D
Dan
Okay, I've tried this on many w2k workstations and w2k
servers and I cannot get it to work. I've followed the MS
article at http://support.microsoft.com/default.aspx?
scid=kb;en-us;252735&Product=win2000 to the "T" and still
no luck. So, unless someone can prove me wrong, tunnel
mode is broken. After setting up the polocies, filters,
etc. and I ping an address within the "IP filter" list
range, it shoots back:
Pinging 192.168.14.1 with 32 bytes of data:
Negotiating IP Security.
Negotiating IP Security.
Negotiating IP Security.
Negotiating IP Security.
This is fine while it is negotiating , but eventualy the
ping should go through. Instead, I get this forever along
with the system log filling up with this:
Event Type: Error
Event Source: IPSEC
Event Category: None
Event ID: 4289
Date: 9/23/2003
Time: 9:54:06 PM
User: N/A
Computer: MYCOMP
Description:
The IPSec driver failed the oakley negotiation with
192.168.14.1 since no filter exists to protect packets to
that destination. Please check the configuration on this
machine to ensure at least one filter matches the
destination.
Data:
0000: 00 00 00 00 02 00 50 00 ......P.
0008: 00 00 00 00 c1 10 00 c0 ....Á..À
0010: 01 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
This is how it should work:
1. Incoming packet is examined.
2. if source destination match "IP Filter" list, then
it should forward it to the "End Point" IP Address and
IKE negotiations should take place if needed.
Please help!
Thanks,
-Dan
servers and I cannot get it to work. I've followed the MS
article at http://support.microsoft.com/default.aspx?
scid=kb;en-us;252735&Product=win2000 to the "T" and still
no luck. So, unless someone can prove me wrong, tunnel
mode is broken. After setting up the polocies, filters,
etc. and I ping an address within the "IP filter" list
range, it shoots back:
Pinging 192.168.14.1 with 32 bytes of data:
Negotiating IP Security.
Negotiating IP Security.
Negotiating IP Security.
Negotiating IP Security.
This is fine while it is negotiating , but eventualy the
ping should go through. Instead, I get this forever along
with the system log filling up with this:
Event Type: Error
Event Source: IPSEC
Event Category: None
Event ID: 4289
Date: 9/23/2003
Time: 9:54:06 PM
User: N/A
Computer: MYCOMP
Description:
The IPSec driver failed the oakley negotiation with
192.168.14.1 since no filter exists to protect packets to
that destination. Please check the configuration on this
machine to ensure at least one filter matches the
destination.
Data:
0000: 00 00 00 00 02 00 50 00 ......P.
0008: 00 00 00 00 c1 10 00 c0 ....Á..À
0010: 01 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
This is how it should work:
1. Incoming packet is examined.
2. if source destination match "IP Filter" list, then
it should forward it to the "End Point" IP Address and
IKE negotiations should take place if needed.
Please help!
Thanks,
-Dan