User's Manual

ManualsBrandsNetgear ManualsElectronics11g 8 port wireless VPN router

101

102

103

104

105

106

107

108

109

110

Table Of Contents

Reference Manual for the NETGEAR ProSafe VPN Client

Troubleshooting 9-7

202-10015-01

Table 9-1. Sample of NAT Log Messages

Connection Monitor

The Connection Monitor shows statistical and diagnostic information for each active connection.

This includes the actual security policy settings configured in the security policy and the security

association (SA) information established during Phase 1 IKE negotiations and Phase 2 IPSec

10:12:05.371

10:12:05.371 My Connections\NAT-T Demo - Initiating IKE Phase 1 (IP ADDR=65.163.78.79)

10:12:05.371 My Connections\NAT-T Demo - SENDING>>>> ISAKMP OAK MM (SA, VID)

10:12:05.481 My Connections\NAT-T Demo - RECEIVED<<< ISAKMP OAK MM (SA, VID,

VID, VID)

10:12:05.541 My Connections\NAT-T Demo - Peer is NAT-T capable

10:12:05.551 My Connections\NAT-T Demo - SENDING>>>> ISAKMP OAK MM (KE, NON,

NAT-D, NAT-D, VID, VID, VID)

10:12:05.681 My Connections\NAT-T Demo - RECEIVED<<< ISAKMP OAK MM (KE, NON,

CERT_REQ, NAT-D, NAT-D)

10:12:07.164 My Connections\NAT-T Demo - NAT is detected for Client

10:12:07.204 My Connections\NAT-T Demo - Using auto-selected user certificate "nscert1's

SAFENET ENGINEERING ID".

10:12:07.394 My Connections\NAT-T Demo - SENDING>>>> ISAKMP OAK MM *(ID, CERT,

CERT_REQ, CERT_REQ, CERT_REQ, CERT_REQ, SIG,

NOTIFY:STATUS_INITIAL_CONTACT)

10:12:07.594 My Connections\NAT-T Demo - RECEIVED<<< ISAKMP OAK MM *(ID, CERT,

SIG)

10:12:07.784 My Connections\NAT-T Demo - Established IKE SA

10:12:07.784 MY COOKIE e1 d 34 19 b4 4d 0 fc

10:12:07.784 HIS COOKIE 5e e9 de 51 86 5c b2 e0

10:12:07.795 My Connections\NAT-T Demo - Initiating IKE Phase 2 with Client IDs (message

id: A6A0FDA7)

10:12:07.795 Initiator = IP ADDR=10.128.0.2, prot = 0 port = 0

10:12:07.795 Responder = IP SUBNET/MASK=192.168.79.0/255.255.255.0, prot = 0 port = 0

10:12:07.795 My Connections\NAT-T Demo - SENDING>>>> ISAKMP OAK QM *(HASH,

SA, NON, ID, ID)

10:12:07.795 My Connections\NAT-T Demo - RECEIVED<<< ISAKMP OAK QM *(HASH, SA,

NON, NOTIFY:STATUS_RESP_LIFETIME)

10:12:07.795 My Connections\NAT-T Demo - SENDING>>>> ISAKMP OAK QM *(HASH)

10:12:07.795 My Connections\NAT-T Demo - Loading IPSec SA (Message ID = A6A0FDA7

OUTBOUND SPI = 3EB86823 INBOUND SPI = E72195D8)

10:12:07.795