That's really strange, I've just verified that DPD is enabled on the 
router side (Netgear FVS338), but even my reliable machine doesn't seem 
to enable it. I'll send along some gateway-side log snippets

On 7/8/2010 12:27 PM, Matthew Grooms wrote:
> On 7/7/2010 8:10 PM, Aaron Sarazan wrote:
>> Nope, just left it running and it looks like it timed out a long time
>> ago. Looks like it only lasts about 5 minutes, rain or shine.
>>
>>
>
> Hi Aaron,
>
> Thanks for providing the debug output. For starters I can see why DPD 
> isn't working. The peer doesn't advertise DPD support so the client 
> doesn't enable it ...
>
> 10/07/08 08:19:33 << : vendor id payload
> 10/07/08 08:19:33 ii : unknown vendor id ( 16 bytes )
> 10/07/08 08:19:33 0x : 09002689 dfd6b712 80a224de c33b81e5
> 10/07/08 08:19:33 << : vendor id payload
> 10/07/08 08:19:33 ii : peer is CISCO UNITY compatible
> 10/07/08 08:19:33 << : vendor id payload
> 10/07/08 08:19:33 ii : peer is IPSEC-TOOLS compatible
> 10/07/08 08:19:33 << : vendor id payload
> 10/07/08 08:19:33 ii : peer supports nat-t ( draft v02 )
> 10/07/08 08:19:33 << : nat discovery payload
> 10/07/08 08:19:33 << : nat discovery payload
> 10/07/08 08:19:33 << : vendor id payload
> 10/07/08 08:19:33 ii : unknown vendor id ( 16 bytes )
> 10/07/08 08:19:33 0x : 3b9031dc e4fcf88b 489a9239 63dd0c49
> 10/07/08 08:19:33 ii : forcing nat-t to enabled ( rfc )
> 10/07/08 08:19:33 ii : switching to src nat-t udp port 4500
> 10/07/08 08:19:33 ii : switching to dst nat-t udp port 4500
>
> It should send a DPDv1 vendor ID as the client does ...
>
> 10/07/08 08:19:31 >> : vendor id payload
> 10/07/08 08:19:31 ii : local supports DPDv1
>
> I don't see anything else out of the ordinary in the client log file. 
> If possible, can you send me some output from the gateway side? I'd 
> like to see if it logs anything interesting when the communication 
> error occurs.
>
> Thanks,
>
> -Matthew

_______________________________________________
vpn-help mailing list
[email protected]
http://lists.shrew.net/mailman/listinfo/vpn-help

Reply via email to