Just brought up our first set of non legacy bordermanagers. Thanks for
the book Craig! Followed it closely.

Few issues. On the master Side am seeing the slave as Being Configured
all the time (like days)

Seeing this on master side:

03/08/2006 08:32:56 AM IKE Received MM ID type: 9 protocol : 0
portnum: 0 length 57
03/08/2006 08:32:56 AM IKE First IKE connection sending
INITIAL_CONTACT notify to 192.24.242.194
03/08/2006 08:32:56 AM IKE IKE SA NEGOTIATION - Peer lifetime is:
28800 My lifetime is: 28800
03/08/2006 08:32:42 AM IKE PFS NOT ENABLED - DELETING ALL IPSEC SA

03/08/2006 08:32:40 AM IKE Failed to create IKE SA - Peer
certificate date is invalid cookies my-his :
09047122264885A3-83D30307E8FCB2F8 dst: 192.24.242.194 src:
192.24.242.162
03/08/2006 08:32:40 AM IKE Sending notify message of type : 51 to
192.24.242.194
03/08/2006 08:32:40 AM IKE Received MM ID type: 9 protocol : 0
portnum: 0 length 57
03/08/2006 08:32:40 AM IKE First IKE connection sending
INITIAL_CONTACT notify to 192.24.242.194
03/08/2006 08:32:40 AM IKE IKE SA NEGOTIATION - Peer lifetime is:
28800 My lifetime is: 28800
03/08/2006 08:32:28 AM IKE PFS NOT ENABLED - DELETING ALL IPSEC SA






On Slave side have an interesting thing in Remote manager, when I
sleect the activity screen Under associated COnnection details it has
the WRONG IP ADDRESS for the associated address, it is a very old
public address like three providers ago. Have searched the entire sys
volume for any file containing this address and find nothing, have been
thru all of the DS entires that could hold it and find nothing. WHERE
IS THIS ADDRESS COMING FROM??

On slave side I get the folloing in the logs:

03/08/2006 11:50:58 PM VPN Control Send update cfg to 2 for type of
mask = 31, typeofcfg = 1
03/08/2006 11:50:58 PM VPN Control Send update cfg to 1 for type
of mask = 7, typeofcfg = 1
03/08/2006 11:50:58 PM VPN Control VPNGetRootCert: Read trusted
root certs from TRC.SHOOK
03/08/2006 11:50:58 PM VPN Control The configured server
certificate is VPNCert - BORDERONE.SHOOK
03/08/2006 11:50:58 PM VPN Control Trusted master of this slave
has been modified
03/08/2006 11:50:58 PM VPN Control The trusted root container of
this VPN server is TRC.SHOOK
03/08/2006 11:28:02 PM VPN Control Reading S2S Configuration from
file failed, Unable to open Configuration File
03/08/2006 11:28:02 PM VPN Control Read Slave S2S Policy From File
Failed, Unable to open Configuration File
03/08/2006 11:28:02 PM VPN Control Read Slave S2S Policy From File
Failed, Unable to open Configuration File
03/08/2006 11:28:02 PM VPN Control Read Slave Member Configuration
>From File Failed, Memory Allocation Failed



Where is the configuration file mentioned??

I am totally new at this new fangled VPN :)

And have a bunch of them to do :(