[ previous ] [ next ] [ threads ]
 
 From:  "Pascal Simon" <psi at netway dash solutions dot ch>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  IPSec m0n0wall / Zyxel Prestige 653HWI
 Date:  Tue, 5 Apr 2005 10:52:50 +0200 
Hy all

I've got trouble with setting up an IPSec tunnel between a m0n0wall and a
Zyxel Prestige 653HWI router.

My current IPSec-setup is as follows:

Mode Tunnel
Disabled no
Auto-establish no
Interface WAN
Local subnet LAN subnet
Remote subnet 192.168.10.0/24
Remote gateway 213.XXX.XXX.XXX

Phase 1

Negotiation mode main
My indentifier My IP
Encryption algorithm 3DES
Hash alg. SHA1
DH key group 1
Lifetime 28800
Pre-Shared Key "my KEY"

Phase 2

Protocol ESP
Encryption algo. DES, 3DES
Hash algo. SHA1, MD5
PFS 1
Lifetime 28800

I also made the same settings for the zyxel router.

If I try to ping a IP one the remote side (ping 192.168.10.1) the following
entries appears in the Diagnostics/Logs/System - menu.

racoon: INFO: isakmp.c:1791:isakmp_chkph1there(): delete phase 2 handler.

racoon: ERROR: isakmp.c:1786:isakmp_chkph1there(): phase2 negotiation failed
due to time up waiting for phase1. ESP 213.XXX.XXX.XXX->157.XXX.XXX.XXX

Thanks for your help.

Regards

Pascal Simon

P.S. m0n0wall is one of the best open-source-projects I've ever seen.