Jump to content

VPN-Verbindung zwischen Netgear FVG318 und DG834GB bricht ständig ab

Canni

Von Canni
in Windows Server Forum

Der letzte Beitrag zu diesem Thema ist mehr als 180 Tage alt. Bitte erstelle einen neuen Beitrag zu Deiner Anfrage!

Empfohlene Beiträge

Canni Experienced

Canni   11

Geschrieben
Geschrieben

Hallo zusammen,

 

wir verbinden 2 Netzwerke miteinander:

 

Standort A: (ca. 5 Rechner - 1 Server, auf den die 1723 durchgeroutet ist wegen Server-VPN)

Netgear FVG 318

 

Standort B: (ca. 3 Rechner)

DG834GB

 

 

Diese VPN-Verbindung bricht hin und wieder ab, ca. 1 mal am Tag. Keiner konnte mir bisher helfen, auch Netgear nicht. MTU-Wert liegt überall bei 1456, feste IP ist an beiden Stellen vorhanden. Derzeit funktionierts seit ca. 2 Tagen.

 

Was mich besonders stört ist das hier in den Logfiles, kommt bald sekündlich.

 

sending notification PAYLOAD_MALFORMED to [iPSTANDORTA]:500

oder am DG834GB:

Init Cookie: 0xd79f591eb78327db & Resp Cookie: 0x39f46ffbd87b73ab INFO :: received NOTIFY PAYLOAD of notify type R_U_THERE

Init Cookie: 0xd79f591eb78327db & Resp Cookie: 0x39f46ffbd87b73ab INFO :: Sending phase-I notify of type R_U_THERE_ACK

 

 

Danke vielmals! Hier die Logfiles:

 

Routerlog DG834GB

 

Wed, 2007-03-28 04:28:20 - [bIG] sending notification PAYLOAD_MALFORMED to [iPSTANDORTA]:500

Wed, 2007-03-28 04:34:03 - [bIG] sending notification PAYLOAD_MALFORMED to [iPSTANDORTA]:500

Wed, 2007-03-28 05:19:38 - [bIG] IPsec SA expired

Wed, 2007-03-28 05:19:39 - [bIG] ISAKMP SA expired

Wed, 2007-03-28 05:22:37 - [bIG] initiating Main Mode

Wed, 2007-03-28 05:22:38 - [bIG] ISAKMP SA established

Wed, 2007-03-28 05:22:39 - [bIG] sent QI2, IPsec SA established

Wed, 2007-03-28 07:14:17 - [bIG] sending notification PAYLOAD_MALFORMED to [iPSTANDORTA]:500

Wed, 2007-03-28 07:58:51 - [bIG] sending notification PAYLOAD_MALFORMED to [iPSTANDORTA]:500

Wed, 2007-03-28 08:12:05 - [bIG] sending notification PAYLOAD_MALFORMED to [iPSTANDORTA]:500

Wed, 2007-03-28 10:07:17 - [bIG] sending notification PAYLOAD_MALFORMED to [iPSTANDORTA]:500

Wed, 2007-03-28 13:22:21 - [bIG] sending notification PAYLOAD_MALFORMED to [iPSTANDORTA]:500

Wed, 2007-03-28 13:22:38 - [bIG] ISAKMP SA expired

Wed, 2007-03-28 13:22:39 - [bIG] IPsec SA expired

Wed, 2007-03-28 13:22:41 - [bIG] responding to Main Mode

Wed, 2007-03-28 13:22:42 - [bIG] sent MR3, ISAKMP SA established

Wed, 2007-03-28 13:22:43 - [bIG] responding to Quick Mode

Wed, 2007-03-28 13:22:43 - [bIG] IPsec SA established

Wed, 2007-03-28 13:43:48 - [bIG] sending notification PAYLOAD_MALFORMED to [iPSTANDORTA]:500

Wed, 2007-03-28 13:56:22 - [bIG] sending notification PAYLOAD_MALFORMED to [iPSTANDORTA]:500

 

 

 

 

Router FVG318

 

 

 

Init Cookie: 0xd79f591eb78327db & Resp Cookie: 0x39f46ffbd87b73ab INFO :: received NOTIFY PAYLOAD of notify type R_U_THERE

Init Cookie: 0xd79f591eb78327db & Resp Cookie: 0x39f46ffbd87b73ab INFO :: Sending phase-I notify of type R_U_THERE_ACK

Init Cookie: 0xd79f591eb78327db & Resp Cookie: 0x39f46ffbd87b73ab INFO :: received NOTIFY PAYLOAD of notify type R_U_THERE

Init Cookie: 0xd79f591eb78327db & Resp Cookie: 0x39f46ffbd87b73ab INFO :: Sending phase-I notify of type R_U_THERE_ACK

Init Cookie: 0xd79f591eb78327db & Resp Cookie: 0x39f46ffbd87b73ab INFO :: Sending phase-I notify of type R_U_THERE

Init Cookie: 0xd79f591eb78327db & Resp Cookie: 0x39f46ffbd87b73ab INFO :: received NOTIFY PAYLOAD of notify type R_U_THERE_ACK

Init Cookie: 0xd79f591eb78327db & Resp Cookie: 0x39f46ffbd87b73ab INFO :: received NOTIFY PAYLOAD of notify type R_U_THERE

Init Cookie: 0xd79f591eb78327db & Resp Cookie: 0x39f46ffbd87b73ab INFO :: Sending phase-I notify of type R_U_THERE_ACK

Init Cookie: 0xd79f591eb78327db & Resp Cookie: 0x39f46ffbd87b73ab INFO :: received NOTIFY PAYLOAD of notify type R_U_THERE

Init Cookie: 0xd79f591eb78327db & Resp Cookie: 0x39f46ffbd87b73ab INFO :: Sending phase-I notify of type R_U_THERE_ACK

Link zu diesem Kommentar
IThome Grand Master

IThome   10

Geschrieben
Geschrieben

Der untere Teil nennt sich Dead Peer Detection und sorgt ähnlich wie ein IKE Keepalive dafür, dass der Tunnel aufrecht erhalten bleibt, aber nur dann, wenn keine Daten fliessen. PAYLOAD_MALFORMED bedeutet, dass der Responder ein verschlüsseltes IKE Paket nicht entschlüsseln kann. Könnte es sein, dass eine der beiden Seiten getrennt wird (Zwangstrennung oder was auch immer) und die Cookies nicht mehr passen ? Müssen beide Gateways neu gestartet werden, damit der Tunnel wieder aufgebaut wird oder dauert es nur eine Weile und alles läuft wieder ?

Link zu diesem Kommentar
Canni Experienced

Canni   11

Geschrieben
  • Autor
Geschrieben

Hallo,

 

danke für die Antwort. Weiss echt nicht mehr weiter, da der Hersteller da immer noch keine Lösung zu hat.

 

Also es genügt, dass ich den DG834GB neu starte, dann funktioniert alles wieder wie gewünscht. Nur manuelles "Connecten" nützt da generell nichts.

 

Keine Ahnung, ob das was mit der Zwangstrennung zu tun hat. Müsste aber doch trotzdem wieder neu aufbauen ...?!

 

Und dieses payload mal... kommt ja auch ständig, wenn die Verbindung bestens steht.

 

Gestern abend um ca. 18:30 Uhr ist die Verbindung wieder abgebrochen. Hier die Logfiles.

 

Bitte um Hilfe :-)

Link zu diesem Kommentar
Canni Experienced

Canni   11

Geschrieben
  • Autor
Geschrieben

Routerlog FVG318

 

TUESDAY, 27 MAR 2007 17:33:15 Service access request successful Src 2379 Dst 8787 from WAN n/w Source: 84.56.153.17 Destination: 87.139.40.23

TUESDAY, 27 MAR 2007 17:33:16 Service access request successful Src 2380 Dst 8787 from WAN n/w Source: 84.56.153.17 Destination: 87.139.40.23

TUESDAY, 27 MAR 2007 17:33:18 Service access request successful Src 2381 Dst 8787 from WAN n/w Source: 84.56.153.17 Destination: 87.139.40.23

TUESDAY, 27 MAR 2007 17:33:19 Service access request successful Src 2382 Dst 8787 from WAN n/w Source: 84.56.153.17 Destination: 87.139.40.23

TUESDAY, 27 MAR 2007 17:33:20 Service access request successful Src 2383 Dst 8787 from WAN n/w Source: 84.56.153.17 Destination: 87.139.40.23

TUESDAY, 27 MAR 2007 17:33:21 Service access request successful Src 2384 Dst 8787 from WAN n/w Source: 84.56.153.17 Destination: 87.139.40.23

SPI = 0xb9a0e677, Seq. No = N/A :: Inbound SA Created

SPI = 0x9215cc2f, Seq. No = N/A :: Outbound SA Created

SPI = 0xa6499ae6, Seq. No = N/A :: Inbound SA Created

SPI = 0x9215cc30, Seq. No = N/A :: Outbound SA Created

SPI = 0x91553b6a, Seq. No = N/A :: Inbound SA Created

SPI = 0x9215cc31, Seq. No = N/A :: Outbound SA Created

SPI = 0xa6499ae6, Seq. No = N/A :: SA Life Time Expired

SPI = 0x91553b6a, Seq. No = N/A :: SA Life Time Expired

SPI = 0xb9a0e677, Seq. No = N/A :: SA Life Time Expired

SPI = 0x9215cc2f, Seq. No = N/A :: SA Life Time Expired

SPI = 0x9215cc30, Seq. No = N/A :: SA Life Time Expired

SPI = 0x9215cc31, Seq. No = N/A :: SA Life Time Expired

SPI = 0xefd692d2, Seq. No = N/A :: Inbound SA Created

SPI = 0x16900487, Seq. No = N/A :: Outbound SA Created

SPI = 0xefd692d2, Seq. No = N/A :: SA Life Time Expired

SPI = 0x16900487, Seq. No = N/A :: SA Life Time Expired

SPI = 0xa9206873, Seq. No = N/A :: Inbound SA Created

SPI = 0xfeeeabc2, Seq. No = N/A :: Outbound SA Created

SPI = 0xa9206873, Seq. No = N/A :: SA Life Time Expired

SPI = 0xfeeeabc2, Seq. No = N/A :: SA Life Time Expired

SPI = 0x883c679a, Seq. No = N/A :: Inbound SA Created

SPI = 0xfeeeabc3, Seq. No = N/A :: Outbound SA Created

SPI = 0x883c679a, Seq. No = N/A :: SA Life Time Expired

SPI = 0xfeeeabc3, Seq. No = N/A :: SA Life Time Expired

SPI = 0xffb90747, Seq. No = N/A :: Inbound SA Created

SPI = 0xfeeeabc4, Seq. No = N/A :: Outbound SA Created

SPI = 0xfeeeabc4, Seq. No = N/A :: SA Soft Life Time Expired - Renegotiation starts

SPI = 0xb1eaa813, Seq. No = N/A :: Inbound SA Created

SPI = 0xfeeeabc5, Seq. No = N/A :: Outbound SA Created

SPI = 0xffb90747, Seq. No = N/A :: SA Life Time Expired

SPI = 0xfeeeabc4, Seq. No = N/A :: SA Life Time Expired

SPI = 0xdbc1f572, Seq. No = N/A :: Inbound SA Created

SPI = 0xfeeeabc6, Seq. No = N/A :: Outbound SA Created

Link zu diesem Kommentar
Canni Experienced

Canni   11

Geschrieben
  • Autor
Geschrieben

Routerlog Dg834GB

 

Wed, 2007-03-28 00:27:33 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 01:00:02 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 01:08:48 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 02:31:36 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 03:48:49 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 04:17:17 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 04:28:20 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 04:34:03 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 05:19:38 - [bIG] IPsec SA expired

Wed, 2007-03-28 05:19:39 - [bIG] ISAKMP SA expired

Wed, 2007-03-28 05:22:37 - [bIG] initiating Main Mode

Wed, 2007-03-28 05:22:38 - [bIG] ISAKMP SA established

Wed, 2007-03-28 05:22:39 - [bIG] sent QI2, IPsec SA established

Wed, 2007-03-28 07:14:17 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 07:58:51 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 08:12:05 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 10:07:17 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 13:22:21 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 13:22:38 - [bIG] ISAKMP SA expired

Wed, 2007-03-28 13:22:39 - [bIG] IPsec SA expired

Wed, 2007-03-28 13:22:41 - [bIG] responding to Main Mode

Wed, 2007-03-28 13:22:42 - [bIG] sent MR3, ISAKMP SA established

Wed, 2007-03-28 13:22:43 - [bIG] responding to Quick Mode

Wed, 2007-03-28 13:22:43 - [bIG] IPsec SA established

Wed, 2007-03-28 13:43:48 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 13:56:22 - [bIG] sending notification PAYLOAD_MALFORMED to 87.139.40.23:500

Wed, 2007-03-28 18:27:57 - [bIG] responding to Main Mode

Wed, 2007-03-28 18:27:59 - [bIG] sent MR3, ISAKMP SA established

Wed, 2007-03-28 18:28:16 - [bIG] DPD: No response from peer - declaring peer dead

Wed, 2007-03-28 18:28:31 - [bIG] initiating Main Mode

Wed, 2007-03-28 18:28:40 - [bIG] ISAKMP SA established

Wed, 2007-03-28 18:28:40 - [bIG] sent QI2, IPsec SA established

Wed, 2007-03-28 18:30:21 - deleting connection "BIG"

Wed, 2007-03-28 18:30:21 - shutting down interface ipsec0/ppp0 217.7.219.168

Link zu diesem Kommentar
Der letzte Beitrag zu diesem Thema ist mehr als 180 Tage alt. Bitte erstelle einen neuen Beitrag zu Deiner Anfrage!

Schreibe einen Kommentar

Du kannst jetzt antworten und Dich später registrieren. Falls Du bereits ein Mitglied bist, logge Dich jetzt ein.

Gast
Auf dieses Thema antworten...

×   Du hast formatierten Text eingefügt.   Formatierung jetzt entfernen

  Only 75 emoji are allowed.

×   Dein Link wurde automatisch eingebettet.   Einbetten rückgängig machen und als Link darstellen

×   Dein vorheriger Inhalt wurde wiederhergestellt.   Editor-Fenster leeren

×   Du kannst Bilder nicht direkt einfügen. Lade Bilder hoch oder lade sie von einer URL.

×
Zurück zur Übersicht


×
×
  • Neu erstellen...