IPsec VPN between RV50 4.9.3 and ASA5512

hbhanot · November 20, 2018, 11:05am

I am trying to setup a IPSec tunnel between RV50 and ASA5512, but failing. RV50 got dynamic IP and ASA is on static IP.
I used Cisco router and the IPsec tunnel was successfull, but using the same config on Sierra RV50 tunnel does not comes up.

Please see the logs (y.y.y.y is the remote address)

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: hmac(hmac_sha1)

Nov 20 11:00:54 notice racoon: alg_oakley_hmacdef_one(hmac_sha1 size=36): 0.000032

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: HASH computed:

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: 16467570 444656d7 1d4dda0e f88675dd 0c4d6e68

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: hash validated.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: begin.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: seen nptype=8(hash)

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: seen nptype=11(notify)

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: succeed.

Nov 20 11:00:54 info racoon: 2018-11-20 11:00:54: [y.y.y.y] ERROR: notification NO-PROPOSAL-CHOSEN received in informational exchange.

Nov 20 11:00:54 info racoon: 2018-11-20 11:00:54: [y.y.y.y] ERROR: error message: ': '.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: ===

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: 84 bytes message received from y.y.y.y[500] to 46.156.60.171[500]

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: 0312ada8 8077eb21 98678bdd d508c528 08100501 d36621bd 00000054 eda5249e e6973846 0fd91813 85b21fbe 54c047e3 41cd0f41 f60d48ce 3954398a 0d90754a e9a819b0 150cc94d 7a85c424 db9b02f7 117e0c5b

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: receive Information.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: compute IV for phase2

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: phase1 last IV:

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: 13b5def5 25b90d00 d36621bd

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: hash(sha1)

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: encryption(3des)

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: phase2 IV computed:

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: f255472d da6ef01b

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: begin decryption.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: encryption(3des)

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: IV was saved for next processing:

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: db9b02f7 117e0c5b

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: encryption(3des)

Nov 20 11:00:54 notice racoon: alg_oakley_encdef_decrypt(3des klen=192 size=56): 0.000051

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: with key:

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: 1b9f306f 439fe63d 25c3b7a5 928b2040 82b46653 f6736874

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: decrypted payload by IV:

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: f255472d da6ef01b

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: decrypted payload, but not trimed.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: 0c000018 ab26ed1e 1c6cbe12 5db7c4ac de778758 0331228b 0000001c 00000001 01100001 0312ada8 8077eb21 98678bdd d508c528 00000000

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: padding len=1

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: skip to trim padding.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: decrypted.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: 0312ada8 8077eb21 98678bdd d508c528 08100501 d36621bd 00000054 0c000018 ab26ed1e 1c6cbe12 5db7c4ac de778758 0331228b 0000001c 00000001 01100001 0312ada8 8077eb21 98678bdd d508c528 00000000

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: IV freed

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: HASH with:

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: d36621bd 0000001c 00000001 01100001 0312ada8 8077eb21 98678bdd d508c528

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: hmac(hmac_sha1)

Nov 20 11:00:54 notice racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000034

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: HASH computed:

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: ab26ed1e 1c6cbe12 5db7c4ac de778758 0331228b

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: hash validated.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: begin.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: seen nptype=8(hash)

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: seen nptype=12(delete)

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: succeed.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: [y.y.y.y] DEBUG: delete payload for protocol ISAKMP

Nov 20 11:00:54 info racoon: 2018-11-20 11:00:54: INFO: purging ISAKMP-SA spi=0312ada88077eb21:98678bddd508c528.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: call pfkey_send_dump

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: pk_recv: retry[0] recv()

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: IV freed

Nov 20 11:00:54 info racoon: 2018-11-20 11:00:54: INFO: purged IPsec-SA spi=52797327.

Nov 20 11:00:54 info racoon: 2018-11-20 11:00:54: INFO: purged IPsec-SA spi=0.

Nov 20 11:00:54 info racoon: 2018-11-20 11:00:54: INFO: purged ISAKMP-SA spi=0312ada88077eb21:98678bddd508c528.

Nov 20 11:00:54 info racoon: 2018-11-20 11:00:54: INFO: ISAKMP-SA deleted 46.156.60.171[500]-y.y.y.y[500] spi:0312ada88077eb21:98678bddd508c528

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: IV freed

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: purged SAs.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: pk_recv: retry[0] recv()

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: got pfkey DELETE message

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: DELETE message is not interesting because the message was originated by me.

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: pk_recv: retry[0] recv()

Nov 20 11:00:54 debug racoon: 2018-11-20 11:00:54: DEBUG: got pfkey DELETE message

Nov 20 11:00:54 info racoon: 2018-11-20 11:00:54: ERROR: pfkey DELETE failed: No such process

Nov 20 11:01:23 debug racoon: 2018-11-20 11:01:23: DEBUG: pk_recv: retry[0] recv()

Nov 20 11:01:23 debug racoon: 2018-11-20 11:01:23: DEBUG: got pfkey EXPIRE message

Nov 20 11:01:23 info racoon: 2018-11-20 11:01:23: INFO: IPsec-SA expired: ESP/Tunnel 46.156.60.171[500]->y.y.y.y[500]

Nov 20 11:01:23 debug racoon: 2018-11-20 11:01:23: DEBUG: no such a SA found: ESP/Tunnel 46.156.60.171[500]->y.y.y.y[500]

Topic		Replies	Views
IPSEC VPN from RV50 to ASA5512 AirLink routers	1	1812	December 29, 2017
AirLink RV50 VPN to Cisco ASA5500 AirLink routers	1	1894	April 22, 2016
Connecting RV50 to a Cisco RV042 VPN AirLink routers	4	2212	April 25, 2018
IPSec Connection Between Static IP Fortigate Firewall and Dynamic IP AirLink LX60 AirLink Routers	0	291	August 4, 2023
IpSec Tunnel between 2 RV50X AirLink Routers	2	834	February 23, 2024

IPsec VPN between RV50 4.9.3 and ASA5512

Related Topics