Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

watchguard x700 problem

Status
Not open for further replies.
lisy3400

lisy3400

IS-IT--Management
Sep 6, 2006
2
I've been having problems were my firewall watchguard x700 seem to loss connection, while looking at the traffic monitor, I see the following error:

09/05/06 14:44 iked[153]: Sending KEEPALIVE_REQUEST message
09/05/06 14:44 iked[153]: TO 70.155.9.187 IF-HDR* -9D4AF50D ISA_HASH ISA_NOTIFY
09/05/06 14:45 kernel: Channel 1 looks dead
09/05/06 14:45 kernel: ipsec: Output SA changing state DYING or DEAD
09/05/06 14:45 iked[153]: Acquiring key for channel/policy 1/0
09/05/06 14:45 iked[153]: TO 70.155.9.187 QM-HDR* -13D9F7E2 ISA_HASH ISA_SA ISA_NONCE ISA_ID ISA_ID
09/05/06 14:45 iked[153]: RE-TO 70.155.9.187 QM-HDR* -13D9F7E2 ISA_HASH
09/05/06 14:45 pppd[95]: No response to 3 echo-requests
09/05/06 14:45 pppd[95]: Serial link appears to be disconnected.
09/05/06 14:45 pppd[95]: Couldn't get PPP statistics: No such device
09/05/06 14:45 pppd[95]: ioctl (SIOCGIFFLAGS): No such device(19)
09/05/06 14:45 pppd[95]: ioctl(SIOCDELRT) device route: No such device(19)
09/05/06 14:45 pppd[95]: ioctl(SIOCSIFMTU): No such device(19)
09/05/06 14:45 pppd[95]: restarting...
09/05/06 14:45 pppd[95]: ioctl(PPPIOCSASYNCMAP): Invalid argument(22)
09/05/06 14:45 pppd[95]: restarting...
09/05/06 14:45 pppd[95]: ioctl(PPPIOCSMRU): Invalid argument(22)
09/05/06 14:45 pppd[95]: ioctl(PPPIOCSRASYNCMAP): Invalid argument(22)
09/05/06 14:45 ip_down[2750]: PPPoE stop success
09/05/06 14:45 iked[153]: RE-TO 70.155.9.187 QM-HDR* -13D9F7E2 ISA_HASH
09/05/06 14:45 iked[153]: RE-TO 70.155.9.187 QM-HDR* -13D9F7E2 ISA_HASH
09/05/06 14:46 iked[153]: RE-TO 70.155.9.187 QM-HDR* -13D9F7E2 ISA_HASH
09/05/06 14:46 iked[153]: RE-TO 70.155.9.187 QM-HDR* -13D9F7E2 ISA_HASH
09/05/06 14:46 kernel: Channel 1 looks dead
09/05/06 14:46 kernel: ipsec: Output SA changing state DYING or DEAD
09/05/06 14:46 kernel: ipsec0: packet (c8ef) failed with SA expired, SPI=18640424, seq=0b350000, src=65.83.140.97, dest=70.155.9.187, sa.saddr=65.83.140.97, sa.daddr=70.155.9.187
09/05/06 14:46 kernel: ipsec: Output SA id now DEAD
09/05/06 14:46 iked[153]: ipsec_nl_catcher: Key negotiation already in progress for channel 1
09/05/06 14:46 iked[153]: Deleting SA: peer 70.155.9.187
09/05/06 14:46 iked[153]: my_cookie 56897C3881D0F80C
09/05/06 14:46 iked[153]: peer_cookie 5452F3B5B5B6698D
09/05/06 14:46 pppoe[96]: Inactivity timeout... something wicked happened
09/05/06 14:46 pppoe[96]: Sent PADT
09/05/06 14:46 pppd[95]: Modem hangup
09/05/06 14:46 pppd[95]: Connection terminated.
09/05/06 14:46 kernel: PPP: ppp line discipline successfully unregistered
09/05/06 14:46 kernel: CSLIP: code copyright 1989 Regents of the University of California
09/05/06 14:46 initialize-external[93]: Limiting mss to mtu - tcp & ip hdr.
09/05/06 14:46 kernel: PPP: version 2.3.9 (demand dialling)
09/05/06 14:46 kernel: PPP line discipline registered.
09/05/06 14:46 kernel: registered device ppp0
09/05/06 14:46 pppd[2829]: pppd 2.3.9 started by root, uid 0
09/05/06 14:46 pppd[2829]: Using interface ppp0
09/05/06 14:46 pppd[2829]: Connect: ppp0 <--> /dev/ttyp0
09/05/06 14:46 pppoe[2830]: PADS: Service-Name: ''
09/05/06 14:46 pppoe[2830]: PPP session is 35943
09/05/06 14:46 pppd[2829]: local IP address 65.83.140.97
09/05/06 14:46 pppd[2829]: remote IP address 65.14.252.16
09/05/06 14:46 pppd[2829]: primary DNS address 205.152.144.23
09/05/06 14:46 pppd[2829]: secondary DNS address 205.152.132.23
09/05/06 14:46 pppoe[2830]: saved pppoe sessionid
09/05/06 14:46 ip-up[2831]: External Interface IP: 65.83.140.97
09/05/06 14:46 ip-up[2831]: Successfully read 65.14.252.16 as prev Gw from file
09/05/06 14:46 ip-up[2831]: Successfully read 65.83.140.97 as prev ip from file
09/05/06 14:46 check_dynamicip[2831]: Checking dynamic vs static configuration.

has anyone encounter this problem, also how can I turn on logging for traffic monitor, I'm new to this type of firewall.
 
Sort by date Sort by votes
09/05/06 14:44 iked[153]: Sending KEEPALIVE_REQUEST message
09/05/06 14:44 iked[153]: TO 70.155.9.187 IF-HDR* -9D4AF50D ISA_HASH ISA_NOTIFY
09/05/06 14:45 kernel: Channel 1 looks dead
09/05/06 14:45 kernel: ipsec: Output SA changing state DYING or DEAD
09/05/06 14:45 iked[153]: Acquiring key for channel/policy 1/0
09/05/06 14:45 iked[153]: TO 70.155.9.187 QM-HDR* -13D9F7E2 ISA_HASH ISA_SA ISA_NONCE ISA_ID ISA_ID
09/05/06 14:45 iked[153]: RE-TO 70.155.9.187 QM-HDR* -13D9F7E2 ISA_HASH
09/05/06 14:45 pppd[95]: No response to 3 echo-requests


THESE LOGS TELL THAT THE FIREBOX IS NOT ABLE TO COMMUNICATE WITH THE REMOTE VPN DEVICE

REST OF THE LOGS ARE SHOWING THAT THRE COULD BE A PROBLEM IN YOUR PPOE CONNECTION ON EXTERNAL INTERFACE.

WHAT VERSION OF SOFTWARE ARE YOU RUNNING ON FIREBOX...IF OLD YOU MAY HAVE TO UPGRADE THE SOFTWARE VERSION.


 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ciscokid1984
  • Locked
  • Question
Watchguard RDP from external network
Replies
1
Views
358
hairlessupportmonkey
hairlessupportmonkey
TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
344
hairlessupportmonkey
hairlessupportmonkey
cambo2k
  • Locked
  • Question
Watchguard or Cisco?
Replies
1
Views
237
hairlessupportmonkey
hairlessupportmonkey
ITSUPPORTIT
  • Locked
  • Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
233
ITSUPPORTIT
ITSUPPORTIT
Docy
  • Locked
  • Question
Avaya IP office 500 V2 9.0.5 Watchguard 26 and Avaya 9620C
Replies
2
Views
221
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top