connexion xp-mnf en ipsec

[fj1200]

Je pense avoir parcouru les posts concernant ce sujet , mon pb est le suivant : <BR>voici ce que j'obtiens sur les logs okley sur le poste windauze lorsque je pingue une machine dans le sous reseau distant déclaré dans les les fichiers de confs. J'avoue avoir du mal a déterminer d'ou vient le pb ( même si j'ai dans un post de louis que lorsque le message n'a pas trouvé de certificat d'ordinateur valide => pb windauze => faut t'il recréer les certificats) <BR>Je fourni toute info supplémentaire à qui a la patience de me venir en aide. <BR> <BR> 1-19: 16:24:50:828:1e8 Starting Negotiation: src = 185.254.30.193.0000, dst = 185.254.30.216.0500, proto = 00, context = 8634B078, ProxySrc = 185.254.30.193.0000, ProxyDst = 10.0.255.0.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.0 <BR> 1-19: 16:24:50:828:1e8 constructing ISAKMP Header <BR> 1-19: 16:24:50:828:1e8 constructing SA (ISAKMP) <BR> 1-19: 16:24:50:828:1e8 Constructing Vendor <BR> 1-19: 16:24:50:828:1e8 <BR> 1-19: 16:24:50:828:1e8 Sending: SA = 0x000BDBC8 to 185.254.30.216:Type 2 <BR> 1-19: 16:24:50:828:1e8 ISAKMP Header: (V1.0), len = 216 <BR> 1-19: 16:24:50:828:1e8 I-COOKIE 32642be8c93388e1 <BR> 1-19: 16:24:50:828:1e8 R-COOKIE 0000000000000000 <BR> 1-19: 16:24:50:828:1e8 exchange: Oakley Main Mode <BR> 1-19: 16:24:50:828:1e8 flags: 0 <BR> 1-19: 16:24:50:828:1e8 next payload: SA <BR> 1-19: 16:24:50:828:1e8 message ID: 00000000 <BR> 1-19: 16:24:50:978:1e8 <BR> 1-19: 16:24:50:978:1e8 Receive: (get) SA = 0x000bdbc8 from 185.254.30.216 <BR> 1-19: 16:24:50:978:1e8 ISAKMP Header: (V1.0), len = 84 <BR> 1-19: 16:24:50:978:1e8 I-COOKIE 32642be8c93388e1 <BR> 1-19: 16:24:50:978:1e8 R-COOKIE 044745e7f7b8a4c8 <BR> 1-19: 16:24:50:978:1e8 exchange: Oakley Main Mode <BR> 1-19: 16:24:50:978:1e8 flags: 0 <BR> 1-19: 16:24:50:978:1e8 next payload: SA <BR> 1-19: 16:24:50:978:1e8 message ID: 00000000 <BR> 1-19: 16:24:50:978:1e8 processing payload SA <BR> 1-19: 16:24:50:978:1e8 Received Phase 1 Transform 1 <BR> 1-19: 16:24:50:978:1e8 Encryption Alg Triple DES CBC(5) <BR> 1-19: 16:24:50:978:1e8 Hash Alg SHA(2) <BR> 1-19: 16:24:50:978:1e8 Oakley Group 2 <BR> 1-19: 16:24:50:978:1e8 Auth Method Signature RSA avec les certificats(3) <BR> 1-19: 16:24:50:978:1e8 Life type in Seconds <BR> 1-19: 16:24:50:978:1e8 Life duration of 28800 <BR> 1-19: 16:24:50:978:1e8 Phase 1 SA accepted: transform=1 <BR> 1-19: 16:24:50:978:1e8 SA - Oakley proposal accepted <BR> 1-19: 16:24:50:978:1e8 constructing ISAKMP Header <BR> 1-19: 16:24:51:29:1e8 constructing KE <BR> 1-19: 16:24:51:29:1e8 constructing NONCE (ISAKMP) <BR> 1-19: 16:24:51:29:1e8 <BR> 1-19: 16:24:51:29:1e8 Sending: SA = 0x000BDBC8 to 185.254.30.216:Type 2 <BR> 1-19: 16:24:51:29:1e8 ISAKMP Header: (V1.0), len = 184 <BR> 1-19: 16:24:51:29:1e8 I-COOKIE 32642be8c93388e1 <BR> 1-19: 16:24:51:29:1e8 R-COOKIE 044745e7f7b8a4c8 <BR> 1-19: 16:24:51:29:1e8 exchange: Oakley Main Mode <BR> 1-19: 16:24:51:29:1e8 flags: 0 <BR> 1-19: 16:24:51:29:1e8 next payload: KE <BR> 1-19: 16:24:51:29:1e8 message ID: 00000000 <BR> 1-19: 16:24:51:179:1e8 <BR> 1-19: 16:24:51:179:1e8 Receive: (get) SA = 0x000bdbc8 from 185.254.30.216 <BR> 1-19: 16:24:51:179:1e8 ISAKMP Header: (V1.0), len = 188 <BR> 1-19: 16:24:51:179:1e8 I-COOKIE 32642be8c93388e1 <BR> 1-19: 16:24:51:179:1e8 R-COOKIE 044745e7f7b8a4c8 <BR> 1-19: 16:24:51:179:1e8 exchange: Oakley Main Mode <BR> 1-19: 16:24:51:179:1e8 flags: 0 <BR> 1-19: 16:24:51:179:1e8 next payload: KE <BR> 1-19: 16:24:51:179:1e8 message ID: 00000000 <BR> 1-19: 16:24:51:179:1e8 processing payload KE <BR> 1-19: 16:24:51:199:1e8 processing payload NONCE <BR> 1-19: 16:24:51:199:1e8 processing payload CRP <BR> 1-19: 16:24:51:199:1e8 constructing ISAKMP Header <BR> 1-19: 16:24:51:199:1e8 constructing ID <BR> 1-19: 16:24:51:199:1e8 Received no valid CRPs. Using all configured <BR> 1-19: 16:24:51:199:1e8 Looking for IPSec only cert <BR> 1-19: 16:24:51:199:1e8 failed to get chain 80092004 <BR> 1-19: 16:24:51:199:1e8 Received no valid CRPs. Using all configured <BR> 1-19: 16:24:51:199:1e8 Looking for any cert <BR> 1-19: 16:24:51:199:1e8 failed to get chain 80092004 <BR> 1-19: 16:24:51:199:1e8 ProcessFailure: sa:000BDBC8 centry:00000000 status:35ee <BR> 1-19: 16:24:51:199:1e8 isadb_set_status sa:000BDBC8 centry:00000000 status 35ee <BR> 1-19: 16:24:51:199:1e8 Mode d'Èchange de clÈs (Mode principal) <BR> <BR> <BR> 1-19: 16:24:51:199:1e8 Adresse IP source185.254.30.193 <BR> <BR>Masque d'adresse IP source 255.255.255.255 <BR> <BR>Adresse IP de destination 185.254.30.216 <BR> <BR>Masque d'adresse IP de destination 255.255.255.255 <BR> <BR>Protocole 0 <BR> <BR>Port source 0 <BR> <BR>Port de destination 0 <BR> <BR>Adresse locale IKE <BR> <BR>Adresse homologue IKE <BR> <BR> <BR> 1-19: 16:24:51:199:1e8 IdentitÈ basÈ sur le certificat. <BR> <BR>Adresse IP homologue : 185.254.30.216 <BR> <BR> <BR> 1-19: 16:24:51:209:1e8 Moi <BR> <BR> <BR> 1-19: 16:24:51:209:1e8 IKE n'a pas trouvÈ de certificat ordinateur valide <BR> <BR> <BR> 1-19: 16:24:51:209:1e8 0x80092004 0x0 <BR> 1-19: 16:24:51:209:1e8 ProcessFailure: sa:000BDBC8 centry:00000000 status:35ee <BR> 1-19: 16:24:51:209:1e8 constructing ISAKMP Header <BR> 1-19: 16:24:51:209:1e8 constructing HASH (null) <BR> 1-19: 16:24:51:209:1e8 constructing NOTIFY 28 <BR> 1-19: 16:24:51:209:1e8 constructing HASH (Notify/Delete) <BR> 1-19: 16:24:51:209:1e8 <BR> 1-19: 16:24:51:209:1e8 Sending: SA = 0x000BDBC8 to 194.254.30.216:Type 1 <BR> 1-19: 16:24:51:209:1e8 ISAKMP Header: (V1.0), len = 84 <BR> 1-19: 16:24:51:209:1e8 I-COOKIE 32642be8c93388e1 <BR> 1-19: 16:24:51:209:1e8 R-COOKIE 044745e7f7b8a4c8 <BR> 1-19: 16:24:51:209:1e8 exchange: ISAKMP Informational Exchange <BR> 1-19: 16:24:51:209:1e8 flags: 1 ( encrypted ) <BR> 1-19: 16:24:51:209:1e8 next payload: HASH <BR> 1-19: 16:24:51:209:1e8 message ID: a41c4df6