peer matches *none* of the profiles

Discussion in 'Cisco' started by P, Feb 7, 2005.

  1. P

    P Guest

    Hi


    Any ideas here?

    I am writing up a document on getting a Linksys WAG54G to do an IPSEC Tunnel
    with an IOS router. I have it all working fine, but I thought I would
    annotate the Cisco logs here and there to make it easier for the reader.

    Just at the end of IKE Phase 1, when the peers verify eachothers identify
    (in my example, by IP address), I see this and I'm not sure whats going on..
    (IP's have been changed)

    Feb 6 21:43:06.942 GMT: ISAKMP (0:709): Old State = IKE_R_MM4 New State =
    IKE_R_MM5
    Feb 6 21:43:06.942 GMT: ISAKMP (0:709): processing ID payload. message ID =
    0
    Feb 6 21:43:06.942 GMT: ISAKMP (0:709): ID payload
    next-payload : 8
    type : 1
    address : 200.100.1.1
    protocol : 0
    port : 0
    length : 12

    Ok so the peer has sent its identity info as per the 3rd main mode exchange
    of IKE Phase 1. Then what the heck does this signify?

    Feb 6 21:43:06.942 GMT: ISAKMP (0:709): peer matches *none* of the profiles

    Okay next it looks like it is checking the hash of the above..

    Feb 6 21:43:06.942 GMT: ISAKMP (0:709): processing HASH payload. message ID
    = 0
    Feb 6 21:43:06.946 GMT: ISAKMP (0:709): SA authentication status:
    Feb 6 21:43:06.946 GMT: authenticated
    Feb 6 21:43:06.946 GMT: ISAKMP (0:709): SA has been authenticated with
    200.100.1.1

    Great, the hash checks out and we are happy?? But here it is again!

    Feb 6 21:43:06.946 GMT: ISAKMP (0:709): peer matches *none* of the profiles

    Then it sends my ID payload to the Linksys peer..

    Feb 6 21:43:06.946 GMT: ISAKMP (0:709): Input = IKE_MESG_INTERNAL,
    IKE_PROCESS_MAIN_MODE
    Feb 6 21:43:06.946 GMT: ISAKMP (0:709): Old State = IKE_R_MM5 New State =
    IKE_R_MM5
    Feb 6 21:43:06.946 GMT: ISAKMP (0:709): SA is doing pre-shared key
    authentication using id type ID_IPV4_ADDR
    Feb 6 21:43:06.946 GMT: ISAKMP (0:709): ID payload
    next-payload : 8
    type : 1
    address : 200.56.4.1
    protocol : 17
    port : 500
    length : 12
    Feb 6 21:43:06.946 GMT: ISAKMP (709): Total payload length: 12
    Feb 6 21:43:06.946 GMT: ISAKMP (0:709): sending packet to 200.100.1.1
    my_port 500 peer_port 500 (R) MM_KEY_EXCH

    Looks like it worked ok, because Phase 1 completes..

    Feb 6 21:43:06.946 GMT: ISAKMP (0:709): Input =
    IKE_MESG_INTERNAL,IKE_PROCESS_COMPLETE
    Feb 6 21:43:06.946 GMT: ISAKMP (0:709): Old State = IKE_R_MM5 New State =
    IKE_P1_COMPLETE
    Feb 6 21:43:06.946 GMT: ISAKMP (0:709): Input =
    IKE_MESG_INTERNAL,IKE_PHASE1_COMPLETE
    Feb 6 21:43:06.946 GMT: ISAKMP (0:709): Old State = IKE_P1_COMPLETE New
    State = IKE_P1_COMPLETE

    So I really do not understand what is meant by this message peer matches
    *none* of the profiles??

    thanks

    Paul
     
    P, Feb 7, 2005
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Doug A Moller

    Need help with peer to peer no hub network

    Doug A Moller, Jun 23, 2004, in forum: Wireless Networking
    Replies:
    3
    Views:
    5,816
  2. =?Utf-8?B?QmlsbEM=?=

    peer to peer linking and sharing

    =?Utf-8?B?QmlsbEM=?=, Aug 23, 2004, in forum: Wireless Networking
    Replies:
    2
    Views:
    729
    =?Utf-8?B?QmlsbEM=?=
    Aug 23, 2004
  3. Patrick Page

    Peer to peer wifi setup

    Patrick Page, Sep 12, 2004, in forum: Wireless Networking
    Replies:
    14
    Views:
    5,925
    Patrick Page
    Sep 13, 2004
  4. =?Utf-8?B?TWFya28=?=

    Trouble installing the peer-to-peer component

    =?Utf-8?B?TWFya28=?=, Dec 27, 2004, in forum: Wireless Networking
    Replies:
    1
    Views:
    2,332
  5. =?Utf-8?B?TWFyaWFuSA==?=

    Peer to Peer Connection using ICQ

    =?Utf-8?B?TWFyaWFuSA==?=, Dec 27, 2004, in forum: Wireless Networking
    Replies:
    5
    Views:
    2,428
    anjeepsolution
    Sep 30, 2008
Loading...

Share This Page