Re: Sonicwall TZ150/170
- From: "Christian Gröbner [MVP]" <newsgroups@xxxxxxxxxx>
- Date: Thu, 3 May 2007 10:24:26 +0200
Hallo Christian,
das Verhalten kann ich nicht nachvollziehen.
Folgende Regkeys hast du am ISA gesetzt?
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec
Value name: SAIdleTime
Data Type: REG_DWORD
Value data: 300 - 3600 (default=300)
Der Defaultwert ist 300, was 5 Minuten entspricht. Diesen Wert musst du am
ISA auf deine Einstellung anpassen und den Server durchstarten.
Gruß
Christian
--
Christian Gröbner
MVP ISA Server
Hilfe & Infos rund um den ISA Server: http://www.msisafaq.de !!!!
NEU !!! Das Handbuch zum ISA 2006 - http://www.msisafaq.de/buch/
"Christian" <c_mwg@xxxxxx> schrieb im Newsbeitrag
news:0t3j33dbvv31to2l4i5sfle4fj8gt871k8@xxxxxxxxxx
Auch wenn dies nun etwas offtopic geht ist es immer noch im selben
Bereich.
Fragen:
- Warum schickt die SonicWall AUCH nach 5 Minuten schon delete
requests?
- Warum baut das Ding manchmal mehrere SAs parallel auf?
- Immer mal wieder wird eine SA verhandelt und NACH Aufbau einer
weiteren sofort wieder gelöscht
Über die VPN werden mehrere RDP genutzt. Diese frieren jedesmal ein
und die Sessions sind meistens auch weg.
SonicWall log zum IPSec SA, vielleicht fällt euch etwas auf?
4
05/02/2007 18:21:18.192
IPSec packet dropped
194.231.73.XX, 0, WAN
194.231.189.XX, 47476, WAN, u5-4.dsl.vianetworks.de
5
05/02/2007 18:21:07.288
IKE negotiation complete. Adding IPSec SA. (Phase 2)
194.231.189.XX, u5-4.dsl.vianetworks.de
194.231.73.XX
ESP:3DES, HMAC_SHA1, Group 2 lifeSeconds=3600 Local SPI:0xbb395ea3
Remote SPI:0x11ca814c
6
05/02/2007 18:21:07.288
IKE Responder: Accepting IPSec proposal (Phase 2)
194.231.73.XX
194.231.189.XX, u5-4.dsl.vianetworks.de
10.0.0.0/16 -> 192.168.168.0/24
7
05/02/2007 18:21:07.016
IKE Responder: Received Quick Mode Request (Phase 2)
194.231.73.XX, 500
194.231.73.XX, 500
8
05/02/2007 18:21:06.832
Received IPSEC SA delete request
194.231.73.XX, 500
194.231.189.XX, 500, u5-4.dsl.vianetworks.de
SPI:0xb8fa661
9
05/02/2007 18:21:06.704
IKE negotiation complete. Adding IPSec SA. (Phase 2)
194.231.189.XX, u5-4.dsl.vianetworks.de
194.231.73.XX
ESP:3DES, HMAC_SHA1, Group 2 lifeSeconds=3600 Local SPI:0xfe42b974
Remote SPI:0xcda9c94d
10
05/02/2007 18:21:06.704
IKE Initiator: Accepting IPSec proposal (Phase 2)
194.231.189.XX, u5-4.dsl.vianetworks.de
194.231.73.XX
192.168.168.0/24 -> 10.0.0.0/16
11
05/02/2007 18:21:06.416
IKE Initiator: Start Quick Mode (Phase 2).
194.231.189.XX, 500, u5-4.dsl.vianetworks.de
194.231.73.XX, 500
12
05/02/2007 18:21:06.416
IKE negotiation complete. Adding IPSec SA. (Phase 2)
194.231.189.XX, u5-4.dsl.vianetworks.de
194.231.73.XX
ESP:3DES, HMAC_SHA1, Group 2 lifeSeconds=3600 Local SPI:0x39cf383a
Remote SPI:0xb8fa661
13
05/02/2007 18:21:06.416
IKE Initiator: Accepting IPSec proposal (Phase 2)
194.231.189.XX, u5-4.dsl.vianetworks.de
194.231.73.XX
192.168.168.0/24 -> 10.0.0.0/16
14
05/02/2007 18:21:06.128
IKE Initiator: Start Quick Mode (Phase 2).
194.231.189.XX, 500, u5-4.dsl.vianetworks.de
194.231.73.XX, 500
15
05/02/2007 18:21:06.096
Received IPSEC SA delete request
194.231.189.XX, 500, u5-4.dsl.vianetworks.de
194.231.73.XX, 500
SPI:0xc4097b4
16
05/02/2007 18:21:06.032
Received IPSEC SA delete request
194.231.189.XX, 500, u5-4.dsl.vianetworks.de
194.231.73.XX, 500
SPI:0x5969a60c
17
05/02/2007 18:17:25.304
IPSec packet dropped
194.231.73.XX, 0, WAN
194.231.189.XX, 29262, WAN, u5-4.dsl.vianetworks.de
18
05/02/2007 18:16:58.304
ICMP packet dropped
58.19.183.42, 137, WAN
192.168.168.168, 2369, LAN
ICMP Dest Unreachable, Code: 3
19
05/02/2007 18:16:57.736
UDP packet dropped
58.19.183.42, 49684, WAN
194.231.189.XX, 1026, WAN, u5-4.dsl.vianetworks.de
UDP Port: 1026
12
20
05/02/2007 18:15:18.096
IPSec packet dropped
194.231.73.XX, 0, WAN
194.231.189.XX, 29262, WAN, u5-4.dsl.vianetworks.de
21
05/02/2007 18:15:07.240
IKE negotiation complete. Adding IPSec SA. (Phase 2)
194.231.189.XX, u5-4.dsl.vianetworks.de
194.231.73.XX
ESP:3DES, HMAC_SHA1, Group 2 lifeSeconds=3600 Local SPI:0x69812c8c
Remote SPI:0xc4097b4
22
05/02/2007 18:15:07.240
IKE Responder: Accepting IPSec proposal (Phase 2)
194.231.73.XX
194.231.189.XX, u5-4.dsl.vianetworks.de
10.0.0.0/16 -> 192.168.168.0/24
23
05/02/2007 18:15:06.928
IKE Responder: Received Quick Mode Request (Phase 2)
194.231.73.XX, 500
194.231.73.XX, 500
24
05/02/2007 18:15:06.352
IKE negotiation complete. Adding IPSec SA. (Phase 2)
194.231.189.XX, u5-4.dsl.vianetworks.de
194.231.73.XX
ESP:3DES, HMAC_SHA1, Group 2 lifeSeconds=3600 Local SPI:0x254c724e
Remote SPI:0x5969a60c
25
05/02/2007 18:15:06.352
IKE Initiator: Accepting IPSec proposal (Phase 2)
194.231.189.XX, u5-4.dsl.vianetworks.de
194.231.73.XX
192.168.168.0/24 -> 10.0.0.0/16
26
05/02/2007 18:15:06.064
IKE Initiator: Start Quick Mode (Phase 2).
194.231.189.XX, 500, u5-4.dsl.vianetworks.de
194.231.73.XX, 500
27
05/02/2007 18:15:05.944
Received IPSEC SA delete request
194.231.189.XX, 500, u5-4.dsl.vianetworks.de
194.231.73.XX, 500
SPI:0x6ee754e4
Danke für jede Hilfe!
Gruß
Christian
.
- Follow-Ups:
- Re: Sonicwall TZ150/170
- From: Christian
- Re: Sonicwall TZ150/170
- References:
- Re: Sonicwall TZ150/170
- From: Christian
- Re: Sonicwall TZ150/170
- Prev by Date: Re: Sonicwall TZ150/170
- Next by Date: ISA Server 2004 & AOL Webmail = nix als ärger!
- Previous by thread: Re: Sonicwall TZ150/170
- Next by thread: Re: Sonicwall TZ150/170
- Index(es):
Relevant Pages
|
