Issue in shrew software(Rejected an Phase 1 packet from an unrecozed gateway)



  • Hi,

    i am configuring shrew soft for window 7. I am facing below error

    Rejected an IKE packet on ethernet1/0 from x.x.x.x:500 to x.x.x.x:500 with cookies 068112cc7a99bd99 and 0000000000000000 because an initial Phase 1 packet arrived from an unrecognized peer gateway.

    Config on firewall is:

    1. Create a Phase1 ID:

    Object->Local-> New
    USername: abc
    IKE User-> Simple identity
    -> IKE Id Type : Auto
    -> IKE Identity : ABX

    2. Create a Local Key Group
    3. Create an Auto Key Advanced Gateway

    PreshareKey: ABC
    Outgoing interface: Untrust interface
    Security Level:custom
                  Phase 1 Proposal: pre-g2-3des-sha : pre-g2-3des-MD5: pre-g2-aes-128-sha: pre-g2-aes-128-md5
                    Mode:  Aggressive
                    enable NAT-Traversal
    4. Define Xauth Parameters
    5.Create an Auto Key IKE Gateway
    6. Create a policy
    ex: untrust to trust: source:dailup, destination: 172.16.1.3/255.255.255.255

    Config of shrew software

    general: Remote Host-> Ip of untrust interface
                  auto config: ike config push
                  local host:use virtual adapter
    client: Nat:enable
            IKE fragmentation enable
            Name resolvation: disable DNS/WIN
    authentication: Mutual PSK+Xauth
                            Local identily:ABX
                            remote identy:none
                            credentail: preshare(ABC)
    phase1: mode :aggresive
                dh exchnage: g2
                chiper:auto
                lifetime: 28800
    phase2: trans: auto
                  hmac: auto

    policy: remote network resource
              all destination ip of policy
              ex: 172.16.1.3/255.255.255.255


    Getting an error:Rejected an initial Phase 1 packet from an unrecognized peer gateway…

    require help to sort this


 

46
Online

38.4k
Users

12.7k
Topics

44.5k
Posts