Support User Manuals

D-Link 860 Network Router User Manual

Open as PDF

of 545

Life duration : 43200

Life type : Kilobytes

Life duration : 50000

VID (Vendor ID)

Payload data length : 16 bytes

Vendor ID : 8f 9c c9 4e 01 24 8e cd f1 47 59 4c 28 4b 21 3b

Description : SSH Communications Security QuickSec 2.1.0

VID (Vendor ID)

Payload data length : 16 bytes

Vendor ID : 27 ba b5 dc 01 ea 07 60 ea 4e 31 90 ac 27 c0 d0

Description : draft-stenberg-ipsec-nat-traversal-01

VID (Vendor ID)

Payload data length : 16 bytes

Vendor ID : 61 05 c4 22 e7 68 47 e4 3f 96 84 80 12 92 ae cd

Description : draft-stenberg-ipsec-nat-traversal-02

VID (Vendor ID)

Payload data length : 16 bytes

Vendor ID : 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc

Description : draft-ietf-ipsec-nat-t-ike-00

VID (Vendor ID)

Payload data length : 16 bytes

Vendor ID : cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48

Description : draft-ietf-ipsec-nat-t-ike-02

VID (Vendor ID)

Payload data length : 16 bytes

Vendor ID : 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f

Description : draft-ietf-ipsec-nat-t-ike-02

VID (Vendor ID)

Payload data length : 16 bytes

Vendor ID : 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56

Description : draft-ietf-ipsec-nat-t-ike-03

Explanation of Values

Exchange type: Main mode or aggressive mode

Cookies: A random number to identify the negotiation

Encryption algorithm: Cipher

Key length: Cipher key length

Hash algorithm: Hash

Authentication method: Pre-shared key or certificate

Group description: Diffie Hellman (DH) group

Life type: Seconds or kilobytes

Life duration: No of seconds or kilobytes

VID: The IPsec software vendor plus what standards are supported. For example, NAT-T

Step 2. Server Responds to Client

A typical response from the server is shown below. This must contain a proposal that is identical to

one of the choices from the client list above. If no match was found by the server then a "No

proposal chosen" message will be seen, tunnel setup will fail and the ikesnoop command output will

stop at this point.

IkeSnoop: Sending IKE packet to 192.168.0.10:500 Exchange type :

Identity Protection (main mode) ISAKMP Version : 1.0

Flags :

Cookies : 0x6098238b67d97ea6 -> 0x5e347cb76e95a

Message ID : 0x00000000

Packet length : 224 bytes

# payloads : 8

Payloads:

9.4.5. Troubleshooting with ikesnoop Chapter 9. VPN

416

previous next