[ S a l e @ 19.01.2006. 16:02 ] @
| Imam problem oko IPSec (site2site) konekcije izmedju Mikrotik i Cisco PIX. PC_A treba da komunicira sa PC_B preko te konekcije. PC_A ima private IP koju sam preko SRC-NAT "prebacio" u public IP (zbog mreze u kojoj je PC_B). Status u MT logu je ovaj: Code: 16:46:50 ipsec,ike,info received ISAKMP packet from [CISCO]:500, phase 2, Informational 16:46:50 ipsec,ike,info unexpected Informational exchange (remote unknown) 16:51:03 ipsec,ike,info queuing SA request, phase 1 with peer [CISCO] will be established first 16:51:03 ipsec,ike,info initiating phase 1, starting mode Identity Protection (local [MIKROTIK]:500) (remote unknown) 16:51:03 ipsec,info ipsec packet discarded: src=[PUB_IP_OF_PC_A] dst=[PC_B] 16:51:03 ipsec,ike,info received ISAKMP packet from [CISCO]:500, phase 1, Identity Protection 16:51:03 ipsec,ike,info received ISAKMP packet from [CISCO]:500, phase 1, Identity Protection 16:51:03 ipsec,ike,info received ISAKMP packet from [CISCO]:500, phase 1, Identity Protection 16:51:03 ipsec,ike,info packet has invalid ID payload (remote unknown) 16:51:03 ipsec,ike,info received ISAKMP packet from [CISCO]:500, phase 2, Informational 16:51:08 ipsec,info ipsec packet discarded: src=[PUB_IP_OF_PC_A] dst=[PC_B] 16:51:14 ipsec,info ipsec packet discarded: src=[PUB_IP_OF_PC_A] dst=[PC_B] 16:51:19 ipsec,info ipsec packet discarded: src=[PUB_IP_OF_PC_A] dst=[PC_B] 16:51:34 ipsec,ike,info dequeuing SA request to [CISCO], phase 1 wait timed out 16:52:03 ipsec,ike,info phase 1 negotiation timed out Da li treba nesto da otvorim na firewall-u da bi mogao da se uspostavi IPSec? [Ovu poruku je menjao S a l e dana 19.01.2006. u 17:11 GMT+1] |