Windows 7 für IPsec-VPN konfigurieren

MitjaStachowiak · #1 (**permalink**) 13.02.2014, 15:12

Hallo,
ich habe letzten Monat einen Cisco RV042G-VPN-Router angeschafft. Seitdem versuche ich vergeblich, einen VPN-Tunnel aufzubauen.

Das Problem ist, dass die IPsec-Einstellungen bei Windows überall verstreut sind und ich deswegen nicht weiß, welches Eingabefeld
wozu gehört. Hat schon mal jemand hier den IPsec-Client von Windows 7 erfolgreich konfiguriert?

Ich habe hier mal Screenshots von der Konfiguration des Routers und von Windows, von denen ich denke, dass sie einer möglichen
Verbindung am nächsten kommen (Bitte entschuldigt die überdimensionierten Bilder):

Router:

Windows 7 VPN:

Windows 7 Firewall:

Der Router spuckt dann folgendes LOG aus:

Code:

Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: received Vendor ID payload [RFC 3947] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: received Vendor ID payload [RFC 3947] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: ignoring Vendor ID payload [FRAGMENTATION] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: ignoring Vendor ID payload [FRAGMENTATION] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: ignoring Vendor ID payload [fb1de3cdf341b7ea16b7e5be0855f120] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: ignoring Vendor ID payload [fb1de3cdf341b7ea16b7e5be0855f120] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: ignoring Vendor ID payload [Vid-Initial-Contact] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: ignoring Vendor ID payload [Vid-Initial-Contact] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: ignoring Vendor ID payload [e3a5966a76379fe707228231e5ce8652] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: ignoring Vendor ID payload [e3a5966a76379fe707228231e5ce8652] 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: [Tunnel Negotiation Info] <<< Responder Received Main Mode 1st packet 
Feb 13 14:58:05 2014	 VPN Log	 packet from 192.168.1.24:500: [Tunnel Negotiation Info] <<< Responder Received Main Mode 1st packet 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: responding to Main Mode from unknown peer 192.168.1.24 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: OAKLEY_AES_CBC is not enabled for this connection. Attribute OAKLEY_ENCRYPTION_ALGORITHM 
Feb 13 14:58:05 2014	Kernel	 last message repeated 5 times 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: OAKLEY_GROUP_MODP2048 is not enabled for this connection. Attribute OAKLEY_GROUP_DESCRIPTION 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: OAKLEY_GROUP_MODP2048 is not enabled for this connection. Attribute OAKLEY_GROUP_DESCRIPTION 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] >>> Responder Send Main Mode 2nd packet 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] >>> Responder Send Main Mode 2nd packet 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] <<< Responder Received Main Mode 3rd packet 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] <<< Responder Received Main Mode 3rd packet 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] >>> Responder send Main Mode 4th packet 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] >>> Responder send Main Mode 4th packet 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] <<< Responder Received Main Mode 5th packet 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] <<< Responder Received Main Mode 5th packet 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: Peer ID is ID_IPV4_ADDR: '192.168.1.24' 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] >>> Responder Send Main Mode 6th packet 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] >>> Responder Send Main Mode 6th packet 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] Main Mode Phase 1 SA Established 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] Main Mode Phase 1 SA Established 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: sent MR3, ISAKMP SA established 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] <<< Responder Received Quick Mode 1st packet 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: [Tunnel Negotiation Info] <<< Responder Received Quick Mode 1st packet 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: cannot respond to IPsec SA request because no connection is known for 78.52.27.132:17/1701...192.168.1.24[vpn1@mitjastachowiak.de]:17/1701 
Feb 13 14:58:05 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: sending encrypted notification INVALID_ID_INFORMATION to 192.168.1.24:500 
Feb 13 14:58:07 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x00000001 (perhaps this is a duplicated packet) 
Feb 13 14:58:07 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x00000001 (perhaps this is a duplicated packet) 
Feb 13 14:58:07 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: sending encrypted notification INVALID_MESSAGE_ID to 192.168.1.24:500 
Feb 13 14:58:10 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x00000001 (perhaps this is a duplicated packet) 
Feb 13 14:58:10 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x00000001 (perhaps this is a duplicated packet) 
Feb 13 14:58:10 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: sending encrypted notification INVALID_MESSAGE_ID to 192.168.1.24:500 
Feb 13 14:58:14 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x00000001 (perhaps this is a duplicated packet) 
Feb 13 14:58:14 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x00000001 (perhaps this is a duplicated packet) 
Feb 13 14:58:14 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: sending encrypted notification INVALID_MESSAGE_ID to 192.168.1.24:500 
Feb 13 14:58:22 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x00000001 (perhaps this is a duplicated packet) 
Feb 13 14:58:22 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x00000001 (perhaps this is a duplicated packet) 
Feb 13 14:58:22 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: sending encrypted notification INVALID_MESSAGE_ID to 192.168.1.24:500 
Feb 13 14:58:38 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x00000001 (perhaps this is a duplicated packet) 
Feb 13 14:58:38 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x00000001 (perhaps this is a duplicated packet) 
Feb 13 14:58:38 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: sending encrypted notification INVALID_MESSAGE_ID to 192.168.1.24:500 
Feb 13 14:58:52 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: received Delete SA payload: deleting ISAKMP State #89 
Feb 13 14:58:52 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24 #89: received Delete SA payload: deleting ISAKMP State #89 
Feb 13 14:58:52 2014	 VPN Log	 (c2gips0)[2] 192.168.1.24: deleting connection (c2gips0) instance with peer 192.168.1.24 {isakmp=#0/ipsec=#0}

Ich habe natürlich schon diverse andere Einstellungen Versucht und auch andere LOG-Einträge erhalten, aber geklappt hat es nicht.
Ich hoffe, ich finde hier jemand, der Erfahrung mit VPNs hat - im Internet findet man dazu wenig hilfreiches.

Themen-Optionen
Druckbare Version zeigen Jemanden per E-Mail auf dieses Thema hinweisen
Ansicht
Linear-Darstellung Zur Hybrid-Darstellung wechseln Zur Baum-Darstellung wechseln

Ähnliche Themen
Thema	Autor	Forum	Antworten	Letzter Beitrag
Chat-Thread	paracelsus	Offtopic	22838	27.09.2022 13:27
Windows Systemadministrator (m/w)	JAP	Jobs	0	21.03.2013 17:26
Windows 7 als Server und VPN	PHP-Freak	Serveradministration und serverseitige Scripte	6	14.05.2012 11:14
Windows Design und Formulare im IE	SimonWpt	CSS	1	03.02.2005 18:50