Есть две сети, соединенные с помощью VPN через Интернет редко используемых межсетевых экранов Zywall.
Неделю назад VPN-соединение не удалось установить, и с тех пор его невозможно установить.
Сети теперь не могут видеть друг друга, они не могут даже пинговать / ssh свои публичные адреса. Из любой другой сети в Интернете они оба видны. Они также могут видеть публичный адрес другого пользователя при использовании выхода 4g wan вместо wan1.
Я попытался на мгновение отключить политику безопасности (как таковой брандмауэр), но безуспешно. Они не могут ssh / ping друг друга, и тем более установить vpn.
Нет никакого правила NAT, которое затрагивает порт 500 или какой-либо странный порт. Может быть проблема с маршрутизацией? Ожидает ли межсетевой экран использовать VPN-маршрут для доступа к другой сети?
Что еще я могу запустить, кроме traceroute, для устранения этой проблемы с видимостью?
Отчеты traceroute:
FROM Network 2
# ping 11.22.33.44 -n -c 3 -I eth1
PING 11.22.33.44 (11.22.33.44) from 44.33.22.11 eth1: 56(84) bytes of data.
64 bytes from 11.22.33.44: icmp_seq=1 ttl=46 time=151 ms
64 bytes from 11.22.33.44: icmp_seq=2 ttl=46 time=74.6 ms
64 bytes from 11.22.33.44: icmp_seq=3 ttl=46 time=76.6 ms
--- 11.22.33.44 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 74.645/100.804/151.091/35.568 ms
# traceroute -4 11.22.33.44 -n -i eth1
traceroute to 11.22.33.44 (11.22.33.44), 30 hops max, 60 byte packets
1 192.168.8.1 0.509 ms 0.518 ms 0.370 ms
2 100.64.64.1 35.393 ms 35.274 ms 35.137 ms
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 11.22.33.44 87.177 ms 87.052 ms 87.776 ms
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
# traceroute -4 11.22.33.44 -n -i eth0
traceroute to 11.22.33.44 (11.22.33.44), 30 hops max, 60 byte packets
1 10.17.0.1 10.913 ms 10.704 ms 10.466 ms
2 37.0.32.61 14.442 ms 14.439 ms 15.098 ms
3 10.250.7.1 14.050 ms 14.235 ms 14.105 ms
4 10.253.72.10 14.962 ms 14.820 ms 14.964 ms
5 213.230.56.15 15.026 ms 14.874 ms 19.417 ms
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
FROM network 1
# traceroute -4 44.33.22.11 -n -i eth0
traceroute to 44.33.22.11 (44.33.22.11), 30 hops max, 60 byte packets
1 10.10.254.26 9.157 ms 9.089 ms 8.980 ms
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
# traceroute -4 44.33.22.11 -n -i eth1
traceroute to 44.33.22.11 (44.33.22.11), 30 hops max, 60 byte packets
1 192.168.8.1 0.505 ms 0.769 ms 0.734 ms
2 * * *
3 10.200.102.217 137.352 ms 137.312 ms 137.098 ms
4 10.200.102.65 140.616 ms 140.575 ms 148.781 ms
5 10.200.102.66 140.246 ms 140.062 ms 139.860 ms
6 212.161.142.13 140.036 ms 139.658 ms 139.466 ms
7 91.206.52.172 148.026 ms 41.202 ms 41.152 ms
8 * * *
9 62.192.25.38 58.491 ms 58.504 ms 58.153 ms
10 213.230.52.158 58.334 ms 213.230.52.156 58.097 ms 58.110 ms
11 * * *
12 * * *
13 37.0.32.62 55.943 ms 55.779 ms 55.724 ms
14 44.33.22.11 65.207 ms 59.644 ms 59.476 ms
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
VPN-переговоры
Согласование IKE из сети 1 в сеть 2
[...]
Dec 19 12:06:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Detect deleted tunnel[NET1-NET2](#2, 0x1066eb5c), IKE[NET1-NET2-GW](#4), refcount: 2, deletion: 0" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Not a deleted tunnel[NET1-NET2](#2, 0x1066eb5c), refcount: 2, deletion: 0" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Starting DNS query" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="DNS query ended" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xa39f20188f6f1b51 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Tunnel [NET1-NET2] Sending IKE request" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xa39f20188f6f1b51 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send Main Mode request to [44.33.22.11]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xa39f20188f6f1b51 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:06:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:01 helisrv CRON[17748]: (www-data) CMD (/usr/bin/php5 /usr/share/glpi/front/cron.php)
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Starting DNS query" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="DNS query ended" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Auto-start: Auto-start already active for rule NET1-NET2" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xa39f20188f6f1b51 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="ISAKMP SA [NET1-NET2-GW] is disconnected" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKEv1 SA [Initiator] negotiation failed:" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Local IKE peer 11.22.33.44:500 ID (null)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Remote IKE peer 44.33.22.11:500 ID (null)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Message: Timed out (65540)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="[NET1-NET2-GW(#4)] IKE SA negotiations: 7194 done, 0 successful, 7194 failed" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" IKEv1 Error : Timeout" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Peer not reachable" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKE SA destroyed: " note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:07:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Initiator SPI a39f2018 8f6f1b51 Responder SPI 00000000 00000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="as_fail_retry: 1, Tunnel:[NET1-NET2](#2, 0x1066eb5c)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0x4217f44e670a69ec / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Tunnel [NET1-NET2] Sending IKE request" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0x4217f44e670a69ec / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send Main Mode request to [44.33.22.11]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0x4217f44e670a69ec / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:01 helisrv CRON[17857]: (www-data) CMD (/usr/bin/php5 /usr/share/glpi/front/cron.php)
Dec 19 12:08:30 2017 helizywall-110 src="44.33.22.11:500" dst="11.22.33.44:500" msg="The cookie pair is : 0xb81615cfd668d493 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="44.33.22.11:500" dst="11.22.33.44:500" msg="Recv Main Mode request from [44.33.22.11]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="44.33.22.11:500" dst="11.22.33.44:500" msg="The cookie pair is : 0x599860b4b9cfb933 / 0xb81615cfd668d493" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="44.33.22.11:500" dst="11.22.33.44:500" msg="Recv:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID][VID]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKE auth method Pre-shared keys, SA lifetime: 3000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="44.33.22.11:500" dst="11.22.33.44:500" msg="Recv IKE sa: SA([0] protocol = IKE (1), DES, HMAC-MD5 PRF, HMAC-MD5-96, 768 bit MODP; )." note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xb81615cfd668d493 / 0x599860b4b9cfb933" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:30 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Starting DNS query" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="DNS query ended" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:08:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Auto-start: Auto-start already active for rule NET1-NET2" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0x4217f44e670a69ec / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="ISAKMP SA [NET1-NET2-GW] is disconnected" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKEv1 SA [Initiator] negotiation failed:" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Local IKE peer 11.22.33.44:500 ID (null)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Remote IKE peer 44.33.22.11:500 ID (null)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Message: Timed out (65540)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="[NET1-NET2-GW(#4)] IKE SA negotiations: 7195 done, 0 successful, 7195 failed" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" IKEv1 Error : Timeout" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKE SA destroyed: " note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:00 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Initiator SPI 4217f44e 670a69ec Responder SPI 00000000 00000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:02 helisrv CRON[17902]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -depth -mindepth 1 -maxdepth 1 -type f -ignore_readdir_race -cmin +$(/usr/lib/php5/maxlifetime) ! -execdir fuser -s {} 2>/dev/null \; -delete)
Dec 19 12:09:02 helisrv CRON[17906]: (www-data) CMD (/usr/bin/php5 /usr/share/glpi/front/cron.php)
Dec 19 12:09:05 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="as_fail_retry: 2, Tunnel:[NET1-NET2](#2, 0x1066eb5c)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:10 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="as_fail_retry: 1, Tunnel:[NET1-NET2](#2, 0x1066eb5c)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xb81615cfd668d493 / 0x599860b4b9cfb933" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="ISAKMP SA [NET1-NET2-GW] is disconnected" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKEv1 SA [Responder] negotiation failed:" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Local IKE peer 11.22.33.44:500 ID (null)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Remote IKE peer 44.33.22.11:500 ID (null)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Message: Timed out (65540)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="[NET1-NET2-GW(#4)] IKE SA negotiations: 7196 done, 0 successful, 7196 failed" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" IKEv1 Error : Timeout" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="IKE SA destroyed: " note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg=" Initiator SPI b81615cf d668d493 Responder SPI 599860b4 b9cfb933" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:30 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="as_fail_retry: 3, Tunnel:[NET1-NET2](#2, 0x1066eb5c)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:35 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="as_fail_retry: 2, Tunnel:[NET1-NET2](#2, 0x1066eb5c)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="as_fail_retry: 1, Tunnel:[NET1-NET2](#2, 0x1066eb5c)" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xc17aaf4fa8a5f060 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Tunnel [NET1-NET2] Sending IKE request" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xc17aaf4fa8a5f060 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send Main Mode request to [44.33.22.11]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="The cookie pair is : 0xc17aaf4fa8a5f060 / 0x0000000000000000" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:41 2017 helizywall-110 src="11.22.33.44:500" dst="44.33.22.11:500" msg="Send:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID]" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Starting DNS query" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="DNS query ended" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Dec 19 12:09:54 2017 helizywall-110 src="0.0.0.0:0" dst="0.0.0.0:0" msg="Auto-start: Auto-start already active for rule NET1-NET2" note="IKE_LOG" user="unknown" devID="a0e4cb7dd124" cat="IKE"
Выход mtr из сети 1 в сеть 2
Start: Tue Dec 19 15:16:19 2017
HOST: boo Loss% Snt Last Avg Best Wrst StDev
1.|-- 192.168.30.1 0.0% 10 0.4 0.3 0.2 0.4 0.0
2.|-- 10.10.254.26 0.0% 10 8.3 8.6 6.3 12.6 1.7
3.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
Выход mtr из сети 2 в сеть 1
HOST: foo Loss% Snt Last Avg Best Wrst StDev
1.|-- 192.168.1.254 0.0% 10 0.4 0.4 0.4 0.5 0.0
2.|-- 10.17.0.1 0.0% 10 29.9 15.8 11.0 29.9 5.4
3.|-- 10.17.0.1 20.0% 10 14.0 14.8 10.5 25.1 5.1
4.|-- 37.0.32.61 0.0% 10 15.7 16.5 12.2 22.9 3.3
5.|-- 10.250.7.1 0.0% 10 16.1 16.2 10.4 23.9 3.9
6.|-- 10.253.72.10 0.0% 10 19.9 18.3 11.8 28.7 5.0
7.|-- 213.230.56.15 40.0% 10 16.8 15.5 12.6 18.3 1.8
8.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0