Did anybody get it up and running?
Using OS X 10.10.2 (Yosemite) with the built in VPN client (Racoon) and the ZyWALL 110 with FW 4.10(AAAA.2).
I was able to get past IPSec Phase 1 by adding AES256 and SHA1 to the proposal and changing the keygroup to DH2.
But I am not able to get Phase 2 up and running.....
The cookie pair is : 0x8d3f86b0e0892653 / 0x0000000000000000
Recv Main Mode request from [77.40.138.9]
The cookie pair is : 0x30429b912cdb6f40 / 0x8d3f86b0e0892653 [count=3]
Recv:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID][VID][VID][VID]
The cookie pair is : 0x8d3f86b0e0892653 / 0x30429b912cdb6f40 [count=2]
Send:[SA][VID][VID][VID][VID][VID][VID][VID][VID]
Recv:[KE][NONCE][PRV][PRV]
Send:[KE][NONCE][PRV][PRV]
Recv:[ID][HASH][NOTIFY:INITIAL_CONTACT]
The cookie pair is : 0x8d3f86b0e0892653 / 0x30429b912cdb6f40 [count=2]
Send:[ID][HASH]
The cookie pair is : 0x8d3f86b0e0892653 / 0x30429b912cdb6f40 [count=2]
Phase 1 IKE SA process done
The cookie pair is : 0x30429b912cdb6f40 / 0x8d3f86b0e0892653
Recv:[HASH][SA][NONCE][ID][ID][PRV][PRV]
[SA] : No proposal chosen
Send:[HASH][NOTIFY:NO_PROPOSAL_CHOSEN]
The cookie pair is : 0x30429b912cdb6f40 / 0x8d3f86b0e0892653 [count=2]
Recv:[HASH][DEL]
Received delete notification
The cookie pair is : 0x8d3f86b0e0892653 / 0x30429b912cdb6f40
ISAKMP SA [L2TP_IPSEC_Dyn_GW] is disconnected
This is a roadwarrior setup, so the idea is that people* "dial-in" from anywhere.
*friggin (l)users that aren't happy with a ssh tunnel through my little dark server in the corner.... its to difficult, nag nag nag :D
--
"Perl is executable line noise, Python is executable pseudo-code."
↧