Hi Paul:<div> Sorry,i forgot to turn on "DEBUG",here's the debug message:</div><div><br></div><div><div>17:22:35,,secur/auth,Warning,pluto[11507],SSLVPN,"""aa""[1] 113.89.243.199 #5: sending notification INVALID_ID_INFORMATION to <a href="http://113.89.243.199:500">113.89.243.199:500</a>"</div>
<div>17:22:35,,secur/auth,Warning,pluto[11507],SSLVPN,"""aa""[1] 113.89.243.199 #5: initial Aggressive Mode packet claiming to be from @test26 on 113.89.243.199 but no connection has been authorized"</div>
<div>17:22:35,,secur/auth,Warning,pluto[11507],SSLVPN,"""aa""[1] 113.89.243.199 #5: no suitable connection for peer '@test901'"</div><div>17:22:35,,secur/auth,Warning,pluto[11507],SSLVPN,"""aa""[1] 113.89.243.199 #5: Aggressive mode peer ID is ID_FQDN: '@test901'"</div>
<div>17:22:35,,secur/auth,Warning,pluto[11507],SSLVPN,"packet from <a href="http://113.89.243.199:500">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]"</div><div>17:22:35,,secur/auth,Warning,pluto[11507],SSLVPN,"packet from <a href="http://113.89.243.199:500">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109"</div>
<div>17:22:35,,secur/auth,Warning,pluto[11507],SSLVPN,"packet from <a href="http://113.89.243.199:500">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109"</div>
<div>17:22:35,,secur/auth,Warning,pluto[11507],SSLVPN,"packet from <a href="http://113.89.243.199:500">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109"</div>
<div>17:22:35,,secur/auth,Warning,pluto[11507],SSLVPN,"packet from <a href="http://113.89.243.199:500">113.89.243.199:500</a>: received Vendor ID payload [RFC 3947] method set to=109 "</div><div>17:22:35,,secur/auth,Warning,pluto[11507],SSLVPN,"packet from <a href="http://113.89.243.199:500">113.89.243.199:500</a>: received Vendor ID payload [Dead Peer Detection]"</div>
<div>17:22:35,,system,Error,ipsec__plutorun,SSLVPN,"restarting IPsec after pause..."</div><div>17:22:35,,system,Error,ipsec__plutorun,SSLVPN,"!pluto failure!: exited with error status 128"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| next payload type: ISAKMP_NEXT_VID"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| ***parse ISAKMP Identification Payload:"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| got payload 0x20(ISAKMP_NEXT_ID) needed: 0x20 opt: 0x102000"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| length: 20"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| next payload type: ISAKMP_NEXT_ID"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| ***parse ISAKMP Nonce Payload:"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| got payload 0x400(ISAKMP_NEXT_NONCE) needed: 0x420 opt: 0x102000"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| length: 132"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| next payload type: ISAKMP_NEXT_NONCE"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| ***parse ISAKMP Key Exchange Payload:"</div><div>
17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| got payload 0x10(ISAKMP_NEXT_KE) needed: 0x430 opt: 0x102000"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| DOI: ISAKMP_DOI_IPSEC"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| length: 52"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| next payload type: ISAKMP_NEXT_KE"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| ***parse ISAKMP Security Association Payload:"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| got payload 0x2(ISAKMP_NEXT_SA) needed: 0x432 opt: 0x102000"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| processing version=1.0 packet with exchange type=ISAKMP_XCHG_AGGR (4)"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| length: 368"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| message ID: 00 00 00 00"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| flags: none"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| exchange type: ISAKMP_XCHG_AGGR"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| ISAKMP version: ISAKMP Version 1.0 (rfc2407)"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| next payload type: ISAKMP_NEXT_SA"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 00 00 00 00 00 00 00 00"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| responder cookie:"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 95 82 b8 33 4a ad 13 18"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| initiator cookie:"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| **parse ISAKMP Message:"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 35 df 21 f8 7c fd b2 fc 68 b6 a4 48 00 00 00 14"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 08 63 81 b5 ec 42 7b 1f 0d 00 00 14 cd 60 46 43"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 15 52 9d 56 0d 00 00 14 90 cb 80 91 3e bb 69 6e"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 63 79 6c 61 6e 39 30 31 0d 00 00 14 af ca d7 13"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 74 23 de 13 c0 6e c8 2a 0d 00 00 10 02 00 00 00"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 04 32 02 c0 05 00 00 14 b8 69 3a 09 2d db 56 91"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 57 4d 8f 78 6a 11 89 ee 16 61 6d 73 58 3b e0 3b"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 14 8d 68 11 f6 ec 2f d0 7a 9a 01 72 75 ae 0a 04"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| c6 80 a7 a9 44 ad 4e f8 81 2a 21 06 dd a4 4a 99"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 8d d7 97 0d f9 c8 2b 61 6d 83 f2 90 d3 01 4d f6"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| e8 b4 c7 39 1f 70 68 73 f4 14 c4 4b d1 34 ba 94"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| e5 97 ad 8b f2 41 72 ee dc a6 70 da 8f ba aa 5f"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 83 d2 9b 67 b9 5d e5 f8 b7 8b a8 a8 56 d7 ad c8"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 0a 00 00 84 87 a7 a9 07 58 31 13 48 31 c1 58 50"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 02"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 00 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 01 10 04 00 00 00 00 00 00 00 01 70 04 00 00 34"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| 95 82 b8 33 4a ad 13 18 00 00 00 00 00 00 00 00"</div><div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| *received 368 bytes from <a href="http://113.89.243.199:500">113.89.243.199:500</a> on ppp0 (port=500)"</div>
<div>17:22:34,,secur/auth,Debug,pluto[11507],SSLVPN,"| "</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.810000] klips_debug: IP: ihl:20 ver:4 tos:0 tlen:136 id:19872 frag_off:0 ttl:64 proto:50 (ESP) chk:49481 saddr:113.88.151.45 daddr:113.89.241.123"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.800000] klips_debug:ipsec_xmit_send: ...done, calling ip_send() on device:ppp0"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.790000] klips_debug:ipsec_xmit_restore_hard_header: With hard_header, final head,tailroom: 64,24"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.780000] klips_debug:ipsec_xmit_restore_hard_header: After recursive xforms -- head,tailroom: 64,24"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.780000] klips_debug:rj_match: ***** not found."</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.770000] klips_debug:rj_match: ***** cp2=0pca5821d8 cp3=0pcbbe551c"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.760000] klips_debug:rj_match: **** t=0pcbbbabac"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.760000] klips_debug:rj_match: **** t=0pca4d1864"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.750000] klips_debug:rj_match: *** start searching up the tree, t=0pca4d184c"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.750000] klips_debug:rj_match: ** try to match a leaf, t=0pca4d184c"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.740000] klips_debug:rj_match: * See if we match exactly as a host destination"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.730000] klips_debug:ipsec_findroute: 113.88.151.45:0-><a href="http://113.89.241.123:0">113.89.241.123:0</a> 50"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.720000] ipsec_sa_put: ipsec_sa ca488c84 <a href="mailto:SA%3Aesp.c2f425f1@113.89.241.123">SA:esp.c2f425f1@113.89.241.123</a>, ref:18 reference count (4--) decremented by ipsec_xmit_cont:1096."</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.700000] klips_debug: IP: ihl:20 ver:4 tos:0 tlen:136 id:19872 frag_off:0 ttl:64 proto:50 (ESP) chk:49481 saddr:113.88.151.45 daddr:113.89.241.123"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.690000] klips_debug:ipsec_xmit_encap_once: after <ESP_3DES_HMAC_SHA1>, <a href="mailto:SA%3Aesp.c2f425f1@113.89.241.123">SA:esp.c2f425f1@113.89.241.123</a>:"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.690000] klips_debug:ipsec_alg_esp_encrypt: returned ret=1"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.680000] klips_debug:ipsec_alg_esp_encrypt: calling cbc_encrypt encalg=3 ips_key_e=cbba55b8 idat=ca5936a0 ilen=88 iv=ca593698, encrypt=1"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.670000] klips_debug:ipsec_alg_esp_encrypt: entering with encalg=3, ixt_e=bf1924e4"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.660000] klips_debug:ipsec_xmit_encap_once: head,tailroom: 64,24 before xform."</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.650000] klips_debug:ipsec_xmit_encap_once: pushing 16 bytes, putting 16, proto 50."</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.640000] klips_debug:ipsec_xmit_encap_once: calling output for <ESP_3DES_HMAC_SHA1>, <a href="mailto:SA%3Aesp.c2f425f1@113.89.241.123">SA:esp.c2f425f1@113.89.241.123</a>"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.630000] ipsec_sa_get: ipsec_sa ca488c84 <a href="mailto:SA%3Aesp.c2f425f1@113.89.241.123">SA:esp.c2f425f1@113.89.241.123</a>, ref:18 reference count (3++) incremented by ipsec_xmit_cont:1101."</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.620000] ipsec_sa_put: ipsec_sa ca4890b0 <a href="mailto:SA%3Atun.1001@113.89.241.123">SA:tun.1001@113.89.241.123</a>, ref:17 reference count (3--) decremented by ipsec_xmit_cont:1096."</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.600000] klips_debug: IP: ihl:20 ver:4 tos:0 tlen:104 id:19872 frag_off:0 ttl:64 proto:4 chk:49559 saddr:113.88.151.45 daddr:113.89.241.123"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.600000] klips_debug:ipsec_xmit_encap_once: after <IPIP>, <a href="mailto:SA%3Atun.1001@113.89.241.123">SA:tun.1001@113.89.241.123</a>:"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.590000] klips_debug:ipsec_xmit_encap_once: head,tailroom: 80,40 before xform."</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.580000] klips_debug:ipsec_xmit_encap_once: pushing 20 bytes, putting 0, proto 4."</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.570000] klips_debug:ipsec_xmit_encap_once: calling output for <IPIP>, <a href="mailto:SA%3Atun.1001@113.89.241.123">SA:tun.1001@113.89.241.123</a>"</div><div>
17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.560000] klips_debug: IP: ihl:20 ver:4 tos:0 tlen:84 id:0 DF frag_off:0 ttl:64 proto:1 (ICMP) chk:59477 saddr:192.168.100.1 daddr:192.168.109.1 type:code=8:0"</div><div>
17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.550000] klips_debug:ipsec_xmit_init2: head,tailroom: 100,40 after allocation"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.540000] klips_debug:ipsec_xmit_init2: hard header already stripped."</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.530000] klips_info:ipsec_xmit_init2: dev ipsec0 mtu of 1454 decreased by 57 to 1397"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.520000] klips_debug:ipsec_xmit_init2: mtu:1454 physmtu:1454 tothr:36 tottr:16 mtudiff:52 ippkttotlen:84"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.510000] klips_debug:ipsec_xmit_init2: existing head,tailroom: 32,44 before applying xforms with head,tailroom: 36,16 ."</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.510000] klips_debug:ipsec_xmit_init2: Required head,tailroom: 16,16"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.500000] klips_debug:ipsec_xmit_init2: calling room for <ESP_3DES_HMAC_SHA1>, <a href="mailto:SA%3Aesp.c2f425f1@113.89.241.123">SA:esp.c2f425f1@113.89.241.123</a>"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.490000] klips_debug:ipsec_xmit_init2: Required head,tailroom: 20,0"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.480000] klips_debug:ipsec_xmit_init2: calling room for <IPIP>, <a href="mailto:SA%3Atun.1001@113.89.241.123">SA:tun.1001@113.89.241.123</a>"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.470000] klips_debug:ipsec_xmit_init2: found ipsec_sa -- SA:<IPIP> <a href="mailto:tun.1001@113.89.241.123">tun.1001@113.89.241.123</a>"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.460000] ipsec_sa_get: ipsec_sa ca4890b0 <a href="mailto:SA%3Atun.1001@113.89.241.123">SA:tun.1001@113.89.241.123</a>, ref:17 reference count (2++) incremented by ipsec_sa_getbyid:552."</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.450000] ipsec_sa_getbyid: linked entry in ipsec_sa table for hash=104 of <a href="mailto:SA%3Atun.1001@113.89.241.123">SA:tun.1001@113.89.241.123</a> requested."</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.440000] klips_debug:ipsec_xmit_SAlookup: checking for local udp/500 IKE packet saddr=c0a86401, er=0pca4d184c, daddr=c0a86d01, er_dst=7159f17b, proto=1 sport=0 dport=0"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.440000] klips_debug:rj_match: ** try to match a leaf, t=0pca4d184c"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.430000] klips_debug:rj_match: * See if we match exactly as a host destination"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.420000] klips_debug:ipsec_findroute: 192.168.100.1:0-><a href="http://192.168.109.1:0">192.168.109.1:0</a> 1"</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.410000] klips_debug:ipsec_xmit_strip_hard_header: Original head,tailroom: 32,44"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.400000] klips_debug: IP: ihl:20 ver:4 tos:0 tlen:84 id:0 DF frag_off:0 ttl:64 proto:1 (ICMP) chk:59477 saddr:192.168.100.1 daddr:192.168.109.1 type:code=8:0"</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.380000] ipsec_tunnel_start_xmit: STARTING<6>klips_debug:ipsec_xmit_strip_hard_header: >>> skb->len=84 hard_header_len:22 45:00:00:54:00:00:40:00:40:01:e8:55:c0:a8:64:01:c0:a8:6d:01:08:00 "</div>
<div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.380000] "</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.380000] "</div><div>17:22:33,,kernel,Info,kernel,SSLVPN,"[83913.370000] klips_debug:ipsec_tunnel_neigh_setup:"</div>
<div><br></div><br><div class="gmail_quote">2009/6/25 Zhiping Liu <span dir="ltr"><<a href="mailto:flyingzpl@gmail.com">flyingzpl@gmail.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Hi Paul:<div><br></div><div>Here's the log on the WAN-WAN server side,but i can not find anything helpfull...</div><div>I have no idea what to do now.</div><div><br></div><div><div>Source IP,Generated,Received,Source Name,Facility,Severity,Tag,Origin,Message</div>
<div>17:09:37,,clock,Notice,crond[1714],SSLVPN,"USER root pid 10492 cmd /testshell/spy.sh"</div><div>17:08:44,,secur/auth,Warning,pluto[10411],SSLVPN,"""aa""[1] 113.89.243.199 #1: sending notification INVALID_ID_INFORMATION to <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>"</div>
<div>17:08:44,,secur/auth,Warning,pluto[10411],SSLVPN,"""aa""[1] 113.89.243.199 #1: initial Aggressive Mode packet claiming to be from @test26 on 113.89.243.199 but no connection has been authorized"</div>
<div>17:08:44,,secur/auth,Warning,pluto[10411],SSLVPN,"""aa""[1] 113.89.243.199 #1: no suitable connection for peer '@test901'"</div><div>17:08:44,,secur/auth,Warning,pluto[10411],SSLVPN,"""aa""[1] 113.89.243.199 #1: Aggressive mode peer ID is ID_FQDN: '@test901'"</div>
<div>17:08:44,,secur/auth,Warning,pluto[10411],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]"</div><div>
17:08:44,,secur/auth,Warning,pluto[10411],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109"</div>
<div>17:08:44,,secur/auth,Warning,pluto[10411],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109"</div>
<div>17:08:44,,secur/auth,Warning,pluto[10411],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109"</div>
<div>17:08:44,,secur/auth,Warning,pluto[10411],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [RFC 3947] method set to=109 "</div><div>
17:08:44,,secur/auth,Warning,pluto[10411],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [Dead Peer Detection]"</div>
<div>17:08:37,,clock,Notice,crond[1714],SSLVPN,"USER root pid 10431 cmd /testshell/spy.sh"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"loading secrets from ""/testconf/ipsec.secrets.d/101.secret"""</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"loaded private key for keyid: PPK_RSA:AQN82KZkW"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"loading secrets from ""/etc/ipsec.secrets"""</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"adding interface ipsec0/ppp0 <a href="http://113.88.151.45:4500" target="_blank">113.88.151.45:4500</a>"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"adding interface ipsec0/ppp0 <a href="http://113.88.151.45:500" target="_blank">113.88.151.45:500</a>"</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"IP interfaces ppp1 and eth1 share address 192.168.100.1!"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"IP interfaces ppp2 and eth1 share address 192.168.100.1!"</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"IP interfaces ppp2 and ppp1 share address 192.168.100.1!"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"listening for IKE messages"</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"added connection description ""aa"""</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"Warning: empty directory"</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"Changing to directory '/etc/ipsec.d/crls'"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"Changed path to directory '/etc/ipsec.d/ocspcerts'"</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"Changed path to directory '/etc/ipsec.d/aacerts'"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"Changed path to directory '/etc/ipsec.d/cacerts'"</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"Using KLIPS IPsec interface code on 2.6.28.9"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"no helpers will be started, all cryptographic operations will be done inline"</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok (ret=0)"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok (ret=0)"</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC: Ok (ret=0)"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)"</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC: Ok (ret=0)"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC: Ok (ret=0)"</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0)"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"using /dev/urandom as source of random entropy"</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"including NAT-Traversal patch (Version 0.6c)"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"port floating activation criteria nat_t=1/port_float=1"</div>
<div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"Setting NAT-Traversal port-4500 floating to on"</div><div>17:08:09,,secur/auth,Warning,pluto[10411],SSLVPN,"Starting Pluto (Openswan Version 2.6.21; Vendor ID OE~q\177kZNr}Wk) pid:10411"</div>
<div>17:08:09,,user-level,Warning,pluto,SSLVPN,"adjusting ipsec.d to /etc/ipsec.d"</div><div>17:08:09,,system,Error,ipsec__plutorun,SSLVPN,"003 IP interfaces ppp1 and eth1 share address 192.168.100.1!"</div>
<div>17:08:09,,system,Error,ipsec__plutorun,SSLVPN,"003 IP interfaces ppp2 and eth1 share address 192.168.100.1!"</div><div>17:08:09,,system,Error,ipsec__plutorun,SSLVPN,"003 IP interfaces ppp2 and ppp1 share address 192.168.100.1!"</div>
<div>17:08:09,,system,Error,ipsec__plutorun,SSLVPN,"002 added connection description ""aa"""</div><div>17:08:09,,system,Error,ipsec_setup,SSLVPN,"...Openswan IPsec started"</div><div>
17:08:09,,system,Error,ipsec__plutorun,SSLVPN,"adjusting ipsec.d to /etc/ipsec.d"</div><div>17:08:09,,secur/auth,Error,ipsec__plutorun,SSLVPN,"Restarting Pluto subsystem..."</div><div>17:08:08,,kernel,Warning,kernel,SSLVPN,"[83049.550000] "</div>
<div>17:08:08,,system,Error,ipsec_setup,SSLVPN,"KLIPS ipsec1 on eth1 <a href="http://192.168.100.1/255.255.255.0" target="_blank">192.168.100.1/255.255.255.0</a> broadcast 192.168.100.255 "</div><div>17:08:08,,system,Error,ipsec_setup,SSLVPN,"KLIPS ipsec0 on ppp0 <a href="http://113.88.151.45/255.255.255.255" target="_blank">113.88.151.45/255.255.255.255</a> pointopoint 113.88.150.1 "</div>
<div>17:08:08,,system,Error,ipsec_setup,SSLVPN,"KLIPS debug `none'"</div><div>17:08:07,,system,Error,ipsec_setup,SSLVPN,"Using KLIPS/legacy stack"</div><div>17:08:07,,system,Error,ipsec_setup,SSLVPN,"Restarting Openswan IPsec 2.6.21..."</div>
<div>17:08:07,,system,Error,ipsec_setup,SSLVPN,"...Openswan IPsec stopped"</div><div>17:08:06,,kernel,Warning,kernel,SSLVPN,"[83048.200000] "</div><div>17:08:06,,kernel,Critical,kernel,SSLVPN,"[83047.990000] IPSEC EVENT: KLIPS device ipsec1 shut down."</div>
<div>17:08:06,,kernel,Critical,kernel,SSLVPN,"[83047.820000] IPSEC EVENT: KLIPS device ipsec0 shut down."</div><div>17:08:05,,secur/auth,Warning,pluto[9357],SSLVPN,"shutting down interface ipsec0/ppp0 <a href="http://113.88.151.45:500" target="_blank">113.88.151.45:500</a>"</div>
<div>17:08:05,,secur/auth,Warning,pluto[9357],SSLVPN,"shutting down interface ipsec0/ppp0 <a href="http://113.88.151.45:4500" target="_blank">113.88.151.45:4500</a>"</div><div>17:08:05,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa"": deleting connection"</div>
<div>17:08:05,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[1] <a href="http://113.89.243.199" target="_blank">113.89.243.199</a>: deleting connection ""aa"" instance with peer 113.89.243.199 {isakmp=#0/ipsec=#0}"</div>
<div>17:08:05,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa"" #22: deleting state (STATE_AGGR_R2)"</div><div>17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa"" #23: deleting state (STATE_QUICK_R2)"</div>
<div>17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] <a href="http://113.89.241.123" target="_blank">113.89.241.123</a>: deleting connection ""aa"" instance with peer 113.89.241.123 {isakmp=#22/ipsec=#23}"</div>
<div>17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"forgetting secrets"</div><div>17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"shutting down"</div><div>17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[1] 113.89.243.199 #24: sending notification INVALID_ID_INFORMATION to <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>"</div>
<div>17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[1] 113.89.243.199 #24: initial Aggressive Mode packet claiming to be from @test26 on 113.89.243.199 but no connection has been authorized"</div>
<div>17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[1] 113.89.243.199 #24: no suitable connection for peer '@test901'"</div><div>17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[1] 113.89.243.199 #24: Aggressive mode peer ID is ID_FQDN: '@test901'"</div>
<div>17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]"</div><div>
17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109"</div>
<div>17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109"</div>
<div>17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109"</div>
<div>17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [RFC 3947] method set to=109 "</div><div>
17:08:04,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [Dead Peer Detection]"</div>
<div>17:08:04,,system,Error,ipsec_setup,SSLVPN,"Stopping Openswan IPsec..."</div><div>17:07:59,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #23: DPD Error: could not find newest phase 1 state"</div>
<div>17:07:55,,secur/auth,Warning,pluto[9357],SSLVPN,"reapchild failed with errno=10 No child processes"</div><div>17:07:55,,secur/auth,Warning,pluto[9357],SSLVPN,"ADNS process exited with status 1"</div>
<div>17:07:54,,system,Error,ipsec__plutorun,SSLVPN,"restarting IPsec after pause..."</div><div>17:07:54,,system,Error,ipsec__plutorun,SSLVPN,"!pluto failure!: exited with error status 128"</div><div>
17:07:40,,local 2,Notice,sudo,SSLVPN,"www : TTY=pts/0 ; PWD=/testapp/config/apache/htdocs/language_zh_CN ; USER=root ; COMMAND=/sbin/ipsec whack --status"</div>
<div>17:07:37,,clock,Notice,crond[1714],SSLVPN,"USER root pid 10198 cmd /testshell/spy.sh"</div><div>17:07:30,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #23: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x291ae3f6 <0xcdf87c67 xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}"</div>
<div>17:07:30,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #23: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2"</div><div>17:07:30,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #23: Dead Peer Detection (RFC 3706): enabled"</div>
<div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #23: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2"</div><div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #23: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1"</div>
<div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #23: them: 113.89.241.123<0.0.0.0>[@test26,+S=C]===<a href="http://192.168.109.0/24" target="_blank">192.168.109.0/24</a>"</div>
<div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #23: us: <a href="http://192.168.100.0/24===113.88.151.45%5B@testyf,+S=C%5D" target="_blank">192.168.100.0/24===113.88.151.45[@testyf,+S=C]</a>"</div>
<div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #23: responding to Quick Mode proposal {msgid:26673bba}"</div><div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #22: the peer proposed: <a href="http://192.168.100.0/24:0/0" target="_blank">192.168.100.0/24:0/0</a> -> <a href="http://192.168.109.0/24:0/0" target="_blank">192.168.109.0/24:0/0</a>"</div>
<div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #22: Dead Peer Detection (RFC 3706): enabled"</div><div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #22: STATE_AGGR_R2: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}"</div>
<div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #22: transition from state STATE_AGGR_R1 to state STATE_AGGR_R2"</div><div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #22: NAT-Traversal: Only 0 NAT-D - Aborting NAT-Traversal negotiation"</div>
<div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #22: STATE_AGGR_R1: sent AR1, expecting AI2"</div><div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #22: transition from state STATE_AGGR_R0 to state STATE_AGGR_R1"</div>
<div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #22: responding to Aggressive Mode, state #22, connection ""aa"" from 113.89.241.123"</div>
<div>
17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[2] 113.89.241.123 #22: Aggressive mode peer ID is ID_FQDN: '@test26'"</div><div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.241.123:500" target="_blank">113.89.241.123:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]"</div>
<div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.241.123:500" target="_blank">113.89.241.123:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109"</div>
<div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.241.123:500" target="_blank">113.89.241.123:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109"</div>
<div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.241.123:500" target="_blank">113.89.241.123:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109"</div>
<div>17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.241.123:500" target="_blank">113.89.241.123:500</a>: received Vendor ID payload [RFC 3947] method set to=109 "</div><div>
17:07:28,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.241.123:500" target="_blank">113.89.241.123:500</a>: received Vendor ID payload [Dead Peer Detection]"</div>
<div>17:07:24,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[1] 113.89.243.199 #21: sending notification INVALID_ID_INFORMATION to <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>"</div>
<div>17:07:24,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[1] 113.89.243.199 #21: initial Aggressive Mode packet claiming to be from @test26 on 113.89.243.199 but no connection has been authorized"</div>
<div>17:07:24,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[1] 113.89.243.199 #21: no suitable connection for peer '@test901'"</div><div>17:07:24,,secur/auth,Warning,pluto[9357],SSLVPN,"""aa""[1] 113.89.243.199 #21: Aggressive mode peer ID is ID_FQDN: '@test901'"</div>
<div>17:07:24,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]"</div><div>
17:07:24,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109"</div>
<div>17:07:24,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109"</div>
<div>17:07:24,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109"</div>
<div>17:07:24,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [RFC 3947] method set to=109 "</div><div>
17:07:24,,secur/auth,Warning,pluto[9357],SSLVPN,"packet from <a href="http://113.89.243.199:500" target="_blank">113.89.243.199:500</a>: received Vendor ID payload [Dead Peer Detection]"</div>
<br><div class="gmail_quote">2009/6/23 Paul Wouters <span dir="ltr"><<a href="mailto:paul@xelerance.com" target="_blank">paul@xelerance.com</a>></span><div><div></div><div class="h5"><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>On Tue, 23 Jun 2009, Zhiping Liu wrote:<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
openswan 2.6.21 restart for serveral minutes. i found some error message<br>
from syslog:<br>
<br>
!pluto failure!: exited with error status 128<br>
<br>
and then openswan restarted itself.<br>
</blockquote>
<br></div>
There should be more logs in /var/log/secure or /var/log/auth.log telling<br>
you what is going on.<br>
<br>
Alternatively, you can define dumpdir=/var/run/pluto/ and make it crash<br>
again, and then you have a core file in /var/run/pluto which you can<br>
inspect with gdb.<br><font color="#888888">
<br>
Paul<br>
</font></blockquote></div></div></div><br><br clear="all"><br>-- <br>from Romeo<br>
</div>
</blockquote></div><br><br clear="all"><br>-- <br>from Romeo<br>
</div>