[VPN] Netscreen 5 Problems - P2 Proxy ID

osmond at holburn.com osmond at holburn.com
Thu Oct 10 10:40:16 EDT 2002


Thanks for all the help people suggested, I've changed clients to a 
Netscreen 7 client to try and connect to my Netscreen 5xp. 

Now I can get past phase 1, but not 2. I've run the debug on the netscreen 
and come up with this: 

(IP address have been replaced with fictional addresses) 

Anyone have any ideas why this isn't working? 

##2002-10-10 09:36:19 system-debugging: *done(52b14476)
##2002-10-10 09:36:19 system-debugging: IKE <168.64.2.28> Phase 2 msg-id 
<52b14476>: Responded to the first peer message.
##2002-10-10 09:36:19 system-debugging: Resonder not set commit bit on 2nd 
QM.
##2002-10-10 09:36:19 system-debugging: Decrypting payload (length 264)
##2002-10-10 09:36:19 system-debugging:   validate(264): 8/24 1/76 10/100 
4/232 5/244 5/260
##2002-10-10 09:36:19 system-debugging:     Receiving <--
##2002-10-10 09:36:19 system-debugging: Payload: Hash Security_Assoc Nonce 
Key_Exchange Identification Identification
##2002-10-10 09:36:19 system-debugging: extract(264):
##2002-10-10 09:36:19 system-debugging: Error: No phase 2 proxy id from peer 
168.64.2.28, message_id<52b14476>.
##2002-10-10 09:36:19 system-debugging: oakley_process_quick_mode():exit
##2002-10-10 09:36:19 system-debugging: IKE <168.64.2.28> Phase 2 msg-id 
<52b14476>: Negotiations have failed.
##2002-10-10 09:36:19 system-debugging:   Delete conn entry...
##2002-10-10 09:36:19 system-debugging: found(52b14476) 




More information about the VPN mailing list