Аналогичная фигня..., что-нибудь удолось прояснить ?ssh4 писал(а):Re: IPSec теория и практика
ssh4 » 2012-02-15 1:21:30
до инициализации работы демона mpd5 l2tp дело не доходит.
Я поэтому и не парился с выкладыванием конфига mpd5.
2013-01-21 17:21:01: [95.28.213.55] INFO: Selected NAT-T version: draft-ietf-ipsec-nat-t-ike-02
2013-01-21 17:21:01: [92.204.164.3] INFO: Hashing 92.204.164.3[500] with algo #2
2013-01-21 17:21:01: INFO: NAT-D payload #0 verified
2013-01-21 17:21:01: [95.28.213.55] INFO: Hashing 95.28.213.55[56513] with algo #2
2013-01-21 17:21:01: INFO: NAT-D payload #1 doesn't match
2013-01-21 17:21:01: INFO: NAT detected: PEER
2013-01-21 17:21:01: [95.28.213.55] INFO: Hashing 95.28.213.55[56513] with algo #2
2013-01-21 17:21:01: [92.204.164.3] INFO: Hashing 92.204.164.3[500] with algo #2
2013-01-21 17:21:01: INFO: Adding remote and local NAT-D payloads.
2013-01-21 17:21:01: INFO: NAT-T: ports changed to: 95.28.213.55[53266]<->92.204.164.3[4500]
2013-01-21 17:21:01: INFO: KA list add: 92.204.164.3[4500]->95.28.213.55[53266]
2013-01-21 17:21:01: WARNING: Expecting IP address type in main mode, but FQDN.
2013-01-21 17:21:01: INFO: ISAKMP-SA established 92.204.164.3[4500]-95.28.213.55[53266] spi:28711ac3345a7ee1:1ff341eda2b3cec8
2013-01-21 17:21:01: INFO: respond new phase 2 negotiation: 92.204.164.3[4500]<=>95.28.213.55[53266]
2013-01-21 17:21:01: INFO: Update the generated policy : 95.28.213.55/32[53266] 92.204.164.3/32[1701] proto=udp dir=in
2013-01-21 17:21:01: INFO: Adjusting my encmode UDP-Transport->Transport
2013-01-21 17:21:01: INFO: Adjusting peer's encmode UDP-Transport(61444)->Transport(2)
2013-01-21 17:21:01: INFO: IPsec-SA established: ESP/Transport 92.204.164.3[500]->95.28.213.55[500] spi=230203707(0xdb8a13b)
2013-01-21 17:21:01: INFO: IPsec-SA established: ESP/Transport 92.204.164.3[500]->95.28.213.55[500] spi=411438922(0x18860f4a)
и ВСЁ, отваливается по таймауту