<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML DIR=ltr><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"></HEAD><BODY><DIV><FONT face='Arial' color=#000000 size=2><FONT size=2>
<P>I'm setting up a PSK roadwarrior config using SoftRemote 10 and Openswan
2.1.4 as a preliminary step toward X-Auth. The Safenet Client indicates
the VPN is up but traffic doesn't seem to pass. After closer inspection, I
noticed "ipec look" doesn't show any established sa's and my auth.log shows
...</P>
<P>Nov 11 00:13:39 debian pluto[2748]: packet from 192.168.10.4:500: ignoring
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]<BR>Nov 11 00:13:39 debian
pluto[2748]: packet from 192.168.10.4:500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 0<BR>Nov 11
00:13:39 debian pluto[2748]: "road-warrior" #13: responding to Main Mode<BR>Nov
11 00:13:39 debian pluto[2748]: "road-warrior" #13: transition from state (null)
to state STATE_MAIN_R1<BR>Nov 11 00:13:39 debian pluto[2748]: "road-warrior"
#13: ignoring Vendor ID payload [47bbe7c993f1fc13...]<BR>Nov 11 00:13:39 debian
pluto[2748]: "road-warrior" #13: ignoring Vendor ID payload
[da8e937880010000]<BR>Nov 11 00:13:39 debian pluto[2748]: "road-warrior" #13:
ignoring Vendor ID payload [Dead Peer Detection]<BR>Nov 11 00:13:39 debian
pluto[2748]: "road-warrior" #13: received Vendor ID payload [XAUTH]<BR>Nov 11
00:13:39 debian pluto[2748]: "road-warrior" #13: transition from state
STATE_MAIN_R1 to state STATE_MAIN_R2<BR>Nov 11 00:13:40 debian pluto[2748]:
"road-warrior" #13: ignoring informational payload, type
IPSEC_REPLAY_STATUS<BR>Nov 11 00:13:40 debian pluto[2748]: "road-warrior" #13:
ignoring informational payload, type IPSEC_INITIAL_CONTACT<BR>Nov 11 00:13:40
debian pluto[2748]: "road-warrior" #13: Peer ID is ID_IPV4_ADDR:
'192.168.10.4'<BR>Nov 11 00:13:40 debian pluto[2748]: "road-warrior" #13:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3<BR>Nov 11 00:13:40
debian pluto[2748]: "road-warrior" #13: sent MR3, ISAKMP SA established<BR>Nov
11 00:13:40 debian pluto[2748]: "road-warrior" #14: responding to Quick
Mode<BR>Nov 11 00:13:40 debian pluto[2748]: "road-warrior" #14: transition from
state (null) to state STATE_QUICK_R1<BR>Nov 11 00:13:40 debian pluto[2748]:
"road-warrior" #14: up-client output: Generic IP Firewall Chains not in this
kernel<BR>Nov 11 00:13:40 debian pluto[2748]: "road-warrior" #14: up-client
command exited with status 1<BR>Nov 11 00:13:50 debian pluto[2748]:
"road-warrior" #14: up-client output: Generic IP Firewall Chains not in this
kernel<BR>Nov 11 00:13:50 debian pluto[2748]: "road-warrior" #14: up-client
command exited with status 1<BR>Nov 11 00:13:50 debian pluto[2748]: ERROR:
"road-warrior" #14: pfkey write() of SADB_DELETE message 178 for Delete SA <A
href="mailto:esp.b22682d5@192.168.10.16">esp.b22682d5@192.168.10.16</A> failed.
Errno 3: No such process<BR>Nov 11 00:13:50 debian pluto[2748]: | 02 04 00 03 0b
00 00 00 b2 00 00 00 bc 0a 00 00<BR>Nov 11 00:13:50 debian pluto[2748]: | 03 00
01 00 b2 26 82 d5 00 01 00 00 00 00 00 00<BR>Nov 11 00:13:50 debian pluto[2748]:
| ff ff ff ff 00 00 00 00 03 00 05 00 00 00 00 00<BR>Nov 11 00:13:50 debian
pluto[2748]: | 02 00 00 00 c0 a8 0a 04 00 00 00 00 00 00 00 00<BR>Nov 11
00:13:50 debian pluto[2748]: | 03 00 06 00 00 00 00 00 02 00 00 00 c0 a8 0a
10<BR>Nov 11 00:13:50 debian pluto[2748]: | 00 00 00 00 00 00 00 00<BR>Nov 11
00:14:10 debian pluto[2748]: "road-warrior" #14: up-client output: Generic IP
Firewall Chains not in this kernel<BR>Nov 11 00:14:10 debian pluto[2748]:
"road-warrior" #14: up-client command exited with status 1<BR>Nov 11 00:14:10
debian pluto[2748]: ERROR: "road-warrior" #14: pfkey write() of SADB_DELETE
message 185 for Delete SA <A
href="mailto:esp.b22682d5@192.168.10.16">esp.b22682d5@192.168.10.16</A> failed.
Errno 3: No such process<BR>Nov 11 00:14:10 debian pluto[2748]: | 02 04 00 03 0b
00 00 00 b9 00 00 00 bc 0a 00 00<BR>Nov 11 00:14:10 debian pluto[2748]: | 03 00
01 00 b2 26 82 d5 00 01 00 00 00 00 00 00<BR>Nov 11 00:14:10 debian pluto[2748]:
| ff ff ff ff 00 00 00 00 03 00 05 00 00 00 00 00<BR>Nov 11 00:14:10 debian
pluto[2748]: | 02 00 00 00 c0 a8 0a 04 00 00 00 00 00 00 00 00<BR>Nov 11
00:14:10 debian pluto[2748]: | 03 00 06 00 00 00 00 00 02 00 00 00 c0 a8 0a
10<BR>Nov 11 00:14:10 debian pluto[2748]: | 00 00 00 00 00 00 00 00<BR>Nov 11
00:14:50 debian pluto[2748]: "road-warrior" #14: max number of retransmissions
(2) reached STATE_QUICK_R1<BR>Nov 11 00:14:50 debian pluto[2748]: ERROR:
"road-warrior" #14: pfkey write() of SADB_DELETE message 186 for Delete SA <A
href="mailto:esp.b22682d5@192.168.10.16">esp.b22682d5@192.168.10.16</A> failed.
Errno 3: No such process<BR>Nov 11 00:14:50 debian pluto[2748]: | 02 04 00 03 0b
00 00 00 ba 00 00 00 bc 0a 00 00<BR>Nov 11 00:14:50 debian pluto[2748]: | 03 00
01 00 b2 26 82 d5 00 01 00 00 00 00 00 00<BR>Nov 11 00:14:50 debian pluto[2748]:
| ff ff ff ff 00 00 00 00 03 00 05 00 00 00 00 00<BR>Nov 11 00:14:50 debian
pluto[2748]: | 02 00 00 00 c0 a8 0a 04 00 00 00 00 00 00 00 00<BR>Nov 11
00:14:50 debian pluto[2748]: | 03 00 06 00 00 00 00 00 02 00 00 00 c0 a8 0a
10<BR>Nov 11 00:14:50 debian pluto[2748]: | 00 00 00 00 00 00 00 00<BR>Nov 11
00:28:08 debian pluto[2748]: "road-warrior" #13: ignoring Delete SA payload:
PROTO_IPSEC_ESP SA(0x054382e5) not found (maybe expired)<BR>Nov 11 00:28:08
debian pluto[2748]: "road-warrior" #13: ignoring Delete SA payload:
PROTO_IPSEC_ESP SA(0xb22682d5) not found (maybe expired)<BR>Nov 11 00:28:08
debian pluto[2748]: "road-warrior" #13: received Delete SA payload: deleting
ISAKMP State #13<BR></P>
<P> </P>
<P>Anyone have any suggestions?</P></FONT></FONT></DIV></BODY></HTML>