Der ShrewSoft VPN-Client funktioniert nicht mehr unter Windows 8.1 x64

9708
Nestor

Ich habe ShrewSoft VPN verwendet, um auf einige Arbeitscomputer zuzugreifen.

Vor ein paar Tagen wurde das Passwort geändert, also habe ich es bei den Anmeldeinformationen geändert.

Seitdem kann ich keine Verbindung zu den Arbeitscomputern herstellen, aber alle meine Kollegen können dies .

Es gibt zwei Szenarien:

  • Beim Verbindungsaufbau erhalte ich folgende Nachricht:

Zeitlimit für Aushandlung

Hier ist das IKE-Serviceprotokoll dafür:

15/03/04 22:12:55 ii : rebuilding vnet device list ... 15/03/04 22:12:55 ii : device ROOT\VNET\0000 disabled 15/03/04 22:12:55 ii : network process thread begin ... 15/03/04 22:12:55 ii : pfkey process thread begin ... 15/03/04 22:12:55 ii : ipc server process thread begin ... 15/03/04 22:13:01 ii : ipc client process thread begin ... 15/03/04 22:13:01 <A : peer config add message 15/03/04 22:13:01 <A : proposal config message 15/03/04 22:13:01 <A : proposal config message 15/03/04 22:13:01 <A : client config message 15/03/04 22:13:01 <A : local id 'myserver.company.com' message 15/03/04 22:13:01 <A : preshared key message 15/03/04 22:13:01 <A : remote resource message 15/03/04 22:13:01 <A : peer tunnel enable message 15/03/04 22:13:01 DB : peer added ( obj count = 1 ) 15/03/04 22:13:01 ii : local address 192.168.0.100 selected for peer 15/03/04 22:13:01 DB : tunnel added ( obj count = 1 ) 15/03/04 22:13:01 DB : new phase1 ( ISAKMP initiator ) 15/03/04 22:13:01 DB : exchange type is aggressive 15/03/04 22:13:01 DB : 192.168.0.100:500 <-> REMOTEIP:500 15/03/04 22:13:01 DB : e031c3fffcb0fd51:0000000000000000 15/03/04 22:13:01 DB : phase1 added ( obj count = 1 ) 15/03/04 22:13:01 >> : security association payload 15/03/04 22:13:01 >> : - proposal #1 payload  15/03/04 22:13:01 >> : -- transform #1 payload  15/03/04 22:13:01 >> : key exchange payload 15/03/04 22:13:01 >> : nonce payload 15/03/04 22:13:01 >> : identification payload 15/03/04 22:13:01 >> : vendor id payload 15/03/04 22:13:01 ii : local supports nat-t ( draft v00 ) 15/03/04 22:13:01 >> : vendor id payload 15/03/04 22:13:01 ii : local supports nat-t ( draft v01 ) 15/03/04 22:13:01 >> : vendor id payload 15/03/04 22:13:01 ii : local supports nat-t ( draft v02 ) 15/03/04 22:13:01 >> : vendor id payload 15/03/04 22:13:01 ii : local supports nat-t ( draft v03 ) 15/03/04 22:13:01 >> : vendor id payload 15/03/04 22:13:01 ii : local supports nat-t ( rfc ) 15/03/04 22:13:01 >> : vendor id payload 15/03/04 22:13:01 >> : vendor id payload 15/03/04 22:13:01 ii : local supports DPDv1 15/03/04 22:13:01 >> : vendor id payload 15/03/04 22:13:01 ii : local is SHREW SOFT compatible 15/03/04 22:13:01 >> : vendor id payload 15/03/04 22:13:01 ii : local is NETSCREEN compatible 15/03/04 22:13:01 >> : vendor id payload 15/03/04 22:13:01 ii : local is SIDEWINDER compatible 15/03/04 22:13:01 >> : vendor id payload 15/03/04 22:13:01 ii : local is CISCO UNITY compatible 15/03/04 22:13:01 >= : cookies e031c3fffcb0fd51:0000000000000000 15/03/04 22:13:01 >= : message 00000000 15/03/04 22:13:01 -> : send IKE packet 192.168.0.100:500 -> REMOTEIP:500 ( 520 bytes ) 15/03/04 22:13:01 DB : phase1 resend event scheduled ( ref count = 2 ) 15/03/04 22:13:06 -> : resend 1 phase1 packet(s) [0/2] 192.168.0.100:500 -> REMOTEIP:500 15/03/04 22:13:11 -> : resend 1 phase1 packet(s) [1/2] 192.168.0.100:500 -> REMOTEIP:500 15/03/04 22:13:16 -> : resend 1 phase1 packet(s) [2/2] 192.168.0.100:500 -> REMOTEIP:500 15/03/04 22:13:21 ii : resend limit exceeded for phase1 exchange 15/03/04 22:13:21 ii : phase1 removal before expire time 15/03/04 22:13:21 DB : phase1 deleted ( obj count = 0 ) 15/03/04 22:13:21 DB : policy not found 15/03/04 22:13:21 DB : policy not found 15/03/04 22:13:21 DB : policy not found 15/03/04 22:13:21 DB : policy not found 15/03/04 22:13:21 DB : policy not found 15/03/04 22:13:21 DB : policy not found 15/03/04 22:13:21 DB : removing tunnel config references 15/03/04 22:13:21 DB : removing tunnel phase2 references 15/03/04 22:13:21 DB : removing tunnel phase1 references 15/03/04 22:13:21 DB : tunnel deleted ( obj count = 0 ) 15/03/04 22:13:21 DB : removing all peer tunnel references 15/03/04 22:13:21 DB : peer deleted ( obj count = 0 ) 15/03/04 22:13:21 ii : ipc client process thread exit ... 
  • Wenn es manchmal sagt, dass der Tunnel aktiviert ist, kann ich keinen Computer erreichen.

Hier ist das IKE-Serviceprotokoll dafür:

 22:16:08 ii : ipc client process thread begin ... 22:16:08 <A : peer config add message 22:16:08 <A : proposal config message 22:16:08 <A : proposal config message 22:16:08 <A : client config message 22:16:08 <A : local id 'myserver.company.com' message 22:16:08 <A : preshared key message 22:16:08 <A : remote resource message 22:16:08 <A : peer tunnel enable message 22:16:08 DB : peer added ( obj count = 1 ) 22:16:08 ii : local address 192.168.0.100 selected for peer 22:16:08 DB : tunnel added ( obj count = 1 ) 22:16:08 DB : new phase1 ( ISAKMP initiator ) 22:16:08 DB : exchange type is aggressive 22:16:08 DB : 192.168.0.100:500 <-> REMOTEIP:500 22:16:08 DB : f232ff98c4937c18:0000000000000000 22:16:08 DB : phase1 added ( obj count = 1 ) 22:16:08 >> : security association payload 22:16:08 >> : - proposal #1 payload  22:16:08 >> : -- transform #1 payload  22:16:08 >> : key exchange payload 22:16:08 >> : nonce payload 22:16:08 >> : identification payload 22:16:08 >> : vendor id payload 22:16:08 ii : local supports nat-t ( draft v00 ) 22:16:08 >> : vendor id payload 22:16:08 ii : local supports nat-t ( draft v01 ) 22:16:08 >> : vendor id payload 22:16:08 ii : local supports nat-t ( draft v02 ) 22:16:08 >> : vendor id payload 22:16:08 ii : local supports nat-t ( draft v03 ) 22:16:08 >> : vendor id payload 22:16:08 ii : local supports nat-t ( rfc ) 22:16:08 >> : vendor id payload 22:16:08 >> : vendor id payload 22:16:08 ii : local supports DPDv1 22:16:08 >> : vendor id payload 22:16:08 ii : local is SHREW SOFT compatible 22:16:08 >> : vendor id payload 22:16:08 ii : local is NETSCREEN compatible 22:16:08 >> : vendor id payload 22:16:08 ii : local is SIDEWINDER compatible 22:16:08 >> : vendor id payload 22:16:08 ii : local is CISCO UNITY compatible 22:16:08 >= : cookies f232ff98c4937c18:0000000000000000 22:16:08 >= : message 00000000 22:16:08 -> : send IKE packet 192.168.0.100:500 -> REMOTEIP:500 ( 520 bytes ) 22:16:08 DB : phase1 resend event scheduled ( ref count = 2 ) 22:16:08 <- : recv IKE packet REMOTEIP:500 -> 192.168.0.100:500 ( 276 bytes ) 22:16:08 DB : phase1 found 22:16:08 ii : processing phase1 packet ( 276 bytes ) 22:16:08 =< : cookies f232ff98c4937c18:c65052785432b59d 22:16:08 =< : message 00000000 22:16:08 << : security association payload 22:16:08 << : - propsal #1 payload  22:16:08 << : -- transform #1 payload  22:16:08 ii : matched isakmp proposal #1 transform #1 22:16:08 ii : - transform = ike 22:16:08 ii : - cipher type = aes 22:16:08 ii : - key length = 256 bits 22:16:08 ii : - hash type = sha1 22:16:08 ii : - dh group = group2 ( modp-1024 ) 22:16:08 ii : - auth type = psk 22:16:08 ii : - life seconds = 28800 22:16:08 ii : - life kbytes = 0 22:16:08 << : key exchange payload 22:16:08 << : nonce payload 22:16:08 << : identification payload 22:16:08 ii : phase1 id match ( natt prevents ip match ) 22:16:08 ii : received = ipv4-host REMOTEIP 22:16:08 << : hash payload 22:16:08 ii : nat-t is unsupported by remote peer 22:16:08 == : DH shared secret ( 128 bytes ) 22:16:08 == : SETKEYID ( 20 bytes ) 22:16:08 == : SETKEYID_d ( 20 bytes ) 22:16:08 == : SETKEYID_a ( 20 bytes ) 22:16:08 == : SETKEYID_e ( 20 bytes ) 22:16:08 == : cipher key ( 32 bytes ) 22:16:08 == : cipher iv ( 16 bytes ) 22:16:08 == : phase1 hash_i ( computed ) ( 20 bytes ) 22:16:08 >> : hash payload 22:16:08 >= : cookies f232ff98c4937c18:c65052785432b59d 22:16:08 >= : message 00000000 22:16:08 >= : encrypt iv ( 16 bytes ) 22:16:08 == : encrypt packet ( 52 bytes ) 22:16:08 == : stored iv ( 16 bytes ) 22:16:08 DB : phase1 resend event canceled ( ref count = 1 ) 22:16:08 -> : send IKE packet 192.168.0.100:500 -> REMOTEIP:500 ( 88 bytes ) 22:16:08 == : phase1 hash_r ( computed ) ( 20 bytes ) 22:16:08 == : phase1 hash_r ( received ) ( 20 bytes ) 22:16:08 ii : phase1 sa established 22:16:08 ii : REMOTEIP:500 <-> 192.168.0.100:500 22:16:08 ii : f232ff98c4937c18:c65052785432b59d 22:16:08 ii : sending peer INITIAL-CONTACT notification 22:16:08 ii : - 192.168.0.100:500 -> REMOTEIP:500 22:16:08 ii : - isakmp spi = f232ff98c4937c18:c65052785432b59d 22:16:08 ii : - data size 0 22:16:08 >> : hash payload 22:16:08 >> : notification payload 22:16:08 == : new informational hash ( 20 bytes ) 22:16:08 == : new informational iv ( 16 bytes ) 22:16:08 >= : cookies f232ff98c4937c18:c65052785432b59d 22:16:08 >= : message 5c5ce9fa 22:16:08 >= : encrypt iv ( 16 bytes ) 22:16:08 == : encrypt packet ( 80 bytes ) 22:16:08 == : stored iv ( 16 bytes ) 22:16:08 -> : send IKE packet 192.168.0.100:500 -> REMOTEIP:500 ( 120 bytes ) 22:16:08 DB : config added ( obj count = 1 ) 22:16:08 ii : configuration method is manual 22:16:08 DB : phase2 not found 22:16:08 ii : enabled adapter ROOT\VNET\0000  22:16:08 ii : adapter ROOT\VNET\0000 unavailable, retrying ... 22:16:09 ii : apapter ROOT\VNET\0000 MTU is 1380 22:16:09 ii : generating IPSEC security policies at UNIQUE level 22:16:09 ii : creating NONE INBOUND policy ANY:REMOTEIP:* -> ANY:192.168.0.100:* 22:16:09 DB : policy added ( obj count = 1 ) 22:16:09 K> : send pfkey X_SPDADD UNSPEC message 22:16:09 ii : creating NONE OUTBOUND policy ANY:192.168.0.100:* -> ANY:REMOTEIP:* 22:16:09 K< : recv pfkey X_SPDADD UNSPEC message 22:16:09 DB : policy found 22:16:09 ii : created NONE policy route for REMOTEIP/32 22:16:09 DB : policy added ( obj count = 2 ) 22:16:09 K> : send pfkey X_SPDADD UNSPEC message 22:16:09 K< : recv pfkey X_SPDADD UNSPEC message 22:16:09 DB : policy found 22:16:09 ii : creating NONE INBOUND policy ANY:192.168.0.1:* -> ANY:192.168.17.7:* 22:16:09 DB : policy added ( obj count = 3 ) 22:16:09 K> : send pfkey X_SPDADD UNSPEC message 22:16:09 ii : creating NONE OUTBOUND policy ANY:192.168.17.7:* -> ANY:192.168.0.1:* 22:16:09 DB : policy added ( obj count = 4 ) 22:16:09 K> : send pfkey X_SPDADD UNSPEC message 22:16:09 ii : creating IPSEC INBOUND policy ANY:VPN_LOCAL_IP/24:* -> ANY:192.168.17.7:* 22:16:09 K< : recv pfkey X_SPDADD UNSPEC message 22:16:09 DB : policy added ( obj count = 5 ) 22:16:09 DB : policy found 22:16:09 K> : send pfkey X_SPDADD UNSPEC message 22:16:09 K< : recv pfkey X_SPDADD UNSPEC message 22:16:09 DB : policy found 22:16:09 ii : creating IPSEC OUTBOUND policy ANY:192.168.17.7:* -> ANY:VPN_LOCAL_IP/24:* 22:16:09 K< : recv pfkey X_SPDADD UNSPEC message 22:16:09 DB : policy found 22:16:09 ii : created IPSEC policy route for VPN_LOCAL_IP/24 22:16:09 DB : policy added ( obj count = 6 ) 22:16:09 K> : send pfkey X_SPDADD UNSPEC message 22:16:09 K< : recv pfkey X_SPDADD UNSPEC message 22:16:09 DB : policy found 22:16:09 ii : split DNS is disabled 22:16:12 K< : recv pfkey ACQUIRE UNSPEC message 22:16:12 DB : policy found 22:16:12 DB : policy found 22:16:12 DB : tunnel found 22:16:12 DB : new phase2 ( IPSEC initiator ) 22:16:12 DB : phase2 added ( obj count = 1 ) 22:16:12 K> : send pfkey GETSPI ESP message 22:16:12 K< : recv pfkey GETSPI ESP message 22:16:12 DB : phase2 found 22:16:12 ii : updated spi for 1 ipsec-esp proposal 22:16:12 DB : phase1 found 22:16:12 >> : hash payload 22:16:12 >> : security association payload 22:16:12 >> : - proposal #1 payload  22:16:12 >> : -- transform #1 payload  22:16:12 >> : nonce payload 22:16:12 >> : key exchange payload 22:16:12 >> : identification payload 22:16:12 >> : identification payload 22:16:12 == : phase2 hash_i ( input ) ( 248 bytes ) 22:16:12 == : phase2 hash_i ( computed ) ( 20 bytes ) 22:16:12 == : new phase2 iv ( 16 bytes ) 22:16:12 >= : cookies f232ff98c4937c18:c65052785432b59d 22:16:12 >= : message 4a2d1878 22:16:12 >= : encrypt iv ( 16 bytes ) 22:16:12 == : encrypt packet ( 296 bytes ) 22:16:12 == : stored iv ( 16 bytes ) 22:16:12 -> : send IKE packet 192.168.0.100:500 -> REMOTEIP:500 ( 328 bytes ) 22:16:12 DB : phase2 resend event scheduled ( ref count = 2 ) 22:16:17 -> : resend 1 phase2 packet(s) [0/2] 192.168.0.100:500 -> REMOTEIP:500 22:16:22 -> : resend 1 phase2 packet(s) [1/2] 192.168.0.100:500 -> REMOTEIP:500 22:16:27 -> : resend 1 phase2 packet(s) [2/2] 192.168.0.100:500 -> REMOTEIP:500 22:16:30 K< : recv pfkey ACQUIRE UNSPEC message 22:16:30 DB : policy found 22:16:30 DB : policy found 22:16:30 DB : tunnel found 22:16:30 DB : new phase2 ( IPSEC initiator ) 22:16:30 DB : phase2 added ( obj count = 2 ) 22:16:30 K> : send pfkey GETSPI ESP message 22:16:30 K< : recv pfkey GETSPI ESP message 22:16:30 DB : phase2 found 22:16:30 ii : updated spi for 1 ipsec-esp proposal 22:16:30 DB : phase1 found 22:16:30 >> : hash payload 22:16:30 >> : security association payload 22:16:30 >> : - proposal #1 payload  22:16:30 >> : -- transform #1 payload  22:16:30 >> : nonce payload 22:16:30 >> : key exchange payload 22:16:30 >> : identification payload 22:16:30 >> : identification payload 22:16:30 == : phase2 hash_i ( input ) ( 248 bytes ) 22:16:30 == : phase2 hash_i ( computed ) ( 20 bytes ) 22:16:30 == : new phase2 iv ( 16 bytes ) 22:16:30 >= : cookies f232ff98c4937c18:c65052785432b59d 22:16:30 >= : message b4687a6c 22:16:30 >= : encrypt iv ( 16 bytes ) 22:16:30 == : encrypt packet ( 296 bytes ) 22:16:30 == : stored iv ( 16 bytes ) 22:16:30 -> : send IKE packet 192.168.0.100:500 -> REMOTEIP:500 ( 328 bytes ) 22:16:30 DB : phase2 resend event scheduled ( ref count = 2 ) 22:16:32 <A : peer tunnel disable message 22:16:32 DB : policy found 22:16:32 ii : removing IPSEC INBOUND policy ANY:VPN_LOCAL_IP/24:* -> ANY:192.168.17.7:* 22:16:32 K> : send pfkey X_SPDDELETE2 UNSPEC message 22:16:32 DB : policy found 22:16:32 ii : removing IPSEC OUTBOUND policy ANY:192.168.17.7:* -> ANY:VPN_LOCAL_IP/24:* 22:16:32 K> : send pfkey X_SPDDELETE2 UNSPEC message 22:16:32 K< : recv pfkey X_SPDDELETE2 UNSPEC message 22:16:32 ii : removed IPSEC policy route for ANY:VPN_LOCAL_IP/24:* 22:16:32 DB : policy found 22:16:32 ii : removing NONE INBOUND policy ANY:192.168.0.1:* -> ANY:192.168.17.7:* 22:16:32 K> : send pfkey X_SPDDELETE2 UNSPEC message 22:16:32 DB : policy found 22:16:32 ii : removing NONE OUTBOUND policy ANY:192.168.17.7:* -> ANY:192.168.0.1:* 22:16:32 K> : send pfkey X_SPDDELETE2 UNSPEC message 22:16:32 DB : policy found 22:16:32 ii : removing NONE INBOUND policy ANY:REMOTEIP:* -> ANY:192.168.0.100:* 22:16:32 K> : send pfkey X_SPDDELETE2 UNSPEC message 22:16:32 DB : policy found 22:16:32 ii : removing NONE OUTBOUND policy ANY:192.168.0.100:* -> ANY:REMOTEIP:* 22:16:32 K> : send pfkey X_SPDDELETE2 UNSPEC message 22:16:32 ii : removed NONE policy route for ANY:REMOTEIP:* 22:16:32 DB : policy found 22:16:32 DB : policy deleted ( obj count = 5 ) 22:16:32 K< : recv pfkey X_SPDDELETE2 UNSPEC message 22:16:32 DB : policy found 22:16:32 DB : policy deleted ( obj count = 4 ) 22:16:32 K< : recv pfkey X_SPDDELETE2 UNSPEC message 22:16:32 DB : policy found 22:16:32 DB : policy deleted ( obj count = 3 ) 22:16:32 K< : recv pfkey X_SPDDELETE2 UNSPEC message 22:16:32 DB : policy found 22:16:32 DB : policy deleted ( obj count = 2 ) 22:16:32 K< : recv pfkey X_SPDDELETE2 UNSPEC message 22:16:32 DB : policy found 22:16:32 DB : policy deleted ( obj count = 1 ) 22:16:32 K< : recv pfkey X_SPDDELETE2 UNSPEC message 22:16:32 DB : policy found 22:16:32 DB : policy deleted ( obj count = 0 ) 22:16:32 ii : disable adapter ROOT\VNET\0000 22:16:32 DB : tunnel stats event canceled ( ref count = 5 ) 22:16:32 DB : removing tunnel config references 22:16:32 DB : config deleted ( obj count = 0 ) 22:16:32 DB : removing tunnel phase2 references 22:16:32 DB : phase2 resend event canceled ( ref count = 1 ) 22:16:32 ii : phase2 removal before expire time 22:16:32 DB : phase2 deleted ( obj count = 1 ) 22:16:32 DB : phase2 resend event canceled ( ref count = 1 ) 22:16:32 ii : phase2 removal before expire time 22:16:32 DB : phase2 deleted ( obj count = 0 ) 22:16:32 DB : removing tunnel phase1 references 22:16:32 DB : phase1 soft event canceled ( ref count = 3 ) 22:16:32 DB : phase1 hard event canceled ( ref count = 2 ) 22:16:32 DB : phase1 dead event canceled ( ref count = 1 ) 22:16:32 ii : sending peer DELETE message 22:16:32 ii : - 192.168.0.100:500 -> REMOTEIP:500 22:16:32 ii : - isakmp spi = f232ff98c4937c18:c65052785432b59d 22:16:32 ii : - data size 0 22:16:32 >> : hash payload 22:16:32 >> : delete payload 22:16:32 == : new informational hash ( 20 bytes ) 22:16:32 == : new informational iv ( 16 bytes ) 22:16:32 >= : cookies f232ff98c4937c18:c65052785432b59d 22:16:32 >= : message 66fddf83 22:16:32 >= : encrypt iv ( 16 bytes ) 22:16:32 == : encrypt packet ( 80 bytes ) 22:16:32 == : stored iv ( 16 bytes ) 22:16:32 -> : send IKE packet 192.168.0.100:500 -> REMOTEIP:500 ( 120 bytes ) 22:16:32 ii : phase1 removal before expire time 22:16:32 DB : phase1 deleted ( obj count = 0 ) 22:16:32 DB : tunnel deleted ( obj count = 0 ) 22:16:32 DB : removing all peer tunnel references 22:16:32 DB : peer deleted ( obj count = 0 ) 22:16:32 ii : ipc client process thread exit ... 

Das kann ich sehen:

Der ShrewSoft VPN-Client funktioniert nicht mehr unter Windows 8.1 x64

AKTUALISIEREN:

Dies ist das Protokoll einer funktionierenden Verbindung:

ii : rebuilding vnet device list ... ii : device ROOT\VNET\0000 disabled ii : pfkey process thread begin ... ii : ipc server process thread begin ... ii : network process thread begin ... ii : ipc client process thread begin ... <A : peer config add message <A : proposal config message <A : proposal config message <A : client config message <A : local id 'myserver.company.com' message <A : preshared key message <A : remote resource message <A : peer tunnel enable message DB : peer added ( obj count = 1 ) ii : local address LOCALIP selected for peer DB : tunnel added ( obj count = 1 ) DB : new phase1 ( ISAKMP initiator ) DB : exchange type is aggressive DB : LOCALIP:500 <-> REMOTEIP:500 DB : 3cbc1e92c5a533c2:0000000000000000 DB : phase1 added ( obj count = 1 ) >> : security association payload >> : - proposal #1 payload  >> : -- transform #1 payload  >> : key exchange payload >> : nonce payload >> : identification payload >> : vendor id payload ii : local supports nat-t ( draft v00 ) >> : vendor id payload ii : local supports nat-t ( draft v01 ) >> : vendor id payload ii : local supports nat-t ( draft v02 ) >> : vendor id payload ii : local supports nat-t ( draft v03 ) >> : vendor id payload ii : local supports nat-t ( rfc ) >> : vendor id payload >> : vendor id payload ii : local supports DPDv1 >> : vendor id payload ii : local is SHREW SOFT compatible >> : vendor id payload ii : local is NETSCREEN compatible >> : vendor id payload ii : local is SIDEWINDER compatible >> : vendor id payload ii : local is CISCO UNITY compatible >= : cookies 3cbc1e92c5a533c2:0000000000000000 >= : message 00000000 -> : send IKE packet LOCALIP:500 -> REMOTEIP:500 ( 520 bytes ) DB : phase1 resend event scheduled ( ref count = 2 ) <- : recv IKE packet REMOTEIP:500 -> LOCALIP:500 ( 276 bytes ) DB : phase1 found ii : processing phase1 packet ( 276 bytes ) =< : cookies 3cbc1e92c5a533c2:8f1d0b7661933e0d =< : message 00000000 << : security association payload << : - propsal #1 payload  << : -- transform #1 payload  ii : matched isakmp proposal #1 transform #1 ii : - transform = ike ii : - cipher type = aes ii : - key length = 256 bits ii : - hash type = sha1 ii : - dh group = group2 ( modp-1024 ) ii : - auth type = psk ii : - life seconds = 28800 ii : - life kbytes = 0 << : key exchange payload << : nonce payload << : identification payload ii : phase1 id match ( natt prevents ip match ) ii : received = ipv4-host REMOTEIP << : hash payload ii : nat-t is unsupported by remote peer == : DH shared secret ( 128 bytes ) == : SETKEYID ( 20 bytes ) == : SETKEYID_d ( 20 bytes ) == : SETKEYID_a ( 20 bytes ) == : SETKEYID_e ( 20 bytes ) == : cipher key ( 32 bytes ) == : cipher iv ( 16 bytes ) == : phase1 hash_i ( computed ) ( 20 bytes ) >> : hash payload >= : cookies 3cbc1e92c5a533c2:8f1d0b7661933e0d >= : message 00000000 >= : encrypt iv ( 16 bytes ) == : encrypt packet ( 52 bytes ) == : stored iv ( 16 bytes ) DB : phase1 resend event canceled ( ref count = 1 ) -> : send IKE packet LOCALIP:500 -> REMOTEIP:500 ( 88 bytes ) == : phase1 hash_r ( computed ) ( 20 bytes ) == : phase1 hash_r ( received ) ( 20 bytes ) ii : phase1 sa established ii : REMOTEIP:500 <-> LOCALIP:500 ii : 3cbc1e92c5a533c2:8f1d0b7661933e0d ii : sending peer INITIAL-CONTACT notification ii : - LOCALIP:500 -> REMOTEIP:500 ii : - isakmp spi = 3cbc1e92c5a533c2:8f1d0b7661933e0d ii : - data size 0 >> : hash payload >> : notification payload == : new informational hash ( 20 bytes ) == : new informational iv ( 16 bytes ) >= : cookies 3cbc1e92c5a533c2:8f1d0b7661933e0d >= : message 7061fc09 >= : encrypt iv ( 16 bytes ) == : encrypt packet ( 80 bytes ) == : stored iv ( 16 bytes ) -> : send IKE packet LOCALIP:500 -> REMOTEIP:500 ( 120 bytes ) DB : config added ( obj count = 1 ) ii : configuration method is manual DB : phase2 not found ii : enabled adapter ROOT\VNET\0000  ii : adapter ROOT\VNET\0000 unavailable, retrying ... ii : apapter ROOT\VNET\0000 MTU is 1380 ii : generating IPSEC security policies at UNIQUE level ii : creating NONE INBOUND policy ANY:REMOTEIP:* -> ANY:LOCALIP:* DB : policy added ( obj count = 1 ) K> : send pfkey X_SPDADD UNSPEC message ii : creating NONE OUTBOUND policy ANY:LOCALIP:* -> ANY:REMOTEIP:* K< : recv pfkey X_SPDADD UNSPEC message DB : policy found ii : created NONE policy route for REMOTEIP/32 DB : policy added ( obj count = 2 ) K> : send pfkey X_SPDADD UNSPEC message K< : recv pfkey X_SPDADD UNSPEC message DB : policy found ii : creating IPSEC INBOUND policy ANY:VPN_IP/24:* -> ANY:192.168.17.1:* DB : policy added ( obj count = 3 ) K> : send pfkey X_SPDADD UNSPEC message ii : creating IPSEC OUTBOUND policy ANY:192.168.17.1:* -> ANY:VPN_IP/24:* K< : recv pfkey X_SPDADD UNSPEC message DB : policy found ii : created IPSEC policy route for VPN_IP/24 DB : policy added ( obj count = 4 ) K> : send pfkey X_SPDADD UNSPEC message K< : recv pfkey X_SPDADD UNSPEC message DB : policy found ii : split DNS is disabled K< : recv pfkey ACQUIRE UNSPEC message DB : policy found DB : policy found DB : tunnel found DB : new phase2 ( IPSEC initiator ) DB : phase2 added ( obj count = 1 ) K> : send pfkey GETSPI ESP message K< : recv pfkey GETSPI ESP message DB : phase2 found ii : updated spi for 1 ipsec-esp proposal DB : phase1 found >> : hash payload >> : security association payload >> : - proposal #1 payload  >> : -- transform #1 payload  >> : nonce payload >> : key exchange payload >> : identification payload >> : identification payload == : phase2 hash_i ( input ) ( 248 bytes ) == : phase2 hash_i ( computed ) ( 20 bytes ) == : new phase2 iv ( 16 bytes ) >= : cookies 3cbc1e92c5a533c2:8f1d0b7661933e0d >= : message 907d2142 >= : encrypt iv ( 16 bytes ) == : encrypt packet ( 296 bytes ) == : stored iv ( 16 bytes ) -> : send IKE packet LOCALIP:500 -> REMOTEIP:500 ( 328 bytes ) DB : phase2 resend event scheduled ( ref count = 2 ) <- : recv IKE packet REMOTEIP:500 -> LOCALIP:500 ( 300 bytes ) DB : phase1 found ii : processing phase2 packet ( 300 bytes ) DB : phase2 found =< : cookies 3cbc1e92c5a533c2:8f1d0b7661933e0d =< : message 907d2142 =< : decrypt iv ( 16 bytes ) == : decrypt packet ( 300 bytes ) <= : trimmed packet padding ( 8 bytes ) <= : stored iv ( 16 bytes ) << : hash payload << : security association payload << : - propsal #1 payload  << : -- transform #1 payload  << : nonce payload << : key exchange payload << : identification payload << : identification payload == : phase2 hash_r ( input ) ( 264 bytes ) == : phase2 hash_r ( computed ) ( 20 bytes ) == : phase2 hash_r ( received ) ( 20 bytes ) ii : matched ipsec-esp proposal #1 transform #1 ii : - transform = esp-aes ii : - key length = 256 bits ii : - encap mode = tunnel ii : - msg auth = hmac-sha1 ii : - pfs dh group = group2 ( modp-1024 ) ii : - life seconds = 3600 ii : - life kbytes = 0 DB : policy found K> : send pfkey GETSPI ESP message ii : phase2 ids accepted ii : - loc ANY:192.168.17.1:* -> ANY:VPN_IP/24:* ii : - rmt ANY:VPN_IP/24:* -> ANY:192.168.17.1:* ii : phase2 sa established ii : LOCALIP:500 <-> REMOTEIP:500 == : phase2 hash_p ( input ) ( 41 bytes ) == : phase2 hash_p ( computed ) ( 20 bytes ) >> : hash payload K< : recv pfkey GETSPI ESP message >= : cookies 3cbc1e92c5a533c2:8f1d0b7661933e0d DB : phase2 found >= : message 907d2142 >= : encrypt iv ( 16 bytes ) == : encrypt packet ( 52 bytes ) == : stored iv ( 16 bytes ) DB : phase2 resend event canceled ( ref count = 1 ) -> : send IKE packet LOCALIP:500 -> REMOTEIP:500 ( 88 bytes ) == : PFS DH shared secret ( 128 bytes ) == : spi cipher key data ( 32 bytes ) == : spi hmac key data ( 20 bytes ) K> : send pfkey UPDATE ESP message == : spi cipher key data ( 32 bytes ) == : spi hmac key data ( 20 bytes ) K> : send pfkey UPDATE ESP message K< : recv pfkey UPDATE ESP message K< : recv pfkey UPDATE ESP message 

Ich habe die Software bereits neu installiert. Was ist schief gelaufen? Was soll ich machen?

0
Nach dem 15.03.04 22:16:32 TOOGAM vor 9 Jahren 0
@ TOOGAM: Siehe den ursprünglichen Beitrag des Updates. Wir teilen dieselbe Konfigurationsdatei. Ich bin nicht deaktiviert, also können wir nicht sagen, warum ich keine funktionierende Verbindung aufbauen kann. Nestor vor 9 Jahren 0

3 Antworten auf die Frage

0
Sebastinovitch

Ich habe die Kompatibilitätsoption der .exe mit Windows 7 eingestellt und Shrew funktioniert jetzt einwandfrei.

Auf welche ".exe" beziehen Sie sich genau? Daniel B vor 9 Jahren 1
0
Johnny Rotten

Ich hatte das gleiche Problem mit ShrewSoft VPN unter Windows 8.1 x64. Es war keine Verbindung - es reichte nur zu:


lokale ID konfiguriert

Remote-ID konfiguriert

Pre-Shared Key konfiguriert

Tunnel hochfahren ...


und das ist alles. Nach einiger Zeit wurde die Verbindung wegen Timeout unterbrochen.

Was ich gemacht habe war:

den Ordner appdata, den versteckten Ordner programdata

  • Registrierung: Öffnen Sie regedit.exe und suchen Sie nach dem String "shrew" und löschen Sie alles, was Sie finden. Am wichtigsten ist der Eintrag über den ShrewSoft Virtual Adapter

  • Gehen Sie zum Ordner c: windows \ system32 \ drivers und löschen Sie "virtualnet.sys" und "vfilter.sys".

  • Neustart

  • Installieren Sie ShrewSoft erneut

  • Neustart

  • Endlich booten, ShrewSoft starten, PCF importieren und fertig - fertig, endlich!

-1
Karry0077

Alles was Sie tun müssen, ist REGEDIT zu öffnen. Gehen Sie zu HKEY_LOCAL_MACHINE / SOFTWARE / SHREWSOFT / VPN. und löschen Sie alle Einträge. Einige Einträge werden nicht gelöscht, aber keine Sorge. Öffnen Sie dann das Installationsprogramm von SHREWSOFT Application. Installationsort nicht ändern Während der Installation kann nicht nach bestimmten Werten (den von uns gelöschten Werten) gesucht werden. Wenn Fehler POPS, IGNORE es. Einmal installiert Starten Sie VPN CLIENT, Importieren Sie die .PCF-Datei und Voila. Es wird klappen.