[Telepuzik]

hosco,
Что в пишется в логах при поднятие туннеля?

[hosco]

Telepuzik, вот из логов в офисе А (тот что изначально работал):

Monday November 14, 2011 08:25:45 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:46 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:46 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:47 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:47 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:48 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:48 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:49 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:49 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:50 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:50 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:51 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:51 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:52 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:53 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:54 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:55 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:56 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:57 IKED re-TX : QINIT to 91.197.78.146
Monday November 14, 2011 08:25:58 IKED re-TX : QINIT to 91.197.78.146

Ещё:
Thursday May 17, 2012 13:50:11 error = 14
Thursday May 17, 2012 13:50:11 IKED re-TX : QINIT to 91.197.78.146
Thursday May 17, 2012 13:50:11 IKED re-TX : QINIT to 91.197.78.146
Thursday May 17, 2012 13:50:11 IKED re-TX : QINIT to 91.197.78.146
Thursday May 17, 2012 13:50:12 Receive IKE Q1(QINIT) : [91.197.78.146]-->[91.204.178.84]
Thursday May 17, 2012 13:50:12 Requested routing is [192.168.3.0|91.197.78.146]<->[91.204.178.84|192.168.0.0]
Thursday May 17, 2012 13:50:12 Try to match ESP with MODE:Tunnel PROTOCAL:ESP-3DES AUTH:MD5 HASH:Others PFS(Group):Group1
Thursday May 17, 2012 13:50:12 error = 14
Thursday May 17, 2012 13:50:12 Receive IKE Q1(QINIT) : [91.197.78.146]-->[91.204.178.84]
Thursday May 17, 2012 13:50:12 Requested routing is [192.168.3.0|91.197.78.146]<->[91.204.178.84|192.168.0.0]
Thursday May 17, 2012 13:50:12 Try to match ESP with MODE:Tunnel PROTOCAL:ESP-3DES AUTH:MD5 HASH:Others PFS(Group):Group1
Thursday May 17, 2012 13:50:12 error = 14
Thursday May 17, 2012 13:50:12 IKED re-TX : QINIT to 91.197.78.146
Thursday May 17, 2012 13:50:12 IKED re-TX : QINIT to 91.197.78.146
Thursday May 17, 2012 13:50:13 Receive IKE Q1(QINIT) : [91.197.78.146]-->[91.204.178.84]
Thursday May 17, 2012 13:50:13 Requested routing is [192.168.3.0|91.197.78.146]<->[91.204.178.84|192.168.0.0]
Thursday May 17, 2012 13:50:13 Try to match ESP with MODE:Tunnel PROTOCAL:ESP-3DES AUTH:MD5 HASH:Others PFS(Group):Group1
Thursday May 17, 2012 13:50:13 error = 14
Thursday May 17, 2012 13:50:13 Receive IKE Q1(QINIT) : [91.197.78.146]-->[91.204.178.84]
Thursday May 17, 2012 13:50:13 Requested routing is [192.168.3.0|91.197.78.146]<->[91.204.178.84|192.168.0.0]

[hosco]

А вот лог роутера в офисе Б:

Thursday May 17, 2012 14:26:07 IKE phase2 (IPSec SA) remove : 192.168.3.0 <-> 192.168.0.0
Thursday May 17, 2012 14:26:07 inbound SPI = 0xbc0a66ed, outbound SPI = 0x0
Thursday May 17, 2012 14:26:07 Send IKE Q1(QINIT) : 192.168.3.0 --> 192.168.0.0
Thursday May 17, 2012 14:26:07 Receive IKE INFO : 91.204.178.84 --> 91.197.78.146
Thursday May 17, 2012 14:26:07 Disassociated: Blocked access attempt from 94.21.154.10:49093 to UDP port 23518
Thursday May 17, 2012 14:26:08 IKED re-TX : QINIT to 91.204.178.84
Thursday May 17, 2012 14:26:08 IKED re-TX : QINIT to 91.204.178.84
Thursday May 17, 2012 14:26:08 Send IKE (INFO) : delete [192.168.3.0|91.197.78.146]-->[91.204.178.84|192.168.0.0] phase 2
Thursday May 17, 2012 14:26:08 IKE phase2 (IPSec SA) remove : 192.168.3.0 <-> 192.168.0.0
Thursday May 17, 2012 14:26:08 inbound SPI = 0xbe0a9c59, outbound SPI = 0x0
Thursday May 17, 2012 14:26:08 Send IKE (INFO) : delete [192.168.3.0|91.197.78.146]-->[91.204.178.84|192.168.0.0] phase 2
Thursday May 17, 2012 14:26:08 IKE phase2 (IPSec SA) remove : 192.168.3.0 <-> 192.168.0.0
Thursday May 17, 2012 14:26:08 inbound SPI = 0xbd0a7c23, outbound SPI = 0x0
Thursday May 17, 2012 14:26:08 Send IKE Q1(QINIT) : 192.168.3.0 --> 192.168.0.0
Thursday May 17, 2012 14:26:08 Receive IKE Q1(QINIT) : [91.204.178.84]-->[91.197.78.146]
Thursday May 17, 2012 14:26:08 Requested routing is [192.168.0.0|91.204.178.84]<->[91.197.78.146|192.168.3.0]
Thursday May 17, 2012 14:26:08 Try to match ESP with MODE:Tunnel PROTOCAL:ESP-DES AUTH:MD5 HASH:Others PFS(Group):Group2
Thursday May 17, 2012 14:26:08 error = 14
Thursday May 17, 2012 14:26:08 Receive IKE INFO : 91.204.178.84 --> 91.197.78.146
Thursday May 17, 2012 14:26:09 IKED re-TX : QINIT to 91.204.178.84

[Telepuzik]

Цитата hosco:

Thursday May 17, 2012 13:50:13 Try to match ESP with MODE:Tunnel PROTOCAL:ESP-3DES AUTH:MD5 HASH:Others PFS(Group):Group1 »

Покажите скрин настроек HOME->VPN->TunnelName->Select IKE Proposal с устройств в офисе А и Б.

Цитата hosco:

Прошивка на всех V1.53RU »

Прошивка точно на всех такая? Покупал недавно данное устройство в прошивке (если не ошибаюсь) 1.53RU нет поддержки 3DES пришлось устанавливать V1.51.

[hosco]

Telepuzik

Да, прошивка одинаковая, несколько раз проверил.

Скрины

[Telepuzik]

hosco,
Давайте скрины настроек Select IPSEC Proposal.

[hosco]

Telepuzik

[Telepuzik]

hosco,
Настройки правильные только не понятно откуда берется вот это:

Цитата hosco:

Thursday May 17, 2012 13:50:13 Try to match ESP with MODE:Tunnel PROTOCAL:ESP-3DES »

В офисе А пробЫвали роутер перезагружать?

[hosco]

Telepuzik, да пробовал конечно, первое что делаю. Старый дедовский способ - если что-то не работает, первым делом ребутни