http://www.dslreports.com/forum/r22294775 en Sat, 28 Nov 2009 01:32:03 EDT Sat, 28 Nov 2009 01:32:03 EDT http://www.dslreports.com/forum/remark,22294775 johnpsph : I recently set up a d link dir-130 firewall for a friend and set it up as an l2tp over ipsec server. I can connect to it just fine using a windows xp client. However, when I attempt to connect using the mac os x leopard client, I gwt the following (form the DIR-130 log):

Time Type Message
Apr 25 14:18:22 Debug Information IPSec "conn_casa"[5] 166.199.53.1 #3: NAT-Traversal: Result using RFC 3947: peer is NATed
Apr 25 14:18:22 Debug Information IPSec "conn_casa"[5] 166.199.53.1 #3: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Apr 25 14:18:22 Debug Information IPSec "conn_casa"[5] 166.199.53.1 #3: Main mode peer ID is ID_IPV4_ADDR: '192.168.3.205'
Apr 25 14:18:22 Debug Information IPSec "conn_casa"[6] 166.199.53.1 #3: deleting connection "conn_casa" instance with peer 166.199.53.1
Apr 25 14:18:22 Debug Information IPSec "conn_casa"[6] 166.199.53.1 #3: deleting connection "conn_casa" instance with peer 166.199.53.1
Apr 25 14:18:22 Debug Information IPSec "conn_casa" #2: deleting state (STATE_MAIN_R3)
Apr 25 14:18:22 Debug Information IPSec "conn_casa"[6] 166.199.53.1 #3: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Apr 25 14:18:22 Debug Information IPSec "conn_casa"[6] 166.199.53.1:4500 #3: sent MR3, ISAKMP SA established
Apr 25 14:18:22 Debug Information IPSec "conn_casa"[6] 166.199.53.1:4500 #3: ignoring informational payload, type IPSEC_INITIAL_CONTACT
Apr 25 14:18:22 Debug Information IPSec "conn_casa"[6] 166.199.53.1:4500 #3: received and ignored informational message
Apr 25 14:18:23 Debug Information IPSec "conn_casa"[6] 166.199.53.1:4500 #3: cannot respond to IPsec SA request because no connection is known for 24.207.237.233:4500:17/1701...166.199.53.1:4500[192.168.3.205]:17/51838===192.168.3.205/32
Apr 25 14:18:23 Debug Information IPSec "conn_casa"[6] 166.199.53.1:4500 #3: sending encrypted notification INVALID_ID_INFORMATION to 166.199.53.1:4500
Apr 25 14:18:34 Debug Information IPSec "conn_casa"[6] 166.199.53.1:4500 #3: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x8bc4e0b8 (perhaps this is a duplicated packet)
Apr 25 14:18:44 Debug Information IPSec "conn_casa"[6] 166.199.53.1:4500 #3: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x8bc4e0b8 (perhaps this is a duplicated packet

It appears to go through phase 1 authentication without a problem, but gets hung up in phase 2 negotioation (if I'm reading this correctly). Any help would be much appreciated. As for the dir-130 settings, it is set up for L2TP over IPSec with MSCHAPv2 authentication. Thanks]]> http://www.dslreports.com/forum/remark,22294775 Sat, 25 Apr 2009 15:38:24 EDT