常见路由器日志说明

来自Qno Wiki
跳转到: 导航搜索

IPsec VPN 日志说明

正常连接:

packet from 124.x.x.x:500: [Tunnel Negotiation Info] Responder Received Aggressive Mode 1st packet on 61.x.x.x:500^M
=> Aggressive 模式接收端收到第一笔连接请求

(g2gips18)[17] 124.x.x.x #1895: [Tunnel Negotiation Info] Peer ID is ID_USER_FQDN: 'xxxx@xxxx.cn'^M
=> 对方使用FQDN做身份认证, ID为 xxxx@xxxx.cn

(g2gips18)[17] 124.x.x.x #1895: You should NOT use insecure IKE algorithms (OAKLEY_DES_CBC)!^M
=> 不用理会, 不影响handshaking

(g2gips18)[17] 124.x.x.x #1895: [Tunnel Negotiation Info] Responder Send Aggressive Mode 2nd packet^M
=> Aggressive 模式回应第二笔连接请求

(g2gips18)[17] 124.x.x.x #1895: [Tunnel Negotiation Info] Received Aggressive Mode 3rd packet on 1.2.3.4
=> Aggressive 模式接收端收到第三笔连接请求,本地的 IP 是 1.2.3.4

(g2gips18)[17] 124.x.x.x #1895: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed^M
=> 协助 NAT 穿透,对方在 NAT 下

(g2gips18)[17] 124.x.x.x #1895: [Tunnel Established] ISAKMP SA established^M
=> 第一阶段握手协议完成

(g2gips18)[17] 124.x.x.x #1895: [Tunnel Negotiation Info] Responder Received Quick Mode 1st packet on 61.x.x.x:4500^M
=> 收到第二阶段握手协议封包

(g2gips18)[14] 124.x.x.x:1024 #1896: [Tunnel Negotiation Info] esp_ealg_id=2-2,esp_ealg_keylen=0, key_len=64,esp_aalg_id=1-1.\012^M

(g2gips18)[14] 124.x.x.x:1024 #1896: [Tunnel Negotiation Info] You should NOT use insecure ESP algorithms [ESP_DES (64)]!

(g2gips18)[14] 124.x.x.x:1024 #1896: [Tunnel Negotiation Info] Inbound SPI value = 363c3bbb^M

(g2gips18)[14] 124.x.x.x:1024 #1896: [Tunnel Negotiation Info] Outbound SPI value = bf9f49f7^M

(g2gips18)[14] 124.x.x.x:1024 #1896: [Tunnel Negotiation Info] Responder send Quick Mode 2nd packet^M

(g2gips18)[14] 124.x.x.x:1024 #1896: [Tunnel Negotiation Info] Responder Received Quick Mode 3rd packet on 61.x.x.x:4500^M

(g2gips18)[14] 124.x.x.x:1024 #1896: [Tunnel Negotiation Info] Dead Peer Detection (RFC 3706) enabled^M
=> DPD 监测机制启动

(g2gips18)[14] 124.x.x.x:1024 #1896: [Tunnel Established] IPsec SA established {ESP=>0xbf9f49f7 < 0x363c3bbb NATOA=0.0.0.0
=> 第二阶段握手协议完成,VPN 建立完成


出错信息:

(g2gips18)[16] 124.x.x.x #1872: [Tunnel Negotiation Fail] DPD: No response from peer - declaring peer dead
=> DPD 监测机制未检测到有效的VPN对端,宣告此VPN联机已断

(g2gips18)[16] 124.x.x.x: [Tunnel Disconnected] instance with peer 124.x.x.x {isakmp=#0/ipsec=#0}

packet from 124.x.x.x:500: [Tunnel Authorize Fail] Informational Exchange is for an unknown (expired?) SA

packet from 124.x.x.x:500: [Tunnel Negotiation Info] received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]

packet from 218.x.x.x:500: [Tunnel Authorize Fail] no connection has been authorized with policy=PSK
=> 未能找到对应的VPN联机设定

(g2gips3) #497: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x64743869) not found (maybe expired)

(g2gips5)[13] 123.x.x.x #534: [Tunnel Disconnected] instance with peer 123.x.x.x {isakmp=#517/ipsec=#532}


网站上也有普通日志的说明:
http://www.qno.cn/web/faqlist_p5.asp

个人工具
名字空间
操作
导航
分类
[×] AP/AC
[×] DHCP
[×] GRE
Log
[×] NetBase
QoS
[×] QTV
[×] QWH
[×] Switch
USB
VPN
工具箱