Эта ошибка заставляет меня исследовать мои параметры шифрования:
003 "sonicwall" #2: ignoring unknown Vendor ID payload [...]
Может ли какой-нибудь эксперт взглянуть, что не так?
Sonic wall (веб-интерфейс):
ESP: 3DES/HMAC SHA1 (IKE)
IKE phase 1: Enc 3DES, auth SHA1
Ipsec Phase 2: Protocol ESP, Enc 3DES, Auth SHA1
Required XAUTH
DH Group 2
/etc/ipsec.conf
ike=3DES-SHA1;modp1024
phase2alg=3DES-SHA1;modp1024
Это позволяет мне пройти этап 1 (обмен ключами), но затем он застревает на этапе 2 (обмен данными), где он зацикливается и сообщает о неверно сформированной полезной нагрузке:
002 "sonicwall" #2: initiating Main Mode
104 "sonicwall" #2: STATE_MAIN_I1: initiate
003 "sonicwall" #2: ignoring unknown Vendor ID payload [...]
002 "sonicwall" #2: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
106 "sonicwall" #2: STATE_MAIN_I2: sent MI2, expecting MR2
003 "sonicwall" #2: ignoring Vendor ID payload [Sonicwall 1 (TZ 170 Standard?)]
003 "sonicwall" #2: received Vendor ID payload [XAUTH]
003 "sonicwall" #2: received Vendor ID payload [Dead Peer Detection]
002 "sonicwall" #2: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
108 "sonicwall" #2: STATE_MAIN_I3: sent MI3, expecting MR3
002 "sonicwall" #2: received 1 malformed payload notifies
003 "sonicwall" #2: discarding duplicate packet; already STATE_MAIN_I3
010 "sonicwall" #2: STATE_MAIN_I3: retransmission; will wait 20s for response
002 "sonicwall" #2: received 2 malformed payload notifies
003 "sonicwall" #2: discarding duplicate packet; already STATE_MAIN_I3
010 "sonicwall" #2: STATE_MAIN_I3: retransmission; will wait 40s for response
002 "sonicwall" #2: received 3 malformed payload notifies