=nmap.org destinationport=443 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=https url=/book/inst-windows.html userinitiated=1 browsetime=13 4/12/2016 1:56:53 PM Notice WebFilter date=2016-04-12 time=13:56:52 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=nmap.org destinationport=443 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=https url=/download.html userinitiated=1 browsetime=18 4/12/2016 1:57:40 PM Notice WebFilter date=2016-04-12 time=13:57:39 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=nmap.org destinationport=443 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=https url=/download.html userinitiated=1 browsetime=2 4/12/2016 1:57:55 PM Notice WebFilter date=2016-04-12 time=13:57:54 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=www.msn.com destinationport=80 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=http url=/fr-fr/?ocid=iehp userinitiated=1 browsetime=2 4/12/2016 2:43:30 PM Notice WebFilter date=2016-04-12 time=14:43:29 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=www.msn.com destinationport=80 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=http url=/fr-fr/?ocid=iehp userinitiated=1 browsetime=3 4/12/2016 2:43:36 PM Notice WebFilter date=2016-04-12 time=14:43:35 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=www.google.fr destinationport=443 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=https url=/?gws_rd=ssl userinitiated=1 browsetime=6 4/12/2016 2:43:51 PM Notice WebFilter date=2016-04-12 time=14:43:50 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=www.google.fr destinationport=443 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=https url=/?gws_rd=ssl#q=analyse+ports+ouverts userinitiated=1 browsetime=14 4/12/2016 2:44:36 PM Notice WebFilter date=2016-04-12 time=14:44:35 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=openclassrooms.com destinationport=443 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=https url=/courses/introduction-au-scan-de-ports userinitiated=1 browsetime=45 4/12/2016 2:49:52 PM Notice WebFilter date=2016-04-12 time=14:49:51 logver=1 type=traffic level=notice sessionid=31630964 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=www.inoculer.com destinationport=80 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=http url=/scannerdeports.php userinitiated=1 browsetime=316 4/12/2016 3:02:01 PM Notice FortiShield id=96851 user=DBLOG_SOURCE_SYSTEM msg="FortiShield is enabled" 4/12/2016 3:02:01 PM Notice VPN id=96602 msg="SSLVPN service started successfully." vpntype=ssl 4/12/2016 4:28:35 PM Warning FortiShield id=96855 msg="FortiShield blocked application: C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe from modifying: c:\\program files (x86)\\fortinet\\forticlient\\forticlient.exe:agc" 4/12/2016 4:31:31 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1 (OK" vpntunnel=HGH vpntype=ipsec 4/12/2016 4:31:34 PM Error VPN id=96567 msg="negotiation error, loc_ip=192.168.43.100 loc_port=4500 rem_ip=248.63.133.133 rem_port=4500 out_if=0 vpn_tunnel=HGH status=negotiate_error init=local mode=xauth_clinet stage=1 dir=inbound status=failureInitiator: parsed 248.63.133.133 aggressive mode message #1" vpntunnel=HGH vpntype=ipsec 4/12/2016 4:31:43 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=4500 remip=248.63.133.133 remport=4500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 4/12/2016 4:44:28 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1 (OK" vpntunnel=HGH vpntype=ipsec 4/12/2016 4:44:28 PM Error VPN id=96567 msg="negotiation error, loc_ip=192.168.43.100 loc_port=4500 rem_ip=248.63.133.133 rem_port=4500 out_if=0 vpn_tunnel=HGH status=negotiate_error init=local mode=xauth_clinet stage=1 dir=inbound status=failureInitiator: parsed 248.63.133.133 aggressive mode message #1" vpntunnel=HGH vpntype=ipsec 4/12/2016 4:44:40 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=4500 remip=248.63.133.133 remport=4500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 4/12/2016 4:49:46 PM Notice WebFilter date=2016-04-12 time=16:49:44 logver=1 type=traffic level=notice sessionid=30647016 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=www.msn.com destinationport=80 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=http url=/fr-fr/?ocid=iehp userinitiated=1 browsetime=169 4/12/2016 5:02:01 PM Notice WebFilter date=2016-04-12 time=17:02:00 logver=1 type=traffic level=notice sessionid=30647016 hostname=StockUK-PC uid=8B937BC1481647A9851B2DB4D221FC9C devid=FCT8001179371077 fgtserial=N/A regip=N/A srcname=IEXPLORE.EXE srcproduct="Internet Explorer" srcip=N/A srcport=N/A direction=outbound destinationip=N/A remotename=www.msn.com destinationport=80 user=Adminm proto=6 rcvdbyte=N/A sentbyte=N/A utmaction=userbrowsed utmevent=webfilter threat=N/A vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 7 Professional Edition, 64-bit Service Pack 1 (build 7601)" usingpolicy="" service=http url=/fr-fr/?ocid=iehp&AR=1 userinitiated=1 browsetime=1 4/12/2016 5:13:24 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1 (OK" vpntunnel=HGH vpntype=ipsec 4/12/2016 5:13:36 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 4/12/2016 5:15:50 PM Notice VPN id=96573 user=Adminm msg="VPN before logon was disabled" vpntype=ipsec 4/12/2016 5:15:50 PM Notice ESNAC id=96951 user=Adminm msg="Endpoint control policy synchronization was enabled" 4/12/2016 5:15:50 PM Notice Console id=96880 user=Adminm msg="User disabled WAN Acceleration" 4/12/2016 5:15:50 PM Warning SSOMA id=96982 user=Adminm msg="Single Sign-On Mobility Agent was disabled" 4/12/2016 5:15:50 PM Warning Console id=96840 user=Adminm msg="Fortiproxy is disabled" 4/12/2016 5:15:56 PM Debug Scheduler GUI change event 4/12/2016 5:15:56 PM Debug Update Update task is called with dwSession=-1 4/12/2016 5:15:56 PM Debug Update forticlient.fortinet.net 4/12/2016 5:15:56 PM Debug Update start_update_thread() called 4/12/2016 5:15:56 PM Debug Update Impersonated=0 4/12/2016 5:15:56 PM Debug Update update started... 4/12/2016 5:15:56 PM Debug Update update process sending request: 00000000FSCI00000000000000000000 4/12/2016 5:15:56 PM Debug Update update process sending request: 00000000FDNI00000000000000000000 4/12/2016 5:15:56 PM Debug Update update process sending request: 01000000FECT00000000000000000000 4/12/2016 5:15:56 PM Debug Update update process sending request: 05004000FVEN00800054009999999999 4/12/2016 5:15:56 PM Debug Update update process sending request: 05004000FCBN00000000009999999999 4/12/2016 5:15:56 PM Debug Update updatetask get virus info file failed 4/12/2016 5:15:58 PM Debug Scheduler GUI change event 4/12/2016 5:15:58 PM Debug Update scheduler called us 4/12/2016 5:15:58 PM Debug Update update process received object(1 of 3): FCPR 4/12/2016 5:15:58 PM Debug Update update process received object(2 of 3): FDNI 4/12/2016 5:15:58 PM Debug Update update process received object(3 of 3): FECT 4/12/2016 5:15:58 PM Debug Update update done 4/12/2016 5:15:58 PM Debug Update update thread exit 4/12/2016 5:15:58 PM Debug Update No update is available. 4/12/2016 5:15:59 PM Debug Scheduler FortiTrayApp : Received WM_USER_UPDATE_SUCCESS message, lParam=0x1 4/12/2016 5:15:59 PM Debug Scheduler GUI change event 4/12/2016 5:16:01 PM Debug ESNAC dwSilentReg false 4/12/2016 5:16:01 PM Debug ESNAC bFirstKA true 4/12/2016 5:16:01 PM Debug ESNAC Start searching for FGT 4/12/2016 5:16:01 PM Debug ESNAC Searching Default GW 4/12/2016 5:16:02 PM Debug ESNAC Timeout in select in SocketConnect 4/12/2016 5:16:02 PM Debug ESNAC Socket connect failed 4/12/2016 5:16:02 PM Debug ESNAC 192.168.43.1:8013, Secondary - 0 4/12/2016 5:16:02 PM Debug ESNAC End searching for FGT 4/12/2016 5:16:02 PM Debug Scheduler handle_processtermination() called 4/12/2016 5:16:02 PM Debug Scheduler child process terminates normally 4/12/2016 5:16:02 PM Debug Scheduler handle_processtermination() called 4/12/2016 5:16:02 PM Debug Scheduler child process terminates normally 4/12/2016 5:16:03 PM Debug Scheduler GUI change event 4/12/2016 5:16:07 PM Debug Scheduler (repeated 2 times in last 5 sec) GUI change event 4/12/2016 5:16:10 PM Debug Scheduler handle_processtermination() called 4/12/2016 5:16:10 PM Debug Scheduler child process terminates normally 4/12/2016 5:16:10 PM Debug Scheduler handle_processtermination() called 4/12/2016 5:16:10 PM Debug Scheduler child process terminates normally 4/12/2016 5:16:10 PM Debug Scheduler GUI change event 4/12/2016 5:16:14 PM Debug VPN hmac(modp1536) 4/12/2016 5:16:13 PM Debug VPN (repeated 1 times in last 0 sec) hmac(modp1536) 4/12/2016 5:16:14 PM Debug ESNAC IP Table Change 4/12/2016 5:16:16 PM Debug VPN configuration found for 248.63.133.133. 4/12/2016 5:16:16 PM Debug VPN IPsec-SA request for 248.63.133.133[500] queued due to no phase1 found. 4/12/2016 5:16:16 PM Debug VPN === 4/12/2016 5:16:16 PM Debug VPN initiate new phase 1 negotiation: 192.168.43.100[500]<=>248.63.133.133[500] 4/12/2016 5:16:16 PM Debug VPN begin Aggressive mode. 4/12/2016 5:16:16 PM Debug VPN new cookie: 7da4481851926523 4/12/2016 5:16:16 PM Debug VPN use ID type of IPv4_address 4/12/2016 5:16:16 PM Debug VPN compute DH's private. 4/12/2016 5:16:16 PM Debug VPN 66dce82c f1e01a82 6accfdb6 4f120cbe ca22bc9c 632f8ace c9d39027 2f6555d9 f10df6eb 484884a3 4086f8bb 5ba2be4a b3188e80 a66921b6 81a917d7 ff7d9605 d03e7746 426f7fd3 be2729b1 d1cfa2d3 93b48a17 cf235242 ef4a5255 dfc3e571 9869906a bd3b666e adb79c2c 776db914 ab150e8a bc86b95b e348c138 4fca2274 b0ef0d40 ab7b3d21 2bf74a31 3c8d0cb6 af2592ab a5e7ddae 0d5ce2e1 eb8caedd 778e6952 a59010fa c4e413e8 de008c4b 91669827 dbc8985c d49ed39c ff235173 4/12/2016 5:16:16 PM Debug VPN compute DH's public. 4/12/2016 5:16:16 PM Debug VPN 1e8d1d1c acc9300c 61571b3d 6f5f3bda 0da7a82c 8325a066 89e9b883 7c587ec4 ce22d8a8 2da3502c 43a8053e 80c38479 7e58269f bc7a80fc c9deb60b 28566056 678671bf 1d573cc7 5679927c de068aac ccdd4f23 9ff847b4 857f1dda ac104be6 c72dc860 31ae3508 45a8ca97 db4bdaf1 fbdbcfd3 8d5e72b8 db6b0232 b3869ffc c9e439df 6525213b d1bc74df 2d33a5bc 90bb4c29 b6f9051f c0460b06 21adc0a3 41e8365c b44c5d55 27e57b9f 191f0c24 14c926fd e30bf3de b4ef56f1 b4b4dd64 4/12/2016 5:16:16 PM Debug VPN authmethod is pre-shared key 4/12/2016 5:16:16 PM Debug VPN add payload of len 176, next type 4 4/12/2016 5:16:16 PM Debug VPN add payload of len 192, next type 10 4/12/2016 5:16:16 PM Debug VPN add payload of len 16, next type 5 4/12/2016 5:16:16 PM Debug VPN add payload of len 8, next type 13 4/12/2016 5:16:16 PM Debug VPN add payload of len 16, next type 13 4/12/2016 5:16:15 PM Debug VPN (repeated 3 times in last 0 sec) add payload of len 16, next type 13 4/12/2016 5:16:16 PM Debug VPN add payload of len 8, next type 13 4/12/2016 5:16:16 PM Debug VPN add payload of len 16, next type 13 4/12/2016 5:16:15 PM Debug VPN (repeated 1 times in last 0 sec) add payload of len 16, next type 13 4/12/2016 5:16:16 PM Debug VPN add payload of len 16, next type 0 4/12/2016 5:16:16 PM Debug VPN 588 bytes from 192.168.43.100[500] to 248.63.133.133[500] 4/12/2016 5:16:16 PM Debug VPN sockname 0.0.0.0[500] 4/12/2016 5:16:16 PM Debug VPN send packet from 192.168.43.100[500] 4/12/2016 5:16:16 PM Debug VPN send packet to 248.63.133.133[500] 4/12/2016 5:16:16 PM Debug VPN 1 times of 588 bytes message will be sent to 248.63.133.133[500] 4/12/2016 5:16:16 PM Debug VPN 7da44818 51926523 00000000 00000000 01100400 00000000 0000024c 040000b4 00000001 00000001 000000a8 01010004 03000028 01010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020002 80040005 03000028 02010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020002 8004000e 03000028 03010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020004 80040005 00000028 04010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020004 8004000e 0a0000c4 1e8d1d1c acc9300c 61571b3d 6f5f3bda 0da7a82c 8325a066 89e9b883 7c587ec4 ce22d8a8 2da3502c 43a8053e 80c38479 7e58269f bc7a80fc c9deb60b 28566056 678671bf 1d573cc7 5679927c de068aac ccdd4f23 9ff847b4 857f1dda ac104be6 c72dc860 31ae3508 45a8ca97 db4bdaf1 fbdbcfd3 8d5e72b8 db6b0232 b3869ffc c9e439df 6525213b d1bc74df 2d33a5bc 90bb4c29 b6f9051f c0460b06 21adc0a3 41e8365c b44c5d55 27e57b9f 191f0c24 14c926fd e30bf3de b4ef56f1 b4b4dd64 05000014 d4c4618c 5f780ba5 1a757558 dba0de4c 0d00000c 01000000 c0a82b64 0d000014 12f5f28c 457168a9 702d9fe2 74cc0 4/12/2016 5:16:16 PM Debug VPN resend phase1 packet 7da4481851926523:0000000000000000 4/12/2016 5:16:16 PM Notice VPN id=96566 msg="negotiation information, loc_ip=192.168.43.100 loc_port=500 rem_ip=248.63.133.133 rem_port=500 out_if=0 vpn_tunnel=HGH action=negotiate init=local mode=aggressive stage=1 dir=outbound status=success Initiator: sent 248.63.133.133 aggressive mode message #1 (OK" vpntunnel=HGH vpntype=ipsec 4/12/2016 5:16:17 PM Debug VPN CHKPH1THERE: no established ph1 handler found 4/12/2016 5:16:17 PM Debug VPN (repeated 1 times in last 1 sec) CHKPH1THERE: no established ph1 handler found 4/12/2016 5:16:19 PM Debug VPN 588 bytes from 192.168.43.100[500] to 248.63.133.133[500] 4/12/2016 5:16:19 PM Debug VPN sockname 0.0.0.0[500] 4/12/2016 5:16:19 PM Debug VPN send packet from 192.168.43.100[500] 4/12/2016 5:16:19 PM Debug VPN send packet to 248.63.133.133[500] 4/12/2016 5:16:19 PM Debug VPN 1 times of 588 bytes message will be sent to 248.63.133.133[500] 4/12/2016 5:16:19 PM Debug VPN 7da44818 51926523 00000000 00000000 01100400 00000000 0000024c 040000b4 00000001 00000001 000000a8 01010004 03000028 01010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020002 80040005 03000028 02010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020002 8004000e 03000028 03010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020004 80040005 00000028 04010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020004 8004000e 0a0000c4 1e8d1d1c acc9300c 61571b3d 6f5f3bda 0da7a82c 8325a066 89e9b883 7c587ec4 ce22d8a8 2da3502c 43a8053e 80c38479 7e58269f bc7a80fc c9deb60b 28566056 678671bf 1d573cc7 5679927c de068aac ccdd4f23 9ff847b4 857f1dda ac104be6 c72dc860 31ae3508 45a8ca97 db4bdaf1 fbdbcfd3 8d5e72b8 db6b0232 b3869ffc c9e439df 6525213b d1bc74df 2d33a5bc 90bb4c29 b6f9051f c0460b06 21adc0a3 41e8365c b44c5d55 27e57b9f 191f0c24 14c926fd e30bf3de b4ef56f1 b4b4dd64 05000014 d4c4618c 5f780ba5 1a757558 dba0de4c 0d00000c 01000000 c0a82b64 0d000014 12f5f28c 457168a9 702d9fe2 74cc0 4/12/2016 5:16:19 PM Debug VPN resend phase1 packet 7da4481851926523:0000000000000000 4/12/2016 5:16:19 PM Debug VPN CHKPH1THERE: no established ph1 handler found 4/12/2016 5:16:19 PM Debug VPN (repeated 1 times in last 1 sec) CHKPH1THERE: no established ph1 handler found 4/12/2016 5:16:21 PM Debug ESNAC Timeout in select in SocketConnect 4/12/2016 5:16:21 PM Debug ESNAC dwSilentReg false 4/12/2016 5:16:21 PM Debug ESNAC bFirstKA true 4/12/2016 5:16:21 PM Debug ESNAC Start searching for FGT 4/12/2016 5:16:21 PM Debug ESNAC Searching Default GW 4/12/2016 5:16:21 PM Debug VPN CHKPH1THERE: no established ph1 handler found 4/12/2016 5:16:21 PM Debug ESNAC IP Table Change 4/12/2016 5:16:22 PM Debug ESNAC Timeout in select in SocketConnect 4/12/2016 5:16:22 PM Debug ESNAC Socket connect failed 4/12/2016 5:16:22 PM Debug ESNAC 192.168.43.1:8013, Secondary - 0 4/12/2016 5:16:22 PM Debug ESNAC End searching for FGT 4/12/2016 5:16:22 PM Debug VPN 588 bytes from 192.168.43.100[500] to 248.63.133.133[500] 4/12/2016 5:16:22 PM Debug VPN sockname 0.0.0.0[500] 4/12/2016 5:16:22 PM Debug VPN send packet from 192.168.43.100[500] 4/12/2016 5:16:22 PM Debug VPN send packet to 248.63.133.133[500] 4/12/2016 5:16:22 PM Debug VPN 1 times of 588 bytes message will be sent to 248.63.133.133[500] 4/12/2016 5:16:22 PM Debug VPN 7da44818 51926523 00000000 00000000 01100400 00000000 0000024c 040000b4 00000001 00000001 000000a8 01010004 03000028 01010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020002 80040005 03000028 02010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020002 8004000e 03000028 03010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020004 80040005 00000028 04010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020004 8004000e 0a0000c4 1e8d1d1c acc9300c 61571b3d 6f5f3bda 0da7a82c 8325a066 89e9b883 7c587ec4 ce22d8a8 2da3502c 43a8053e 80c38479 7e58269f bc7a80fc c9deb60b 28566056 678671bf 1d573cc7 5679927c de068aac ccdd4f23 9ff847b4 857f1dda ac104be6 c72dc860 31ae3508 45a8ca97 db4bdaf1 fbdbcfd3 8d5e72b8 db6b0232 b3869ffc c9e439df 6525213b d1bc74df 2d33a5bc 90bb4c29 b6f9051f c0460b06 21adc0a3 41e8365c b44c5d55 27e57b9f 191f0c24 14c926fd e30bf3de b4ef56f1 b4b4dd64 05000014 d4c4618c 5f780ba5 1a757558 dba0de4c 0d00000c 01000000 c0a82b64 0d000014 12f5f28c 457168a9 702d9fe2 74cc0 4/12/2016 5:16:22 PM Debug VPN resend phase1 packet 7da4481851926523:0000000000000000 4/12/2016 5:16:22 PM Debug VPN CHKPH1THERE: no established ph1 handler found 4/12/2016 5:16:23 PM Debug VPN (repeated 2 times in last 2 sec) CHKPH1THERE: no established ph1 handler found 4/12/2016 5:16:25 PM Debug VPN 588 bytes from 192.168.43.100[500] to 248.63.133.133[500] 4/12/2016 5:16:25 PM Debug VPN sockname 0.0.0.0[500] 4/12/2016 5:16:25 PM Debug VPN send packet from 192.168.43.100[500] 4/12/2016 5:16:25 PM Debug VPN send packet to 248.63.133.133[500] 4/12/2016 5:16:25 PM Debug VPN 1 times of 588 bytes message will be sent to 248.63.133.133[500] 4/12/2016 5:16:25 PM Debug VPN 7da44818 51926523 00000000 00000000 01100400 00000000 0000024c 040000b4 00000001 00000001 000000a8 01010004 03000028 01010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020002 80040005 03000028 02010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020002 8004000e 03000028 03010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020004 80040005 00000028 04010000 800b0001 000c0004 00015180 80010007 800e0100 80030001 80020004 8004000e 0a0000c4 1e8d1d1c acc9300c 61571b3d 6f5f3bda 0da7a82c 8325a066 89e9b883 7c587ec4 ce22d8a8 2da3502c 43a8053e 80c38479 7e58269f bc7a80fc c9deb60b 28566056 678671bf 1d573cc7 5679927c de068aac ccdd4f23 9ff847b4 857f1dda ac104be6 c72dc860 31ae3508 45a8ca97 db4bdaf1 fbdbcfd3 8d5e72b8 db6b0232 b3869ffc c9e439df 6525213b d1bc74df 2d33a5bc 90bb4c29 b6f9051f c0460b06 21adc0a3 41e8365c b44c5d55 27e57b9f 191f0c24 14c926fd e30bf3de b4ef56f1 b4b4dd64 05000014 d4c4618c 5f780ba5 1a757558 dba0de4c 0d00000c 01000000 c0a82b64 0d000014 12f5f28c 457168a9 702d9fe2 74cc0 4/12/2016 5:16:25 PM Debug VPN resend phase1 packet 7da4481851926523:0000000000000000 4/12/2016 5:16:25 PM Debug VPN CHKPH1THERE: no established ph1 handler found 4/12/2016 5:16:26 PM Debug VPN (repeated 2 times in last 2 sec) CHKPH1THERE: no established ph1 handler found 4/12/2016 5:16:28 PM Debug VPN phase1 negotiation failed due to time up. 7da4481851926523:0000000000000000 4/12/2016 5:16:28 PM Warning VPN id=96561 msg="locip=192.168.43.100 locport=500 remip=248.63.133.133 remport=500 outif=0 vpntunnel=HGH status=negotiate_error No response from the peer, phase1 retransmit reaches maximum count..." vpntunnel=HGH vpntype=ipsec 4/12/2016 5:16:28 PM Debug VPN an undead schedule has been deleted. 4/12/2016 5:16:31 PM Debug Scheduler handle_processtermination() called 4/12/2016 5:16:31 PM Debug Scheduler child process terminates normally 4/12/2016 5:16:33 PM Debug ESNAC Timeout in select in SocketConnect 4/12/2016 5:16:33 PM Debug ESNAC dwSilentReg false 4/12/2016 5:16:33 PM Debug ESNAC bFirstKA true 4/12/2016 5:16:33 PM Debug ESNAC Start searching for FGT 4/12/2016 5:16:33 PM Debug ESNAC Searching Default GW 4/12/2016 5:16:34 PM Debug ESNAC Timeout in select in SocketConnect 4/12/2016 5:16:34 PM Debug ESNAC Socket connect failed 4/12/2016 5:16:34 PM Debug ESNAC 192.168.43.1:8013, Secondary - 0 4/12/2016 5:16:34 PM Debug ESNAC End searching for FGT
I hope it can be helpful for "someone who know how"!
Thanks,
In the CLI , when I set the following commands
diag debug app ike -1 diag debug enable
Here are the results : Connected FG_HGH_IGNY # diag debug app ike -1 FG_HGH_IGNY # diag debug enable FG_HGH_IGNY # ike 0: comes 80.215.129.4:31668->193.248.63.133:500,ifindex=21.... ike 0: IKEv1 exchange=Aggressive id=486fccdf3f2aa7b2/0000000000000000 len=588 ike 0: in 486FCCDF3F2AA7B2000000000000000001100400000000000000024C040000B40000000100000001000000A8010100040300002801010000800B0001000C00040001518080010007800E01008003000180020002800400050300002802010000800B0001000C00040001518080010007800E010080030001800200028004000E0300002803010000800B0001000C00040001518080010007800E01008003000180020004800400050000002804010000800B0001000C00040001518080010007800E010080030001800200048004000E0A0000C4B18624FE24DE5CFA5CD23027B57C112D68C8A242952FCC51570BE3EF907D341484B2F7BE2F7F4E077976531F5888EDCA80DA4FE61235E8F4BCE6FD5972B77BCBFE27FE66FD0F08F2E84DADAFDDE06F33819A931E4E143641D0CC48BF0CD9A62509CF7288FAE4058C5D873900CC3D2DBC87A3A0218EACD7C909AB0DE1F81529EBEF1DA23434F835FB52257C0963CC89D5EABDC2CA3DC4E25E74F5A8A8961C9D560AEF7B0427E8C1DD820EAE62A4BB64EC1F576ABFE06CFB1408C1611B7C3D1892050000148A00C6C6F84EFAA6519D6369A04BDEEA0D00000C01000000C0A82B640D00001412F5F28C457168A9702D9FE274CC01000D0000144A131C81070358455C5728F20E95452F0D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D000014AFCAD71368A1F1C96B8696FC775701000D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E ike 0:486fccdf3f2aa7b2/0000000000000000:23: responder: aggressive mode get 1st message... ike 0:486fccdf3f2aa7b2/0000000000000000:23: VID CISCO-UNITY 12F5F28C457168A9702D9FE274CC0100 ike 0:486fccdf3f2aa7b2/0000000000000000:23: VID RFC 3947 4A131C81070358455C5728F20E95452F ike 0:486fccdf3f2aa7b2/0000000000000000:23: VID draft-ietf-ipsec-nat-t-ike-02 CD60464335DF21F87CFDB2FC68B6A448 ike 0:486fccdf3f2aa7b2/0000000000000000:23: VID draft-ietf-ipsec-nat-t-ike-02\n 90CB80913EBB696E086381B5EC427B1F ike 0:486fccdf3f2aa7b2/0000000000000000:23: VID draft-ietf-ipsra-isakmp-xauth-06.txt 09002689DFD6B712 ike 0:486fccdf3f2aa7b2/0000000000000000:23: VID DPD AFCAD71368A1F1C96B8696FC77570100 ike 0:486fccdf3f2aa7b2/0000000000000000:23: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF ike 0:486fccdf3f2aa7b2/0000000000000000:23: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E ike 0: cache rebuild start ike 0:HGH_IPSEC: cached as dynamic ike 0: cache rebuild done ike 0: IKEv1 Aggressive, comes 80.215.129.4:31668->193.248.63.133 21 ike 0:HGH_IPSEC: ignoring IKE request, no policy configured ike 0:486fccdf3f2aa7b2/0000000000000000:23: negotiation failure ike Negotiate ISAKMP SA Error: ike 0:486fccdf3f2aa7b2/0000000000000000:23: no SA proposal chosen ike 0: comes 80.215.129.4:31668->193.248.63.133:500,ifindex=21.... ike 0: IKEv1 exchange=Aggressive id=486fccdf3f2aa7b2/0000000000000000 len=588 ike 0: in 486FCCDF3F2AA7B2000000000000000001100400000000000000024C040000B40000000100000001000000A8010100040300002801010000800B0001000C00040001518080010007800E01008003000180020002800400050300002802010000800B0001000C00040001518080010007800E010080030001800200028004000E0300002803010000800B0001000C00040001518080010007800E01008003000180020004800400050000002804010000800B0001000C00040001518080010007800E010080030001800200048004000E0A0000C4B18624FE24DE5CFA5CD23027B57C112D68C8A242952FCC51570BE3EF907D341484B2F7BE2F7F4E077976531F5888EDCA80DA4FE61235E8F4BCE6FD5972B77BCBFE27FE66FD0F08F2E84DADAFDDE06F33819A931E4E143641D0CC48BF0CD9A62509CF7288FAE4058C5D873900CC3D2DBC87A3A0218EACD7C909AB0DE1F81529EBEF1DA23434F835FB52257C0963CC89D5EABDC2CA3DC4E25E74F5A8A8961C9D560AEF7B0427E8C1DD820EAE62A4BB64EC1F576ABFE06CFB1408C1611B7C3D1892050000148A00C6C6F84EFAA6519D6369A04BDEEA0D00000C01000000C0A82B640D00001412F5F28C457168A9702D9FE274CC01000D0000144A131C81070358455C5728F20E95452F0D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D000014AFCAD71368A1F1C96B8696FC775701000D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E ike 0:486fccdf3f2aa7b2/0000000000000000:24: responder: aggressive mode get 1st message... ike 0:486fccdf3f2aa7b2/0000000000000000:24: VID CISCO-UNITY 12F5F28C457168A9702D9FE274CC0100 ike 0:486fccdf3f2aa7b2/0000000000000000:24: VID RFC 3947 4A131C81070358455C5728F20E95452F ike 0:486fccdf3f2aa7b2/0000000000000000:24: VID draft-ietf-ipsec-nat-t-ike-02 CD60464335DF21F87CFDB2FC68B6A448 ike 0:486fccdf3f2aa7b2/0000000000000000:24: VID draft-ietf-ipsec-nat-t-ike-02\n 90CB80913EBB696E086381B5EC427B1F ike 0:486fccdf3f2aa7b2/0000000000000000:24: VID draft-ietf-ipsra-isakmp-xauth-06.txt 09002689DFD6B712 ike 0:486fccdf3f2aa7b2/0000000000000000:24: VID DPD AFCAD71368A1F1C96B8696FC77570100 ike 0:486fccdf3f2aa7b2/0000000000000000:24: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF ike 0:486fccdf3f2aa7b2/0000000000000000:24: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E ike 0: IKEv1 Aggressive, comes 80.215.129.4:31668->193.248.63.133 21 ike 0:HGH_IPSEC: ignoring IKE request, no policy configured ike 0:486fccdf3f2aa7b2/0000000000000000:24: negotiation failure ike Negotiate ISAKMP SA Error: ike 0:486fccdf3f2aa7b2/0000000000000000:24: no SA proposal chosen ike 0: comes 80.215.129.4:31668->193.248.63.133:500,ifindex=21.... ike 0: IKEv1 exchange=Aggressive id=486fccdf3f2aa7b2/0000000000000000 len=588 ike 0: in 486FCCDF3F2AA7B2000000000000000001100400000000000000024C040000B40000000100000001000000A8010100040300002801010000800B0001000C00040001518080010007800E01008003000180020002800400050300002802010000800B0001000C00040001518080010007800E010080030001800200028004000E0300002803010000800B0001000C00040001518080010007800E01008003000180020004800400050000002804010000800B0001000C00040001518080010007800E010080030001800200048004000E0A0000C4B18624FE24DE5CFA5CD23027B57C112D68C8A242952FCC51570BE3EF907D341484B2F7BE2F7F4E077976531F5888EDCA80DA4FE61235E8F4BCE6FD5972B77BCBFE27FE66FD0F08F2E84DADAFDDE06F33819A931E4E143641D0CC48BF0CD9A62509CF7288FAE4058C5D873900CC3D2DBC87A3A0218EACD7C909AB0DE1F81529EBEF1DA23434F835FB52257C0963CC89D5EABDC2CA3DC4E25E74F5A8A8961C9D560AEF7B0427E8C1DD820EAE62A4BB64EC1F576ABFE06CFB1408C1611B7C3D1892050000148A00C6C6F84EFAA6519D6369A04BDEEA0D00000C01000000C0A82B640D00001412F5F28C457168A9702D9FE274CC01000D0000144A131C81070358455C5728F20E95452F0D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D000014AFCAD71368A1F1C96B8696FC775701000D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E ike 0:486fccdf3f2aa7b2/0000000000000000:25: responder: aggressive mode get 1st message... ike 0:486fccdf3f2aa7b2/0000000000000000:25: VID CISCO-UNITY 12F5F28C457168A9702D9FE274CC0100 ike 0:486fccdf3f2aa7b2/0000000000000000:25: VID RFC 3947 4A131C81070358455C5728F20E95452F ike 0:486fccdf3f2aa7b2/0000000000000000:25: VID draft-ietf-ipsec-nat-t-ike-02 CD60464335DF21F87CFDB2FC68B6A448 ike 0:486fccdf3f2aa7b2/0000000000000000:25: VID draft-ietf-ipsec-nat-t-ike-02\n 90CB80913EBB696E086381B5EC427B1F ike 0:486fccdf3f2aa7b2/0000000000000000:25: VID draft-ietf-ipsra-isakmp-xauth-06.txt 09002689DFD6B712 ike 0:486fccdf3f2aa7b2/0000000000000000:25: VID DPD AFCAD71368A1F1C96B8696FC77570100 ike 0:486fccdf3f2aa7b2/0000000000000000:25: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF ike 0:486fccdf3f2aa7b2/0000000000000000:25: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E ike 0: IKEv1 Aggressive, comes 80.215.129.4:31668->193.248.63.133 21 ike 0:HGH_IPSEC: ignoring IKE request, no policy configured ike 0:486fccdf3f2aa7b2/0000000000000000:25: negotiation failure ike Negotiate ISAKMP SA Error: ike 0:486fccdf3f2aa7b2/0000000000000000:25: no SA proposal chosen ike 0: comes 80.215.129.4:31668->193.248.63.133:500,ifindex=21.... ike 0: IKEv1 exchange=Aggressive id=486fccdf3f2aa7b2/0000000000000000 len=588 ike 0: in 486FCCDF3F2AA7B2000000000000000001100400000000000000024C040000B40000000100000001000000A8010100040300002801010000800B0001000C00040001518080010007800E01008003000180020002800400050300002802010000800B0001000C00040001518080010007800E010080030001800200028004000E0300002803010000800B0001000C00040001518080010007800E01008003000180020004800400050000002804010000800B0001000C00040001518080010007800E010080030001800200048004000E0A0000C4B18624FE24DE5CFA5CD23027B57C112D68C8A242952FCC51570BE3EF907D341484B2F7BE2F7F4E077976531F5888EDCA80DA4FE61235E8F4BCE6FD5972B77BCBFE27FE66FD0F08F2E84DADAFDDE06F33819A931E4E143641D0CC48BF0CD9A62509CF7288FAE4058C5D873900CC3D2DBC87A3A0218EACD7C909AB0DE1F81529EBEF1DA23434F835FB52257C0963CC89D5EABDC2CA3DC4E25E74F5A8A8961C9D560AEF7B0427E8C1DD820EAE62A4BB64EC1F576ABFE06CFB1408C1611B7C3D1892050000148A00C6C6F84EFAA6519D6369A04BDEEA0D00000C01000000C0A82B640D00001412F5F28C457168A9702D9FE274CC01000D0000144A131C81070358455C5728F20E95452F0D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D000014AFCAD71368A1F1C96B8696FC775701000D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E ike 0:486fccdf3f2aa7b2/0000000000000000:26: responder: aggressive mode get 1st message... ike 0:486fccdf3f2aa7b2/0000000000000000:26: VID CISCO-UNITY 12F5F28C457168A9702D9FE274CC0100 ike 0:486fccdf3f2aa7b2/0000000000000000:26: VID RFC 3947 4A131C81070358455C5728F20E95452F ike 0:486fccdf3f2aa7b2/0000000000000000:26: VID draft-ietf-ipsec-nat-t-ike-02 CD60464335DF21F87CFDB2FC68B6A448 ike 0:486fccdf3f2aa7b2/0000000000000000:26: VID draft-ietf-ipsec-nat-t-ike-02\n 90CB80913EBB696E086381B5EC427B1F ike 0:486fccdf3f2aa7b2/0000000000000000:26: VID draft-ietf-ipsra-isakmp-xauth-06.txt 09002689DFD6B712 ike 0:486fccdf3f2aa7b2/0000000000000000:26: VID DPD AFCAD71368A1F1C96B8696FC77570100 ike 0:486fccdf3f2aa7b2/0000000000000000:26: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF ike 0:486fccdf3f2aa7b2/0000000000000000:26: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E ike 0: IKEv1 Aggressive, comes 80.215.129.4:31668->193.248.63.133 21 ike 0:HGH_IPSEC: ignoring IKE request, no policy configured ike 0:486fccdf3f2aa7b2/0000000000000000:26: negotiation failure ike Negotiate ISAKMP SA Error: ike 0:486fccdf3f2aa7b2/0000000000000000:26: no SA proposal chosen ike shrank heap by 126976 bytes
From FGT debug, it show up "ike 0:HGH_IPSEC: ignoring IKE request, no policy configured". Try to set up Policy for ipsec.
Mostly you just debug on FGT side, you may use Forticlient v5.2 for FGT v5.2, some default setting is changed. Thanks.
Thanks Jeff,
It seems I now got an error a little bit later in the process :)
Connected
FG_HGH_IGNY # diag debug app ike -1
FG_HGH_IGNY # diag debug enable
FG_HGH_IGNY # ike 0: comes 80.215.152.19:49140->193.248.63.133:500,ifindex=21....
ike 0: IKEv1 exchange=Aggressive id=31da635e6573032f/0000000000000000 len=570
ike 0: in 31DA635E6573032F000000000000000001100400000000000000023A040001040000000100000001000000F8010100060300002801010000800B0001000C00040001518080010007800E00808003000180020001800400010300002802010000800B0001000C00040001518080010007800E00808003000180020001800400050300002803010000800B0001000C00040001518080010007800E008080030001800200018004000E0300002804010000800B0001000C00040001518080010007800E00808003000180020002800400010300002805010000800B0001000C00040001518080010007800E00808003000180020002800400050000002806010000800B0001000C00040001518080010007800E008080030001800200028004000E0A0000643E8D3FBE6DF7A7017124E6E1950B8EB319C67B0049F99663913CD03890881EBF326953B68C6BE535EEA865CFD47874DB825B4177F9836BBBB080E09BCAC21A2940844B23FFB7CA6E01F393D5D28B6980E69D1E906181E2EBDE11DD2894AA42AC05000014BBCA22FC076D95510329DB11D62023F20D00000A0200000032300D00001412F5F28C457168A9702D9FE274CC01000D0000144A131C81070358455C5728F20E95452F0D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D000014AFCAD71368A1F1C96B8696FC775701000D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E
ike 0:31da635e6573032f/0000000000000000:53: responder: aggressive mode get 1st message...
ike 0:31da635e6573032f/0000000000000000:53: VID CISCO-UNITY 12F5F28C457168A9702D9FE274CC0100
ike 0:31da635e6573032f/0000000000000000:53: VID RFC 3947 4A131C81070358455C5728F20E95452F
ike 0:31da635e6573032f/0000000000000000:53: VID draft-ietf-ipsec-nat-t-ike-02 CD60464335DF21F87CFDB2FC68B6A448
ike 0:31da635e6573032f/0000000000000000:53: VID draft-ietf-ipsec-nat-t-ike-02\n 90CB80913EBB696E086381B5EC427B1F
ike 0:31da635e6573032f/0000000000000000:53: VID draft-ietf-ipsra-isakmp-xauth-06.txt 09002689DFD6B712
ike 0:31da635e6573032f/0000000000000000:53: VID DPD AFCAD71368A1F1C96B8696FC77570100
ike 0:31da635e6573032f/0000000000000000:53: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF
ike 0:31da635e6573032f/0000000000000000:53: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E
ike 0: cache rebuild start
ike 0:HGH_IPSEC: cached as dynamic
ike 0: cache rebuild done
ike 0: IKEv1 Aggressive, comes 80.215.152.19:49140->193.248.63.133 21, peer-id=20
ike 0:31da635e6573032f/0000000000000000:53: negotiation result
ike 0:31da635e6573032f/0000000000000000:53: proposal id = 1:
ike 0:31da635e6573032f/0000000000000000:53: protocol id = ISAKMP:
ike 0:31da635e6573032f/0000000000000000:53: trans_id = KEY_IKE.
ike 0:31da635e6573032f/0000000000000000:53: encapsulation = IKE/none
ike 0:31da635e6573032f/0000000000000000:53: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC.
ike 0:31da635e6573032f/0000000000000000:53: type=OAKLEY_HASH_ALG, val=MD5.
ike 0:31da635e6573032f/0000000000000000:53: type=AUTH_METHOD, val=PRESHARED_KEY.
ike 0:31da635e6573032f/0000000000000000:53: type=OAKLEY_GROUP, val=MODP2048.
ike 0:31da635e6573032f/0000000000000000:53: ISAKMP SA lifetime=86400
ike 0:31da635e6573032f/0000000000000000:53: SA proposal chosen, matched gateway HGH_IPSEC
ike 0:HGH_IPSEC:53: received peer identifier FQDN '20'
ike 0:HGH_IPSEC:53: DPD negotiated
ike 0:HGH_IPSEC:53: peer supports UNITY
ike 0:HGH_IPSEC:53: enable FortiClient license check
ike 0:HGH_IPSEC:53: enable FortiClient endpoint compliance check, use 169.254.1.1
ike 0:HGH_IPSEC:53: selected NAT-T version: RFC 3947
ike 0:HGH_IPSEC:53: cookie 31da635e6573032f/b275f377f0eccaee
ike 0:HGH_IPSEC:53: ISAKMP SA 31da635e6573032f/b275f377f0eccaee key 16:E9E8767B34A3D0372F687BC1D6EC4530
ike 0:HGH_IPSEC:53: out 31DA635E6573032FB275F377F0ECCAEE01100400000000000000022E0400003C000000010000000100000030010100010000002803010000800B0001000C00040001518080010007800E008080030001800200018004000E0A00010457B1A2E2F80CF7CD57F0A427B7D3B14C9952DB4AA60810D856E3FFE622CCE21FD4B9FE13C9B8A6ECD51A7A4F2DFB3C9ED0F901728333D373E8EED85F6D87003C082B404C6BA613F4C6DBF7F35496532156E781F7D016151B19E9E825630299FC90D5890FFACD8A6CAC134135D4781BECA5C06D36BBBC7204BDDACE7329F6C5E007979AB20A09B1EC882C3A07541C05EB45780DCFECE6E2E24F99DD57C2EE1AD42220A1A1CDA18FBCFDF390BA632B95F25B26FFA9AA25245C8EBEFDE751CB61687D7CECF78949DB3D2615A5F5147DEEC8C904C196D046B5A66CF669D0756E485502F23BE516F3FD6E15F2B446F7097CA78EBD6E78CD252B568FE051B5D3D81CD30500001429EC78B82A094FA38DEEF13F0291E9F90800000A0200000031300D0000149FCE6AAC95189EA38668067EB9F06031140000144A131C81070358455C5728F20E95452F14000014BF023157ED2A33B13340B98B58D45B150D000014F991DCE3DD3E8E9F92758B49069D32220D000014AFCAD71368A1F1C96B8696FC775701000D00001412F5F28C457168A9702D9FE274CC02040D0000144C53427B6D465D1B337BB755A37A7FEF0D000014B4F01CA951E9DA8D0BAFBBD34AD3044E000000148299031757A36082C6A621DE000502CE
ike 0:HGH_IPSEC:53: sent IKE msg (agg_r1send): 193.248.63.133:500->80.215.152.19:49140, len=558, id=31da635e6573032f/b275f377f0eccaee
ike 0: comes 80.215.152.19:49204->193.248.63.133:4500,ifindex=21....
ike 0: IKEv1 exchange=Aggressive id=31da635e6573032f/0000000000000000 len=570
ike 0: in 31DA635E6573032F000000000000000001100400000000000000023A040001040000000100000001000000F8010100060300002801010000800B0001000C00040001518080010007800E00808003000180020001800400010300002802010000800B0001000C00040001518080010007800E00808003000180020001800400050300002803010000800B0001000C00040001518080010007800E008080030001800200018004000E0300002804010000800B0001000C00040001518080010007800E00808003000180020002800400010300002805010000800B0001000C00040001518080010007800E00808003000180020002800400050000002806010000800B0001000C00040001518080010007800E008080030001800200028004000E0A0000643E8D3FBE6DF7A7017124E6E1950B8EB319C67B0049F99663913CD03890881EBF326953B68C6BE535EEA865CFD47874DB825B4177F9836BBBB080E09BCAC21A2940844B23FFB7CA6E01F393D5D28B6980E69D1E906181E2EBDE11DD2894AA42AC05000014BBCA22FC076D95510329DB11D62023F20D00000A0200000032300D00001412F5F28C457168A9702D9FE274CC01000D0000144A131C81070358455C5728F20E95452F0D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D000014AFCAD71368A1F1C96B8696FC775701000D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E
ike 0:HGH_IPSEC:53: retransmission, re-send last message
ike 0:HGH_IPSEC:53: out 31DA635E6573032FB275F377F0ECCAEE01100400000000000000022E0400003C000000010000000100000030010100010000002803010000800B0001000C00040001518080010007800E008080030001800200018004000E0A00010457B1A2E2F80CF7CD57F0A427B7D3B14C9952DB4AA60810D856E3FFE622CCE21FD4B9FE13C9B8A6ECD51A7A4F2DFB3C9ED0F901728333D373E8EED85F6D87003C082B404C6BA613F4C6DBF7F35496532156E781F7D016151B19E9E825630299FC90D5890FFACD8A6CAC134135D4781BECA5C06D36BBBC7204BDDACE7329F6C5E007979AB20A09B1EC882C3A07541C05EB45780DCFECE6E2E24F99DD57C2EE1AD42220A1A1CDA18FBCFDF390BA632B95F25B26FFA9AA25245C8EBEFDE751CB61687D7CECF78949DB3D2615A5F5147DEEC8C904C196D046B5A66CF669D0756E485502F23BE516F3FD6E15F2B446F7097CA78EBD6E78CD252B568FE051B5D3D81CD30500001429EC78B82A094FA38DEEF13F0291E9F90800000A0200000031300D0000149FCE6AAC95189EA38668067EB9F06031140000144A131C81070358455C5728F20E95452F14000014BF023157ED2A33B13340B98B58D45B150D000014F991DCE3DD3E8E9F92758B49069D32220D000014AFCAD71368A1F1C96B8696FC775701000D00001412F5F28C457168A9702D9FE274CC02040D0000144C53427B6D465D1B337BB755A37A7FEF0D000014B4F01CA951E9DA8D0BAFBBD34AD3044E000000148299031757A36082C6A621DE000502CE
ike 0:HGH_IPSEC:53: sent IKE msg (retransmit): 193.248.63.133:4500->80.215.152.19:49140, len=558, id=31da635e6573032f/b275f377f0eccaee
ike 0:HGH_IPSEC:53: out 31DA635E6573032FB275F377F0ECCAEE01100400000000000000022E0400003C000000010000000100000030010100010000002803010000800B0001000C00040001518080010007800E008080030001800200018004000E0A00010457B1A2E2F80CF7CD57F0A427B7D3B14C9952DB4AA60810D856E3FFE622CCE21FD4B9FE13C9B8A6ECD51A7A4F2DFB3C9ED0F901728333D373E8EED85F6D87003C082B404C6BA613F4C6DBF7F35496532156E781F7D016151B19E9E825630299FC90D5890FFACD8A6CAC134135D4781BECA5C06D36BBBC7204BDDACE7329F6C5E007979AB20A09B1EC882C3A07541C05EB45780DCFECE6E2E24F99DD57C2EE1AD42220A1A1CDA18FBCFDF390BA632B95F25B26FFA9AA25245C8EBEFDE751CB61687D7CECF78949DB3D2615A5F5147DEEC8C904C196D046B5A66CF669D0756E485502F23BE516F3FD6E15F2B446F7097CA78EBD6E78CD252B568FE051B5D3D81CD30500001429EC78B82A094FA38DEEF13F0291E9F90800000A0200000031300D0000149FCE6AAC95189EA38668067EB9F06031140000144A131C81070358455C5728F20E95452F14000014BF023157ED2A33B13340B98B58D45B150D000014F991DCE3DD3E8E9F92758B49069D32220D000014AFCAD71368A1F1C96B8696FC775701000D00001412F5F28C457168A9702D9FE274CC02040D0000144C53427B6D465D1B337BB755A37A7FEF0D000014B4F01CA951E9DA8D0BAFBBD34AD3044E000000148299031757A36082C6A621DE000502CE
ike 0:HGH_IPSEC:53: sent IKE msg (P1_RETRANSMIT): 193.248.63.133:4500->80.215.152.19:49140, len=558, id=31da635e6573032f/b275f377f0eccaee
ike 0: comes 80.215.152.19:49204->193.248.63.133:4500,ifindex=21....
ike 0: comes 80.215.152.19:49204->193.248.63.133:4500,ifindex=21....
ike shrank heap by 118784 bytes
ike 0:HGH_IPSEC:53: out 31DA635E6573032FB275F377F0ECCAEE01100400000000000000022E0400003C000000010000000100000030010100010000002803010000800B0001000C00040001518080010007800E008080030001800200018004000E0A00010457B1A2E2F80CF7CD57F0A427B7D3B14C9952DB4AA60810D856E3FFE622CCE21FD4B9FE13C9B8A6ECD51A7A4F2DFB3C9ED0F901728333D373E8EED85F6D87003C082B404C6BA613F4C6DBF7F35496532156E781F7D016151B19E9E825630299FC90D5890FFACD8A6CAC134135D4781BECA5C06D36BBBC7204BDDACE7329F6C5E007979AB20A09B1EC882C3A07541C05EB45780DCFECE6E2E24F99DD57C2EE1AD42220A1A1CDA18FBCFDF390BA632B95F25B26FFA9AA25245C8EBEFDE751CB61687D7CECF78949DB3D2615A5F5147DEEC8C904C196D046B5A66CF669D0756E485502F23BE516F3FD6E15F2B446F7097CA78EBD6E78CD252B568FE051B5D3D81CD30500001429EC78B82A094FA38DEEF13F0291E9F90800000A0200000031300D0000149FCE6AAC95189EA38668067EB9F06031140000144A131C81070358455C5728F20E95452F14000014BF023157ED2A33B13340B98B58D45B150D000014F991DCE3DD3E8E9F92758B49069D32220D000014AFCAD71368A1F1C96B8696FC775701000D00001412F5F28C457168A9702D9FE274CC02040D0000144C53427B6D465D1B337BB755A37A7FEF0D000014B4F01CA951E9DA8D0BAFBBD34AD3044E000000148299031757A36082C6A621DE000502CE
ike 0:HGH_IPSEC:53: sent IKE msg (P1_RETRANSMIT): 193.248.63.133:4500->80.215.152.19:49140, len=558, id=31da635e6573032f/b275f377f0eccaee
ike 0:HGH_IPSEC:53: negotiation timeout, deleting
ike 0:HGH_IPSEC: connection expiring due to phase1 down
ike 0:HGH_IPSEC: deleting
ike 0:HGH_IPSEC: flushing
ike 0:HGH_IPSEC: sending SNMP tunnel DOWN trap
ike 0:HGH_IPSEC: flushed
ike 0:HGH_IPSEC: reset NAT-T
ike 0:HGH_IPSEC: deleted
It looks like your PH1 timeout. Can you post the actual cfg of the VPN concentrator and the client?
Do you have another location that's not NAT-T that you can try from ( direct public access )
Have you tried another Fclient and system ?
Does any other client fails? ( eg mac phone vpn ipsec )
PCNSE
NSE
StrongSwan
Thank you very much.
In fact, I was using my smartphone in "internet sharing mode" to provide link my laptop to the company VPN.
It seems it is not working in that configuration.
The strange thing is that if I install directly FortiClient on the smartphone, everything is working well !
I'm not sure there is any configuration available on the smartphone that can block the VPN connection.
In any case, thank you for your helpful support (for the missing policy!).
You may try to disable "forticlient-enforcement" on FGT side.Thanks.
Jeff,
Could you give me the step by step instructions to set that parameter ? (forticlient-enforcement) ?
At the moment, here is the state :
- VPN from a mobile [ WORKING ]
- VPN from any desktop computer (even with firewall off) [ NOT WORKING]
Log from the fortigate :
G_HGH_IGNY # ike 0:HGH_IPSEC_0: NAT keep-alive 21 193.248.63.133->80.215.192.4:38932.
ike 0:HGH_IPSEC_0:80: out FF
ike 0:HGH_IPSEC_0:80: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38932, len=1, id=ff00000000000000/0000000011000000:32000000
ike 0:HGH_IPSEC_0: link is idle 21 193.248.63.133->80.215.192.4:38932 dpd=1 seqno=2
ike 0:HGH_IPSEC_0: NAT keep-alive 21 193.248.63.133->80.215.192.4:38932.
ike 0:HGH_IPSEC_0:80: out FF
ike 0:HGH_IPSEC_0:80: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38932, len=1, id=ff00000000000000/0000000011000000:32000000
ike 0:HGH_IPSEC_0: NAT keep-alive 21 193.248.63.133->80.215.192.4:38932.
ike 0:HGH_IPSEC_0:80: out FF
ike 0:HGH_IPSEC_0:80: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38932, len=1, id=ff00000000000000/0000000011000000:32000000
ike 0: comes 80.215.192.4:38868->193.248.63.133:500,ifindex=21....
ike 0: IKEv1 exchange=Aggressive id=27751356ee049161/0000000000000000 len=570
ike 0: in 27751356EE049161000000000000000001100400000000000000023A040001040000000100000001000000F8010100060300002801010000800B0001000C00040001518080010007800E01008003000180020001800400010300002802010000800B0001000C00040001518080010007800E01008003000180020001800400050300002803010000800B0001000C00040001518080010007800E010080030001800200018004000E0300002804010000800B0001000C00040001518080010007800E01008003000180020002800400010300002805010000800B0001000C00040001518080010007800E01008003000180020002800400050000002806010000800B0001000C00040001518080010007800E010080030001800200028004000E0A000064071F56AF1D2E46DA06624A0B5D2979B0E59D0FB0E6AD490F3515F10784BF3277A9F8774044A8A262DE99F498D67ECF2F4F8D5F26F9F8D76EAD07B71FF4196F0F8B885D9DAED60E7D4A48DCB6AB9E44C91221E0FB86498FB1E4A9C3448064558E05000014B60A24991FC4589592B36012FE7F80BC0D00000A0200000032300D00001412F5F28C457168A9702D9FE274CC01000D0000144A131C81070358455C5728F20E95452F0D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D000014AFCAD71368A1F1C96B8696FC775701000D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E
ike 0:27751356ee049161/0000000000000000:83: responder: aggressive mode get 1st message...
ike 0:27751356ee049161/0000000000000000:83: VID CISCO-UNITY 12F5F28C457168A9702D9FE274CC0100
ike 0:27751356ee049161/0000000000000000:83: VID RFC 3947 4A131C81070358455C5728F20E95452F
ike 0:27751356ee049161/0000000000000000:83: VID draft-ietf-ipsec-nat-t-ike-02 CD60464335DF21F87CFDB2FC68B6A448
ike 0:27751356ee049161/0000000000000000:83: VID draft-ietf-ipsec-nat-t-ike-02\n 90CB80913EBB696E086381B5EC427B1F
ike 0:27751356ee049161/0000000000000000:83: VID draft-ietf-ipsra-isakmp-xauth-06.txt 09002689DFD6B712
ike 0:27751356ee049161/0000000000000000:83: VID DPD AFCAD71368A1F1C96B8696FC77570100
ike 0:27751356ee049161/0000000000000000:83: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF
ike 0:27751356ee049161/0000000000000000:83: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E
ike 0: IKEv1 Aggressive, comes 80.215.192.4:38868->193.248.63.133 21, peer-id=20
ike 0:27751356ee049161/0000000000000000:83: negotiation result
ike 0:27751356ee049161/0000000000000000:83: proposal id = 1:
ike 0:27751356ee049161/0000000000000000:83: protocol id = ISAKMP:
ike 0:27751356ee049161/0000000000000000:83: trans_id = KEY_IKE.
ike 0:27751356ee049161/0000000000000000:83: encapsulation = IKE/none
ike 0:27751356ee049161/0000000000000000:83: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC.
ike 0:27751356ee049161/0000000000000000:83: type=OAKLEY_HASH_ALG, val=MD5.
ike 0:27751356ee049161/0000000000000000:83: type=AUTH_METHOD, val=PRESHARED_KEY.
ike 0:27751356ee049161/0000000000000000:83: type=OAKLEY_GROUP, val=MODP2048.
ike 0:27751356ee049161/0000000000000000:83: ISAKMP SA lifetime=86400
ike 0:27751356ee049161/0000000000000000:83: SA proposal chosen, matched gateway HGH_IPSEC
ike 0:HGH_IPSEC:83: received peer identifier FQDN '20'
ike 0:HGH_IPSEC:83: XAUTHv6 negotiated
ike 0:HGH_IPSEC:83: peer supports UNITY
ike 0:HGH_IPSEC:83: enable FortiClient license check
ike 0:HGH_IPSEC:83: enable FortiClient endpoint compliance check, use 169.254.1.1
ike 0:HGH_IPSEC:83: selected NAT-T version: RFC 3947
ike 0:HGH_IPSEC:83: cookie 27751356ee049161/070ab2dac08ec6ad
ike 0:HGH_IPSEC:83: ISAKMP SA 27751356ee049161/070ab2dac08ec6ad key 32:CF0631D1981DD21A75C0A16D8D90E1E3CED8667CB48C7F50D0F31ED8F019D949
ike 0:HGH_IPSEC:83: out 27751356EE049161070AB2DAC08EC6AD01100400000000000000023A0400003C000000010000000100000030010100010000002803010000800B0001000C00040001518080010007800E010080030001800200018004000E0A000104221588E667AE8D0B801632CEEA35A92AFE290227396AD851CA860120A83ED062FEA0191C9F22185265F49EB8CFF2E99DEEE74FDAF3007981FEB8F01B1B685A22B78A83C0E7DF3F8BA12E5BC30DBBAF458EEBA6AE47263515644C30A6AABF81E41CE58784F2A7D4E66D494392CF509FE6837D8C99DE3D91669E92CB96F77E9A604EFF4BD71EA74B59B2FDA937F9B337166F214CCA87EB494115C5D2530F9A400C703C0B7C5A011E88DC5ABB8FC946FD2DF4C8DE16C0392379B78389E96E7B2F420D8E92F01211F630BBD8197046DD3D5948AE2299DE4922260BA3EE634B423ACCCC4CEF1A65CFEC8A46320097986EEA3C509AC890097B7EF5C5D498A6E992E9CD0500001414B5518F5401253683F4F8438BBD7CED0800000A0200000031300D0000141D7A50D34D7E04E09BE3B26D7DD59CAC140000144A131C81070358455C5728F20E95452F14000014C1D12A7B6431112C9FD916F98576A3310D000014881373EBDAB4BFA4F52AEAB8FF36C5220D000014AFCAD71368A1F1C96B8696FC775701000D00000C09002689DFD6B7120D00001412F5F28C457168A9702D9FE274CC02040D0000144C53427B6D465D1B337BB755A37A7FEF0D000014B4F01CA951E9DA8D0BAFBBD34AD3044E000000148299031757A36082C6A621DE000502CE
ike 0:HGH_IPSEC:83: sent IKE msg (agg_r1send): 193.248.63.133:500->80.215.192.4:38868, len=570, id=27751356ee049161/070ab2dac08ec6ad
ike 0: comes 80.215.192.4:38932->193.248.63.133:4500,ifindex=21....
ike 0: IKEv1 exchange=Aggressive id=27751356ee049161/0000000000000000 len=570
ike 0: in 27751356EE049161000000000000000001100400000000000000023A040001040000000100000001000000F8010100060300002801010000800B0001000C00040001518080010007800E01008003000180020001800400010300002802010000800B0001000C00040001518080010007800E01008003000180020001800400050300002803010000800B0001000C00040001518080010007800E010080030001800200018004000E0300002804010000800B0001000C00040001518080010007800E01008003000180020002800400010300002805010000800B0001000C00040001518080010007800E01008003000180020002800400050000002806010000800B0001000C00040001518080010007800E010080030001800200028004000E0A000064071F56AF1D2E46DA06624A0B5D2979B0E59D0FB0E6AD490F3515F10784BF3277A9F8774044A8A262DE99F498D67ECF2F4F8D5F26F9F8D76EAD07B71FF4196F0F8B885D9DAED60E7D4A48DCB6AB9E44C91221E0FB86498FB1E4A9C3448064558E05000014B60A24991FC4589592B36012FE7F80BC0D00000A0200000032300D00001412F5F28C457168A9702D9FE274CC01000D0000144A131C81070358455C5728F20E95452F0D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D000014AFCAD71368A1F1C96B8696FC775701000D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E
ike 0:HGH_IPSEC:83: retransmission, re-send last message
ike 0:HGH_IPSEC:83: out 27751356EE049161070AB2DAC08EC6AD01100400000000000000023A0400003C000000010000000100000030010100010000002803010000800B0001000C00040001518080010007800E010080030001800200018004000E0A000104221588E667AE8D0B801632CEEA35A92AFE290227396AD851CA860120A83ED062FEA0191C9F22185265F49EB8CFF2E99DEEE74FDAF3007981FEB8F01B1B685A22B78A83C0E7DF3F8BA12E5BC30DBBAF458EEBA6AE47263515644C30A6AABF81E41CE58784F2A7D4E66D494392CF509FE6837D8C99DE3D91669E92CB96F77E9A604EFF4BD71EA74B59B2FDA937F9B337166F214CCA87EB494115C5D2530F9A400C703C0B7C5A011E88DC5ABB8FC946FD2DF4C8DE16C0392379B78389E96E7B2F420D8E92F01211F630BBD8197046DD3D5948AE2299DE4922260BA3EE634B423ACCCC4CEF1A65CFEC8A46320097986EEA3C509AC890097B7EF5C5D498A6E992E9CD0500001414B5518F5401253683F4F8438BBD7CED0800000A0200000031300D0000141D7A50D34D7E04E09BE3B26D7DD59CAC140000144A131C81070358455C5728F20E95452F14000014C1D12A7B6431112C9FD916F98576A3310D000014881373EBDAB4BFA4F52AEAB8FF36C5220D000014AFCAD71368A1F1C96B8696FC775701000D00000C09002689DFD6B7120D00001412F5F28C457168A9702D9FE274CC02040D0000144C53427B6D465D1B337BB755A37A7FEF0D000014B4F01CA951E9DA8D0BAFBBD34AD3044E000000148299031757A36082C6A621DE000502CE
ike 0:HGH_IPSEC:83: sent IKE msg (retransmit): 193.248.63.133:4500->80.215.192.4:38868, len=570, id=27751356ee049161/070ab2dac08ec6ad
ike 0:HGH_IPSEC_0: NAT keep-alive 21 193.248.63.133->80.215.192.4:38932.
ike 0:HGH_IPSEC_0:80: out FF
ike 0:HGH_IPSEC_0:80: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38932, len=1, id=ff00000000000000/0000000011000000:20000000
ike 0:HGH_IPSEC:83: out 27751356EE049161070AB2DAC08EC6AD01100400000000000000023A0400003C000000010000000100000030010100010000002803010000800B0001000C00040001518080010007800E010080030001800200018004000E0A000104221588E667AE8D0B801632CEEA35A92AFE290227396AD851CA860120A83ED062FEA0191C9F22185265F49EB8CFF2E99DEEE74FDAF3007981FEB8F01B1B685A22B78A83C0E7DF3F8BA12E5BC30DBBAF458EEBA6AE47263515644C30A6AABF81E41CE58784F2A7D4E66D494392CF509FE6837D8C99DE3D91669E92CB96F77E9A604EFF4BD71EA74B59B2FDA937F9B337166F214CCA87EB494115C5D2530F9A400C703C0B7C5A011E88DC5ABB8FC946FD2DF4C8DE16C0392379B78389E96E7B2F420D8E92F01211F630BBD8197046DD3D5948AE2299DE4922260BA3EE634B423ACCCC4CEF1A65CFEC8A46320097986EEA3C509AC890097B7EF5C5D498A6E992E9CD0500001414B5518F5401253683F4F8438BBD7CED0800000A0200000031300D0000141D7A50D34D7E04E09BE3B26D7DD59CAC140000144A131C81070358455C5728F20E95452F14000014C1D12A7B6431112C9FD916F98576A3310D000014881373EBDAB4BFA4F52AEAB8FF36C5220D000014AFCAD71368A1F1C96B8696FC775701000D00000C09002689DFD6B7120D00001412F5F28C457168A9702D9FE274CC02040D0000144C53427B6D465D1B337BB755A37A7FEF0D000014B4F01CA951E9DA8D0BAFBBD34AD3044E000000148299031757A36082C6A621DE000502CE
ike 0:HGH_IPSEC:83: sent IKE msg (P1_RETRANSMIT): 193.248.63.133:4500->80.215.192.4:38868, len=570, id=27751356ee049161/070ab2dac08ec6ad
ike 0: comes 80.215.192.4:38932->193.248.63.133:4500,ifindex=21....
ike 0: comes 80.215.192.4:38932->193.248.63.133:4500,ifindex=21....
ike 0:HGH_IPSEC_0: NAT keep-alive 21 193.248.63.133->80.215.192.4:38932.
ike 0:HGH_IPSEC_0:80: out FF
ike 0:HGH_IPSEC_0:80: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38932, len=1, id=ff00000000000000/0000000011000000:88a42440
ike 0:HGH_IPSEC:83: out 27751356EE049161070AB2DAC08EC6AD01100400000000000000023A0400003C000000010000000100000030010100010000002803010000800B0001000C00040001518080010007800E010080030001800200018004000E0A000104221588E667AE8D0B801632CEEA35A92AFE290227396AD851CA860120A83ED062FEA0191C9F22185265F49EB8CFF2E99DEEE74FDAF3007981FEB8F01B1B685A22B78A83C0E7DF3F8BA12E5BC30DBBAF458EEBA6AE47263515644C30A6AABF81E41CE58784F2A7D4E66D494392CF509FE6837D8C99DE3D91669E92CB96F77E9A604EFF4BD71EA74B59B2FDA937F9B337166F214CCA87EB494115C5D2530F9A400C703C0B7C5A011E88DC5ABB8FC946FD2DF4C8DE16C0392379B78389E96E7B2F420D8E92F01211F630BBD8197046DD3D5948AE2299DE4922260BA3EE634B423ACCCC4CEF1A65CFEC8A46320097986EEA3C509AC890097B7EF5C5D498A6E992E9CD0500001414B5518F5401253683F4F8438BBD7CED0800000A0200000031300D0000141D7A50D34D7E04E09BE3B26D7DD59CAC140000144A131C81070358455C5728F20E95452F14000014C1D12A7B6431112C9FD916F98576A3310D000014881373EBDAB4BFA4F52AEAB8FF36C5220D000014AFCAD71368A1F1C96B8696FC775701000D00000C09002689DFD6B7120D00001412F5F28C457168A9702D9FE274CC02040D0000144C53427B6D465D1B337BB755A37A7FEF0D000014B4F01CA951E9DA8D0BAFBBD34AD3044E000000148299031757A36082C6A621DE000502CE
ike 0:HGH_IPSEC:83: sent IKE msg (P1_RETRANSMIT): 193.248.63.133:4500->80.215.192.4:38868, len=570, id=27751356ee049161/070ab2dac08ec6ad
ike 0:HGH_IPSEC_0: NAT keep-alive 21 193.248.63.133->80.215.192.4:38932.
ike 0:HGH_IPSEC_0:80: out FF
ike 0:HGH_IPSEC_0:80: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38932, len=1, id=ff00000000000000/0000000011000000:88a42440
ike 0:HGH_IPSEC:83: negotiation timeout, deleting
ike 0:HGH_IPSEC: connection expiring due to phase1 down
ike 0:HGH_IPSEC: deleting
ike 0:HGH_IPSEC: flushing
ike 0:HGH_IPSEC: sending SNMP tunnel DOWN trap
ike 0:HGH_IPSEC: flushed
ike 0:HGH_IPSEC: reset NAT-T
ike 0:HGH_IPSEC: deleted
ike 0:HGH_IPSEC_0: NAT keep-alive 21 193.248.63.133->80.215.192.4:38932.
ike 0:HGH_IPSEC_0:80: out FF
ike 0:HGH_IPSEC_0:80: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38932, len=1, id=ff00000000000000/0000000011000000
Latest state :
On the fortigate, when I try to establish the VPN connection from a computer I got the log below.
Any idea ?
Thanks so much.
FG_HGH_IGNY # ike 0:HGH_IPSEC_1: NAT keep-alive 21 193.248.63.133->80.215.192.4:38912.
ike 0:HGH_IPSEC_1:98: out FF
ike 0:HGH_IPSEC_1:98: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38912, len=1, id=ff00000000000000/0000000011000000:32000000
ike 0: comes 80.215.192.4:38868->193.248.63.133:500,ifindex=21....
ike 0: IKEv1 exchange=Aggressive id=9113d17e9a6ba7f0/0000000000000000 len=552
ike 0: in 9113D17E9A6BA7F00000000000000000011004000000000000000228040001040000000100000001000000F8010100060300002801010000800B0001000C00040001518080010007800E00808003000180020001800400010300002802010000800B0001000C00040001518080010007800E00808003000180020001800400050300002803010000800B0001000C00040001518080010007800E008080030001800200018004000E0300002804010000800B0001000C00040001518080010007800E00808003000180020002800400010300002805010000800B0001000C00040001518080010007800E00808003000180020002800400050000002806010000800B0001000C00040001518080010007800E008080030001800200028004000E0A00006488B8EA33DF541EF2290B8F9897E9FE07CEF569FA19C1372A7296F444EE50CB5F37F854D7DE31E6059804362312DFC067287E8643BED5CC5BBB5DA5EC2AE9BC4924A92A16C0CBC9528FAE765906D4DFA38C37215F02B7A7A0BBED09CB41B2469C05000014E9F78428E53A433C2700D33BF83A1E890D00000C01000000C0A82B640D00001412F5F28C457168A9702D9FE274CC01000D0000144A131C81070358455C5728F20E95452F0D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E
ike 0:9113d17e9a6ba7f0/0000000000000000:100: responder: aggressive mode get 1st message...
ike 0:9113d17e9a6ba7f0/0000000000000000:100: VID CISCO-UNITY 12F5F28C457168A9702D9FE274CC0100
ike 0:9113d17e9a6ba7f0/0000000000000000:100: VID RFC 3947 4A131C81070358455C5728F20E95452F
ike 0:9113d17e9a6ba7f0/0000000000000000:100: VID draft-ietf-ipsec-nat-t-ike-02 CD60464335DF21F87CFDB2FC68B6A448
ike 0:9113d17e9a6ba7f0/0000000000000000:100: VID draft-ietf-ipsec-nat-t-ike-02\n 90CB80913EBB696E086381B5EC427B1F
ike 0:9113d17e9a6ba7f0/0000000000000000:100: VID draft-ietf-ipsra-isakmp-xauth-06.txt 09002689DFD6B712
ike 0:9113d17e9a6ba7f0/0000000000000000:100: VID forticlient connect license 4C53427B6D465D1B337BB755A37A7FEF
ike 0:9113d17e9a6ba7f0/0000000000000000:100: VID Fortinet Endpoint Control B4F01CA951E9DA8D0BAFBBD34AD3044E
ike 0: IKEv1 Aggressive, comes 80.215.192.4:38868->193.248.63.133 21
ike 0:9113d17e9a6ba7f0/0000000000000000:100: negotiation result
ike 0:9113d17e9a6ba7f0/0000000000000000:100: proposal id = 1:
ike 0:9113d17e9a6ba7f0/0000000000000000:100: protocol id = ISAKMP:
ike 0:9113d17e9a6ba7f0/0000000000000000:100: trans_id = KEY_IKE.
ike 0:9113d17e9a6ba7f0/0000000000000000:100: encapsulation = IKE/none
ike 0:9113d17e9a6ba7f0/0000000000000000:100: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC.
ike 0:9113d17e9a6ba7f0/0000000000000000:100: type=OAKLEY_HASH_ALG, val=SHA.
ike 0:9113d17e9a6ba7f0/0000000000000000:100: type=AUTH_METHOD, val=PRESHARED_KEY.
ike 0:9113d17e9a6ba7f0/0000000000000000:100: type=OAKLEY_GROUP, val=MODP2048.
ike 0:9113d17e9a6ba7f0/0000000000000000:100: ISAKMP SA lifetime=86400
ike 0:9113d17e9a6ba7f0/0000000000000000:100: SA proposal chosen, matched gateway HGH_IPSEC
ike 0:HGH_IPSEC:100: peer identifier IPV4_ADDR 192.168.43.100
ike 0:HGH_IPSEC:100: XAUTHv6 negotiated
ike 0:HGH_IPSEC:100: peer supports UNITY
ike 0:HGH_IPSEC:100: enable FortiClient license check
ike 0:HGH_IPSEC:100: enable FortiClient endpoint compliance check, use 169.254.1.1
ike 0:HGH_IPSEC:100: selected NAT-T version: RFC 3947
ike 0:HGH_IPSEC:100: cookie 9113d17e9a6ba7f0/9e5d00f4395aa9c8
ike 0:HGH_IPSEC:100: ISAKMP SA 9113d17e9a6ba7f0/9e5d00f4395aa9c8 key 16:F7C8FD895E1783E9957BDD757F5801D6
ike 0:HGH_IPSEC:100: out 9113D17E9A6BA7F09E5D00F4395AA9C80110040000000000000002460400003C000000010000000100000030010100010000002806010000800B0001000C00040001518080010007800E008080030001800200028004000E0A000104BEAE209E09BDDACBFDCDC36D3467AC953D2108D957E7C98FBFCBE539DBD9C9E719E0E856EC4F78598AC9231098823F6CA4898719A7F6739844B4E3EC7467E1CCC2BF405D7F0AA077FBB92617AE69998E3CD76F70DA9217BFB6A13E6EFCFC2CF6F85EC5A0F51618DCAF6ED98A95C2A132900460E422F15A5BE7E8919152EAAC3EB9199CBE18D9FFF5A8EF02DFF773DB64BBBAC1E6827EC1383AD15ED29EB66B3E59E96684C3F9944FDA26D6B30582F30D7C32B966506850C6C0556FA9CFC1A8618CFD48AC20601308EFFF62D62E9CFA7702371FA0A77F2145A1E6BEA096DABB3802570320663B58A8B6677F01FFCD7180837C9B78EB7A7FA3B76095FC1F7285A4050000144C7D7B49F1DDB8C19141E04D025CE36F0800000A0200000031300D000018FB694EC7BFE5D348DC4BD14BAE3A0CB7123ECE2A140000144A131C81070358455C5728F20E95452F14000018C988AB86EBE8C557DA955C025D0892CE10E932D80D0000183DBF567EEEA871DF0DDF90B1754A1A6DF368EA410D000014AFCAD71368A1F1C96B8696FC775701000D00000C09002689DFD6B7120D00001412F5F28C457168A9702D9FE274CC02040D0000144C53427B6D465D1B337BB755A37A7FEF0D000014B4F01CA951E9DA8D0BAFBBD34AD3044E000000148299031757A36082C6A621DE000502CE
ike 0:HGH_IPSEC:100: sent IKE msg (agg_r1send): 193.248.63.133:500->80.215.192.4:38868, len=582, id=9113d17e9a6ba7f0/9e5d00f4395aa9c8
ike 0:HGH_IPSEC_0: NAT keep-alive 21 193.248.63.133->80.215.192.4:38932.
ike 0:HGH_IPSEC_0:80: out FF
ike 0:HGH_IPSEC_0:80: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38932, len=1, id=ff00000000000000/0000000011000000:06000000
ike 0:HGH_IPSEC_1: NAT keep-alive 21 193.248.63.133->80.215.192.4:38912.
ike 0:HGH_IPSEC_1:98: out FF
ike 0:HGH_IPSEC_1:98: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38912, len=1, id=ff00000000000000/0000000011000000:70a42440
ike 0: comes 80.215.192.4:38932->193.248.63.133:4500,ifindex=21....
ike 0: IKEv1 exchange=Aggressive id=9113d17e9a6ba7f0/0000000000000000 len=552
ike 0: in 9113D17E9A6BA7F00000000000000000011004000000000000000228040001040000000100000001000000F8010100060300002801010000800B0001000C00040001518080010007800E00808003000180020001800400010300002802010000800B0001000C00040001518080010007800E00808003000180020001800400050300002803010000800B0001000C00040001518080010007800E008080030001800200018004000E0300002804010000800B0001000C00040001518080010007800E00808003000180020002800400010300002805010000800B0001000C00040001518080010007800E00808003000180020002800400050000002806010000800B0001000C00040001518080010007800E008080030001800200028004000E0A00006488B8EA33DF541EF2290B8F9897E9FE07CEF569FA19C1372A7296F444EE50CB5F37F854D7DE31E6059804362312DFC067287E8643BED5CC5BBB5DA5EC2AE9BC4924A92A16C0CBC9528FAE765906D4DFA38C37215F02B7A7A0BBED09CB41B2469C05000014E9F78428E53A433C2700D33BF83A1E890D00000C01000000C0A82B640D00001412F5F28C457168A9702D9FE274CC01000D0000144A131C81070358455C5728F20E95452F0D000014CD60464335DF21F87CFDB2FC68B6A4480D00001490CB80913EBB696E086381B5EC427B1F0D00000C09002689DFD6B7120D0000144C53427B6D465D1B337BB755A37A7FEF00000014B4F01CA951E9DA8D0BAFBBD34AD3044E
ike 0:HGH_IPSEC:100: retransmission, re-send last message
ike 0:HGH_IPSEC:100: out 9113D17E9A6BA7F09E5D00F4395AA9C80110040000000000000002460400003C000000010000000100000030010100010000002806010000800B0001000C00040001518080010007800E008080030001800200028004000E0A000104BEAE209E09BDDACBFDCDC36D3467AC953D2108D957E7C98FBFCBE539DBD9C9E719E0E856EC4F78598AC9231098823F6CA4898719A7F6739844B4E3EC7467E1CCC2BF405D7F0AA077FBB92617AE69998E3CD76F70DA9217BFB6A13E6EFCFC2CF6F85EC5A0F51618DCAF6ED98A95C2A132900460E422F15A5BE7E8919152EAAC3EB9199CBE18D9FFF5A8EF02DFF773DB64BBBAC1E6827EC1383AD15ED29EB66B3E59E96684C3F9944FDA26D6B30582F30D7C32B966506850C6C0556FA9CFC1A8618CFD48AC20601308EFFF62D62E9CFA7702371FA0A77F2145A1E6BEA096DABB3802570320663B58A8B6677F01FFCD7180837C9B78EB7A7FA3B76095FC1F7285A4050000144C7D7B49F1DDB8C19141E04D025CE36F0800000A0200000031300D000018FB694EC7BFE5D348DC4BD14BAE3A0CB7123ECE2A140000144A131C81070358455C5728F20E95452F14000018C988AB86EBE8C557DA955C025D0892CE10E932D80D0000183DBF567EEEA871DF0DDF90B1754A1A6DF368EA410D000014AFCAD71368A1F1C96B8696FC775701000D00000C09002689DFD6B7120D00001412F5F28C457168A9702D9FE274CC02040D0000144C53427B6D465D1B337BB755A37A7FEF0D000014B4F01CA951E9DA8D0BAFBBD34AD3044E000000148299031757A36082C6A621DE000502CE
ike 0:HGH_IPSEC:100: sent IKE msg (retransmit): 193.248.63.133:4500->80.215.192.4:38868, len=582, id=9113d17e9a6ba7f0/9e5d00f4395aa9c8
ike 0:HGH_IPSEC:100: out 9113D17E9A6BA7F09E5D00F4395AA9C80110040000000000000002460400003C000000010000000100000030010100010000002806010000800B0001000C00040001518080010007800E008080030001800200028004000E0A000104BEAE209E09BDDACBFDCDC36D3467AC953D2108D957E7C98FBFCBE539DBD9C9E719E0E856EC4F78598AC9231098823F6CA4898719A7F6739844B4E3EC7467E1CCC2BF405D7F0AA077FBB92617AE69998E3CD76F70DA9217BFB6A13E6EFCFC2CF6F85EC5A0F51618DCAF6ED98A95C2A132900460E422F15A5BE7E8919152EAAC3EB9199CBE18D9FFF5A8EF02DFF773DB64BBBAC1E6827EC1383AD15ED29EB66B3E59E96684C3F9944FDA26D6B30582F30D7C32B966506850C6C0556FA9CFC1A8618CFD48AC20601308EFFF62D62E9CFA7702371FA0A77F2145A1E6BEA096DABB3802570320663B58A8B6677F01FFCD7180837C9B78EB7A7FA3B76095FC1F7285A4050000144C7D7B49F1DDB8C19141E04D025CE36F0800000A0200000031300D000018FB694EC7BFE5D348DC4BD14BAE3A0CB7123ECE2A140000144A131C81070358455C5728F20E95452F14000018C988AB86EBE8C557DA955C025D0892CE10E932D80D0000183DBF567EEEA871DF0DDF90B1754A1A6DF368EA410D000014AFCAD71368A1F1C96B8696FC775701000D00000C09002689DFD6B7120D00001412F5F28C457168A9702D9FE274CC02040D0000144C53427B6D465D1B337BB755A37A7FEF0D000014B4F01CA951E9DA8D0BAFBBD34AD3044E000000148299031757A36082C6A621DE000502CE
ike 0:HGH_IPSEC:100: sent IKE msg (P1_RETRANSMIT): 193.248.63.133:4500->80.215.192.4:38868, len=582, id=9113d17e9a6ba7f0/9e5d00f4395aa9c8
ike 0: comes 80.215.192.4:38932->193.248.63.133:4500,ifindex=21....
ike 0: comes 80.215.192.4:38932->193.248.63.133:4500,ifindex=21....
ike 0:HGH_IPSEC_0: NAT keep-alive 21 193.248.63.133->80.215.192.4:38932.
ike 0:HGH_IPSEC_0:80: out FF
ike 0:HGH_IPSEC_0:80: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38932, len=1, id=ff00000000000000/0000000011000000:70a42440
ike 0:HGH_IPSEC_1: NAT keep-alive 21 193.248.63.133->80.215.192.4:38912.
ike 0:HGH_IPSEC_1:98: out FF
ike 0:HGH_IPSEC_1:98: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38912, len=1, id=ff00000000000000/0000000011000000:70a42440
ike 0:HGH_IPSEC:100: out 9113D17E9A6BA7F09E5D00F4395AA9C80110040000000000000002460400003C000000010000000100000030010100010000002806010000800B0001000C00040001518080010007800E008080030001800200028004000E0A000104BEAE209E09BDDACBFDCDC36D3467AC953D2108D957E7C98FBFCBE539DBD9C9E719E0E856EC4F78598AC9231098823F6CA4898719A7F6739844B4E3EC7467E1CCC2BF405D7F0AA077FBB92617AE69998E3CD76F70DA9217BFB6A13E6EFCFC2CF6F85EC5A0F51618DCAF6ED98A95C2A132900460E422F15A5BE7E8919152EAAC3EB9199CBE18D9FFF5A8EF02DFF773DB64BBBAC1E6827EC1383AD15ED29EB66B3E59E96684C3F9944FDA26D6B30582F30D7C32B966506850C6C0556FA9CFC1A8618CFD48AC20601308EFFF62D62E9CFA7702371FA0A77F2145A1E6BEA096DABB3802570320663B58A8B6677F01FFCD7180837C9B78EB7A7FA3B76095FC1F7285A4050000144C7D7B49F1DDB8C19141E04D025CE36F0800000A0200000031300D000018FB694EC7BFE5D348DC4BD14BAE3A0CB7123ECE2A140000144A131C81070358455C5728F20E95452F14000018C988AB86EBE8C557DA955C025D0892CE10E932D80D0000183DBF567EEEA871DF0DDF90B1754A1A6DF368EA410D000014AFCAD71368A1F1C96B8696FC775701000D00000C09002689DFD6B7120D00001412F5F28C457168A9702D9FE274CC02040D0000144C53427B6D465D1B337BB755A37A7FEF0D000014B4F01CA951E9DA8D0BAFBBD34AD3044E000000148299031757A36082C6A621DE000502CE
ike 0:HGH_IPSEC:100: sent IKE msg (P1_RETRANSMIT): 193.248.63.133:4500->80.215.192.4:38868, len=582, id=9113d17e9a6ba7f0/9e5d00f4395aa9c8
ike 0:HGH_IPSEC_0: NAT keep-alive 21 193.248.63.133->80.215.192.4:38932.
ike 0:HGH_IPSEC_0:80: out FF
ike 0:HGH_IPSEC_0:80: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38932, len=1, id=ff00000000000000/0000000011000000:70a42440
ike 0:HGH_IPSEC_1: NAT keep-alive 21 193.248.63.133->80.215.192.4:38912.
ike 0:HGH_IPSEC_1:98: out FF
ike 0:HGH_IPSEC_1:98: sent IKE msg (keepalive): 193.248.63.133:4500->80.215.192.4:38912, len=1, id=ff00000000000000/0000000011000000:70a42440
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1736 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.