Scribd Logo
Upload

Welcome to Scribd!

  • Huawei Secoway SVN2260 VPN Gateway & GreenBow IPsec VPN Software Configuration (ZH)

    Uploaded by

    greenbow
    97 views14 pages
    Step by step IPSec VPN install and configuration for the Huawei Secoway SVN2260 Gateway and GreenBow VPN client. For more VPN configuration guides, tutorial and howto, go to http://www.thegreenbow.com/vpn_gateway.html

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Step by step IPSec VPN install and configuration for the Huawei Secoway SVN2260 Gateway and GreenBow VPN client. For more VPN configuration guides, tutorial and howto, go to http://www.thegreenbow.com/vpn_gateway.html

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    97 views14 pages

    Huawei Secoway SVN2260 VPN Gateway & GreenBow IPsec VPN Software Configuration (ZH)

    Uploaded by

    greenbow
    Step by step IPSec VPN install and configuration for the Huawei Secoway SVN2260 Gateway and GreenBow VPN client. For more VPN configuration guides, tutorial and howto, go to http://www.thegreenbow.com/vpn_gateway.html

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 14

    TheGreenBow

    VPN

    &

    SVN2260

    VPN
    WebSite:

    http://www.thegreenbow.com

    Contact:

    support@thegreenbow.com

    IPSec VPN

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    1/14

    Doc.Ref
    Doc.version
    VPN version

    tgbvpn_cg-huawei-secoway-svn2260-zh
    1.0 Mar 2012
    5.13.002

    .............................................................................................................................................................. 3
    1.1

    ............................................................................................................................................ 3

    1.2

    VPN .......................................................................................................................................... 3

    1.3

    Secoway SVN2260 VPN ........................................................................ 3

    1.4

    Secoway SVN2260 VPN ...................................................... 3

    Secoway SVN2260 VPN VPN .............................................................. 4

    VPN ....................................................................................................................................... 6

    3.1

    VPN IKE ................................................................................... 6

    3.2

    VPN IPSec .............................................................................. 8

    3.3

    IPSec VPN .................................................................................................................... 8

    ............................................................................................................................................10
    4.1

    Wireshark........................................................................................ 10

    IPSec VPN ..............................................................................................................................11


    5.1

    ( 1 ) ................................................................................... 11

    5.2

    COOKIE ............................................................................................................... 11

    5.3

    no keystate .................................................................................................................... 11

    5.4

    ID .................................................................................... 11

    5.5

    no proposal chosen .................................................................................................... 12

    5.6

    ID ............................................................................................................. 12

    5.7

    , .......................................................................... 12

    5.8

    VPN Ping ............................................................................. 12

    ....................................................................................................................................................14

    IPSec VPN

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    2/14

    Doc.Ref
    Doc.version
    VPN version

    tgbvpn_cg-huawei-secoway-svn2260-zh
    1.0 Mar 2012
    5.13.002

    1
    1.1
    TheGreenBow VPN Secoway SVN2260
    VPN VPN

    1.2 VPN
    VPN IPSec VPN Secoway SVN2260 VPN
    VPN VPN DSL IP

    IPSec VPN
    LAN
    192.168.1.1
    192.168.0.1

    IPSec VPN

    192 168 1 2

    192.168.0.78

    Internet
    SVN2260
    192.168.0.3

    1.3 Secoway SVN2260 VPN


    Secoway SVN2260 VPN V200R001C00SPC200

    1.4 Secoway SVN2260 VPN


    Secoway SVN2260 VPN
    Secoway SVN2260 VPN

    www.huawei.com/cn/products/security-storage/security-product/svn/svn3000/index.htm
    IPSec VPN

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    3/14

    Doc.Ref
    Doc.version
    VPN version

    tgbvpn_cg-huawei-secoway-svn2260-zh
    1.0 Mar 2012
    5.13.002

    2 Secoway SVN2260 VPNVPN


    Secoway SVN2260 VPN VPN
    1) SVN2260 "VPN", "IPsec" "IKE Negotiation", phase1

    2) phase 1 , "Main Mode" Negotiation Mode, Pre-Shared Key, NAT


    Traversal

    IPSec VPN

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    4/14

    Doc.Ref
    Doc.version
    VPN version

    tgbvpn_cg-huawei-secoway-svn2260-zh
    1.0 Mar 2012
    5.13.002

    3) phase 2, Tunnel Mode Encapsulation Mode, DH-Group2 PFS

    4) IPsec Policy , IPsec Rule

    IPSec VPN

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    5/14

    Doc.Ref
    Doc.version
    VPN version

    tgbvpn_cg-huawei-secoway-svn2260-zh
    1.0 Mar 2012
    5.13.002

    3 VPN
    VPN Secoway SVN2260 VPN VPN

    TheGreenBow IPSec VPN


    http://www.thegreenbow.com/vpn_down.html

    3.1 VPNIKE

    VPN
    IP
    DNS

    123456

    IPSec VPN

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    6/14

    Doc.Ref
    Doc.version
    VPN version

    tgbvpn_cg-huawei-secoway-svn2260-zh
    1.0 Mar 2012
    5.13.002

    IPSec VPN

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    7/14

    Doc.Ref
    Doc.version
    VPN version

    tgbvpn_cg-huawei-secoway-svn2260-zh
    1.0 Mar 2012
    5.13.002

    3.2 VPN IPSec

    IP

    LAN IP

    3.3 IPSec VPN


    Secoway SVN2260 VPN IPSec VPN
    VPN IPSec
    1 VPN
    2 IPSec VPN
    3 VPN
    4 IPSec VPN IPSec VPN
    IPSec VPN Secoway SVN2260 VPN
    IPSec VPN

    IPSec VPN

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    8/14

    Doc.Ref
    Doc.version
    VPN version

    IPSec VPN

    tgbvpn_cg-huawei-secoway-svn2260-zh
    1.0 Mar 2012
    5.13.002

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    9/14

    Doc.Ref
    Doc.version
    VPN version

    tgbvpn_cg-huawei-secoway-svn2260-zh
    1.0 Mar 2012
    5.13.002

    4
    IPSec VPN VPN
    VPN

    4.1 Wireshark
    WiresharkIPTCP
    http://www.wireshark.org

    (http://www.wireshark.org/docs/)

    IPSec VPN

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    10/14

    Doc.Ref
    Doc.version
    VPN version

    tgbvpn_cg-huawei-secoway-svn2260-zh
    1.0 Mar 2012
    5.13.002

    5 IPSec VPN
    5.1 ( 1 )
    114920 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [SA][VID]
    114920 Default (SA CNXVPN1-P1) RECV phase 1 Main Mode [NOTIFY]
    114920 Default exchange_run: exchange_validate failed
    114920 Default dropped message from 195.100.205.114 port 500 due
    PAYLOAD_MALFORMED
    114920 Default SEND Informational [NOTIFY] with PAYLOAD_MALFORMED error

    to

    notification

    type

    [SA] VPN

    5.2 COOKIE
    115933 Default message_recv: invalid cookie(s) 5918ca0c2634288f 7364e3e486e49105
    115933 Default dropped message from 195.100.205.114 port 500 due to notification type INVALID_COOKIE
    115933 Default SEND Informational [NOTIFY] with INVALID_COOKIE error

    COOKIE VPN SA
    VPN

    5.3 no keystate
    115315 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [SA][VID]
    115317 Default (SA CNXVPN1-P1) RECV phase 1 Main Mode [SA][VID]
    115317 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [KEY][NONCE]
    115319 Default (SA CNXVPN1-P1) RECV phase 1 Main Mode [KEY][NONCE]
    115319 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [ID][HASH][NOTIFY]
    115319 Default ipsec_get_keystate: no keystate in ISAKMP SA 00B57C50

    ID VPN

    5.4 ID
    120348 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [SA][VID]
    120349 Default (SA CNXVPN1-P1) RECV phase 1 Main Mode [SA][VID]
    120349 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [KEY][NONCE]
    120351 Default (SA CNXVPN1-P1) RECV phase 1 Main Mode [KEY][NONCE]
    120351 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [ID][HASH][NOTIFY]
    120351 Default (SA CNXVPN1-P1) RECV phase 1 Main Mode [ID][HASH][NOTIFY]
    120351 Default ike_phase_1_recv_ID: received remote ID other than expected support@thegreenbow.fr

    ID

    IPSec VPN

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    11/14

    Doc.Ref
    Doc.version
    VPN version

    tgbvpn_cg-huawei-secoway-svn2260-zh
    1.0 Mar 2012
    5.13.002

    5.5 no proposal chosen


    115911 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [SA][VID]
    115913 Default (SA CNXVPN1-P1) RECV phase 1 Main Mode [SA][VID]
    115913 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [KEY][NONCE]
    115915 Default (SA CNXVPN1-P1) RECV phase 1 Main Mode [KEY][NONCE]
    115915 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [ID][HASH][NOTIFY]
    115915 Default (SA CNXVPN1-P1) RECV phase 1 Main Mode [ID][HASH][NOTIFY]
    115915 Default phase 1 done: initiator id c364cd70: 195.100.205.112, responder id c364cd72: 195.100.205.114,
    src: 195.100.205.112 dst: 195.100.205.114
    115915 Default (SA CNXVPN1-CNXVPN1-P2) SEND phase 2 Quick Mode [SA][KEY][ID][HASH][NONCE]
    115915 Default RECV Informational [HASH][NOTIFY] with NO_PROPOSAL_CHOSEN error
    115915 Default RECV Informational [HASH][DEL]
    115915 Default CNXVPN1-P1 deleted

    no proposal chosen 2
    1
    115911 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [SA][VID]
    115911 Default RECV Informational [NOTIFY] with NO_PROPOSAL_CHOSEN error

    5.6 ID
    122623 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [SA][VID]
    122625 Default (SA CNXVPN1-P1) RECV phase 1 Main Mode [SA][VID]
    122625 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [KEY][NONCE]
    122626 Default (SA CNXVPN1-P1) RECV phase 1 Main Mode [KEY][NONCE]
    122626 Default (SA CNXVPN1-P1) SEND phase 1 Main Mode [ID][HASH][NOTIFY]
    122626 Default (SA CNXVPN1-P1) RECV phase 1 Main Mode [ID][HASH][NOTIFY]
    122626 Default phase 1 done: initiator id c364cd70: 195.100.205.112, responder id c364cd72: 195.100.205.114,
    src: 195.100.205.112 dst: 195.100.205.114
    122626 Default (SA CNXVPN1-CNXVPN1-P2) SEND phase 2 Quick Mode [SA][KEY][ID][HASH][NONCE]
    122626 Default RECV Informational [HASH][NOTIFY] with INVALID_ID_INFORMATION error
    122626 Default RECV Informational [HASH][DEL]
    122626 Default CNXVPN1-P1 deleted

    ID 2 ID ( IP )
    ID

    5.7 ,
    VPN IKE IPSec UDP 500
    ESP

    5.8 VPNPing
    VPN ping

    2 VPN LAN VPN IP

    VPN ESP ESP

    VPN ESP
    IPSec VPN

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    12/14

    Doc.Ref
    Doc.version
    VPN version

    tgbvpn_cg-huawei-secoway-svn2260-zh
    1.0 Mar 2012
    5.13.002

    VPN VPN

    ISP ESP

    ping VPN LAN ping

    Ethereal

    VPN LAN LAN

    ping

    LAN LAN IP

    Wireshark (http://www.wireshark.org)

    ping

    IPSec VPN

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    13/14

    Doc.Ref
    Doc.version
    VPN version

    tgbvpn_cg-huawei-secoway-svn2260-zh
    1.0 Mar 2012
    5.13.002

    6
    TheGreenBow http://www.thegreenbow.com/zh/
    support@thegreenbow.com
    sales@thegreenbow.com

    IPSec VPN

    Property of TheGreenBow Sistech SA - Sistech 2001-2012

    14/14

    You might also like