<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:p="urn:schemas-microsoft-com:office:powerpoint" xmlns:a="urn:schemas-microsoft-com:office:access" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema" xmlns:b="urn:schemas-microsoft-com:office:publisher" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:c="urn:schemas-microsoft-com:office:component:spreadsheet" xmlns:odc="urn:schemas-microsoft-com:office:odc" xmlns:oa="urn:schemas-microsoft-com:office:activation" xmlns:html="http://www.w3.org/TR/REC-html40" xmlns:q="http://schemas.xmlsoap.org/soap/envelope/" xmlns:rtc="http://microsoft.com/officenet/conferencing" xmlns:D="DAV:" xmlns:Repl="http://schemas.microsoft.com/repl/" xmlns:mt="http://schemas.microsoft.com/sharepoint/soap/meetings/" xmlns:x2="http://schemas.microsoft.com/office/excel/2003/xml" xmlns:ppda="http://www.passport.com/NameSpace.xsd" xmlns:ois="http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsp="http://schemas.microsoft.com/sharepoint/dsp" xmlns:udc="http://schemas.microsoft.com/data/udc" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:sub="http://schemas.microsoft.com/sharepoint/soap/2002/1/alerts/" xmlns:ec="http://www.w3.org/2001/04/xmlenc#" xmlns:sp="http://schemas.microsoft.com/sharepoint/" xmlns:sps="http://schemas.microsoft.com/sharepoint/soap/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:udcs="http://schemas.microsoft.com/data/udc/soap" xmlns:udcxf="http://schemas.microsoft.com/data/udc/xmlfile" xmlns:udcp2p="http://schemas.microsoft.com/data/udc/parttopart" xmlns:wf="http://schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:dsss="http://schemas.microsoft.com/office/2006/digsig-setup" xmlns:dssi="http://schemas.microsoft.com/office/2006/digsig" xmlns:mdssi="http://schemas.openxmlformats.org/package/2006/digital-signature" xmlns:mver="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mrels="http://schemas.openxmlformats.org/package/2006/relationships" xmlns:spwp="http://microsoft.com/sharepoint/webpartpages" xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:pptsl="http://schemas.microsoft.com/sharepoint/soap/SlideLibrary/" xmlns:spsl="http://microsoft.com/webservices/SharePointPortalServer/PublishedLinksService" xmlns:Z="urn:schemas-microsoft-com:" xmlns:st="" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1140535587;
mso-list-type:hybrid;
mso-list-template-ids:-353860886 1026065532 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
{mso-level-start-at:20;
mso-level-number-format:bullet;
mso-level-text:-;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Calibri","sans-serif";
mso-fareast-font-family:Calibri;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=WordSection1>
<p class=MsoNormal>Is this that same netkey bug?<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Here is another customer with 2 sites. This one has
just a single LAN on each side and one tunnel connecting them. Everything
should be straightforward with this one. The left side is called HQ, the
right side Garelick. The HQ LAN is 10.86.0/24. The Garelick LAN is
10.86.2/24. The phone rang this morning and Garelick was offline.
Digging into it, the tunnel wasn’t working and the tail of /var/log/secure
on both sides was full messages like this:<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Jul 15 09:15:08 localhost pluto[2348]: initiate on demand
from 10.86.2.105:2783 to 10.86.0.20:3389 proto=6 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Jul 15 09:15:47 localhost pluto[2348]: initiate on demand
from 10.86.2.105:2785 to 10.86.0.20:3389 proto=6 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Jul 15 09:16:36 localhost pluto[2348]: initiate on demand
from 10.86.2.106:8 to 10.86.0.9:0 proto=1 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>What in the world does that mean?<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Restarting IPSEC at Garelick, I could see some but not all
hosts on the HQ side. Restarting IPSEC at the HQ site, now everyone is
back online with everyone else again. <o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Looking farther up at /var/log/secure, here is an extract. Take
a look at Jul 14 18:37 plus a few seconds. It looks like the telco
connection dropped and that’s when the trouble started.
Nobody noticed until this morning when my phone rang. I dummied up the
public IP Addresses. Both sites use the same ISP, so I dummied up the
first 2 octets to “5.6”. The HQ site is 5.6.46.182 and the
Garelick site is 5.6.100.18. <o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Jul 14 16:56:21 localhost pluto[2348]:
"garelick-hq" #249: STATE_QUICK_I2: sent QI2, IPsec SA estab<o:p></o:p></p>
<p class=MsoNormal>lished tunnel mode {ESP=>0x517b77f5 <0x5bffa1a5
xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=non<o:p></o:p></p>
<p class=MsoNormal>e}<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [O<o:p></o:p></p>
<p class=MsoNormal>penswan (this version) 2.6.25 ]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [D<o:p></o:p></p>
<p class=MsoNormal>ead Peer Detection]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [R<o:p></o:p></p>
<p class=MsoNormal>FC 3947] method set to=109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-03] meth=108, but already using
method 109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using
method 109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-02] meth=107, but already using
method 109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-00]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]:
"garelick-hq" #250: responding to Main Mode<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]:
"garelick-hq" #250: transition from state STATE_MAIN_R0 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_R1<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]:
"garelick-hq" #250: STATE_MAIN_R1: sent MR1, expecting MI2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]:
"garelick-hq" #250: NAT-Traversal: Result using RFC 3947 (NA<o:p></o:p></p>
<p class=MsoNormal>T-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]:
"garelick-hq" #250: transition from state STATE_MAIN_R1 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_R2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]:
"garelick-hq" #250: STATE_MAIN_R2: sent MR2, expecting MI3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]:
"garelick-hq" #250: Main mode peer ID is ID_FQDN: '@hq.local<o:p></o:p></p>
<p class=MsoNormal>'<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]:
"garelick-hq" #250: transition from state STATE_MAIN_R2 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_R3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:06:34 localhost pluto[2348]:
"garelick-hq" #250: STATE_MAIN_R3: sent MR3, ISAKMP SA estab<o:p></o:p></p>
<p class=MsoNormal>lished {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha
group=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:08:18 localhost pluto[2348]:
"garelick-hq" #250: ignoring Delete SA payload: PROTO_IPSEC_<o:p></o:p></p>
<p class=MsoNormal>ESP SA(0xf053dd37) not found (maybe expired)<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:08:18 localhost pluto[2348]:
"garelick-hq" #250: received and ignored informational messa<o:p></o:p></p>
<p class=MsoNormal>ge<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:22:53 localhost pluto[2348]: packet from 5.6.46.182:500:
Informational Exchange is for<o:p></o:p></p>
<p class=MsoNormal> an unknown (expired?) SA with MSGID:0x99519bba<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [O<o:p></o:p></p>
<p class=MsoNormal>penswan (this version) 2.6.25 ]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [D<o:p></o:p></p>
<p class=MsoNormal>ead Peer Detection]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [R<o:p></o:p></p>
<p class=MsoNormal>FC 3947] method set to=109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-03] meth=108, but already using
method 109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using
method 109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-02] meth=107, but already using
method 109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-00]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]:
"garelick-hq" #251: responding to Main Mode<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]:
"garelick-hq" #251: transition from state STATE_MAIN_R0 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_R1<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]:
"garelick-hq" #251: STATE_MAIN_R1: sent MR1, expecting MI2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]:
"garelick-hq" #251: NAT-Traversal: Result using RFC 3947 (NA<o:p></o:p></p>
<p class=MsoNormal>T-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]: "garelick-hq"
#251: transition from state STATE_MAIN_R1 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_R2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]:
"garelick-hq" #251: STATE_MAIN_R2: sent MR2, expecting MI3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]:
"garelick-hq" #251: Main mode peer ID is ID_FQDN: '@hq.local<o:p></o:p></p>
<p class=MsoNormal>'<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]:
"garelick-hq" #251: transition from state STATE_MAIN_R2 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_R3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[2348]:
"garelick-hq" #251: STATE_MAIN_R3: sent MR3, ISAKMP SA estab<o:p></o:p></p>
<p class=MsoNormal>lished {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha
group=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:06:34 localhost pluto[2348]:
"garelick-hq" #250: received Delete SA payload: deleting ISA<o:p></o:p></p>
<p class=MsoNormal>KMP State #250<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:06:34 localhost pluto[2348]: packet from 5.6.46.182:500:
received and ignored informat<o:p></o:p></p>
<p class=MsoNormal>ional message<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:19 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [O<o:p></o:p></p>
<p class=MsoNormal>penswan (this version) 2.6.25 ]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:19 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [D<o:p></o:p></p>
<p class=MsoNormal>ead Peer Detection]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:19 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [R<o:p></o:p></p>
<p class=MsoNormal>FC 3947] method set to=109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:19 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-03] meth=108, but already using
method 109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:19 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using
method 109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:19 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-02] meth=107, but already using
method 109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:19 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-00]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:19 localhost pluto[2348]:
"garelick-hq" #252: responding to Main Mode<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:19 localhost pluto[2348]:
"garelick-hq" #252: transition from state STATE_MAIN_R0 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_R1<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:19 localhost pluto[2348]:
"garelick-hq" #252: STATE_MAIN_R1: sent MR1, expecting MI2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:29 localhost pluto[2348]: ERROR: asynchronous
network error report on br0 (sport=500)<o:p></o:p></p>
<p class=MsoNormal>for message to 5.6.46.182 port 500, complainant 5.6.100.17:
No route to host [errno 113, orig<o:p></o:p></p>
<p class=MsoNormal>in ICMP type 3 code 1 (not authenticated)]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:49 localhost pluto[2348]: ERROR: asynchronous
network error report on br0 (sport=500)<o:p></o:p></p>
<p class=MsoNormal>for message to 5.6.46.182 port 500, complainant 5.6.100.17:
No route to host [errno 113, orig<o:p></o:p></p>
<p class=MsoNormal>in ICMP type 3 code 1 (not authenticated)]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]:
"garelick-hq" #252: max number of retransmissions (2) reache<o:p></o:p></p>
<p class=MsoNormal>d STATE_MAIN_R1<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [O<o:p></o:p></p>
<p class=MsoNormal>penswan (this version) 2.6.25 ]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [D<o:p></o:p></p>
<p class=MsoNormal>ead Peer Detection]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [R<o:p></o:p></p>
<p class=MsoNormal>FC 3947] method set to=109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-03] meth=108, but already using
method 109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using
method 109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-02] meth=107, but already using
method 109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]: packet from 5.6.46.182:500:
received Vendor ID payload [d<o:p></o:p></p>
<p class=MsoNormal>raft-ietf-ipsec-nat-t-ike-00]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]:
"garelick-hq" #253: responding to Main Mode<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]:
"garelick-hq" #253: transition from state STATE_MAIN_R0 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_R1<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]:
"garelick-hq" #253: STATE_MAIN_R1: sent MR1, expecting MI2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]:
"garelick-hq" #253: NAT-Traversal: Result using RFC 3947 (NA<o:p></o:p></p>
<p class=MsoNormal>T-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]:
"garelick-hq" #253: transition from state STATE_MAIN_R1 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_R2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]:
"garelick-hq" #253: STATE_MAIN_R2: sent MR2, expecting MI3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]:
"garelick-hq" #253: Main mode peer ID is ID_FQDN: '@hq.local<o:p></o:p></p>
<p class=MsoNormal>'<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[2348]:
"garelick-hq" #253: transition from state STATE_MAIN_R2 to s<o:p></o:p></p>
<p class=MsoNormal>--More--(78%)<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>It keeps going like this, trying to find its partner and
unable to. <o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Looking at /var/log/secure on the Garelick side, sure
enough, I see the telecom outage at 18:37, but then a new SA Established
message at 19:20:32. But I’ll bet this tunnel was messed up
starting with the 18:37 telecom outage and never was right until I restarted
ipsec on both sides. <o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Jul 14 17:52:13 localhost pluto[3288]:
"garelick-hq" #2063: STATE_MAIN_I4: ISAKMP SA established {au<o:p></o:p></p>
<p class=MsoNormal>th=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha
group=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:06:34 localhost pluto[3288]: packet from 5.6.100.18:500:
Informational Exchange is for<o:p></o:p></p>
<p class=MsoNormal>an unknown (expired?) SA with MSGID:0x53a0b445<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:19 localhost pluto[3288]:
"garelick-hq" #2064: initiating Main Mode to replace #2063<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:29 localhost pluto[3288]: ERROR: asynchronous
network error report on br0 (sport=500) f<o:p></o:p></p>
<p class=MsoNormal>or message to 5.6.100.18 port 500, complainant
69.128.253.214: No route to host [errno 113, origi<o:p></o:p></p>
<p class=MsoNormal>n ICMP type 11 code 0 (not authenticated)]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:37:49 localhost pluto[3288]: ERROR: asynchronous
network error report on br0 (sport=500) f<o:p></o:p></p>
<p class=MsoNormal>or message to 5.6.100.18 port 500, complainant
69.128.253.214: No route to host [errno 113, origi<o:p></o:p></p>
<p class=MsoNormal>n ICMP type 11 code 0 (not authenticated)]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[3288]:
"garelick-hq" #2064: received Vendor ID payload [Openswan (th<o:p></o:p></p>
<p class=MsoNormal>is version) 2.6.25 ]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[3288]:
"garelick-hq" #2064: received Vendor ID payload [Dead Peer De<o:p></o:p></p>
<p class=MsoNormal>tection]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[3288]:
"garelick-hq" #2064: received Vendor ID payload [RFC 3947] me<o:p></o:p></p>
<p class=MsoNormal>thod set to=109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[3288]:
"garelick-hq" #2064: enabling possible NAT-traversal with met<o:p></o:p></p>
<p class=MsoNormal>hod 4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[3288]:
"garelick-hq" #2064: transition from state STATE_MAIN_I1 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[3288]:
"garelick-hq" #2064: STATE_MAIN_I2: sent MI2, expecting MR2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[3288]:
"garelick-hq" #2064: NAT-Traversal: Result using RFC 3947 (NA<o:p></o:p></p>
<p class=MsoNormal>T-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[3288]:
"garelick-hq" #2064: transition from state STATE_MAIN_I2 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[3288]:
"garelick-hq" #2064: STATE_MAIN_I3: sent MI3, expecting MR3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[3288]:
"garelick-hq" #2064: received Vendor ID payload [CAN-IKEv2]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[3288]:
"garelick-hq" #2064: Main mode peer ID is ID_FQDN: '@garelick<o:p></o:p></p>
<p class=MsoNormal>.local'<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[3288]: "garelick-hq"
#2064: transition from state STATE_MAIN_I3 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:38:29 localhost pluto[3288]:
"garelick-hq" #2064: STATE_MAIN_I4: ISAKMP SA established {au<o:p></o:p></p>
<p class=MsoNormal>th=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha
group=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Jul 14 18:52:13 localhost pluto[3288]: packet from 5.6.100.18:500:
Informational Exchange is for<o:p></o:p></p>
<p class=MsoNormal>an unknown (expired?) SA with MSGID:0x994da271<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: initiating Main Mode to replace #2064<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: received Vendor ID payload [Openswan (th<o:p></o:p></p>
<p class=MsoNormal>is version) 2.6.25 ]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: received Vendor ID payload [Dead Peer De<o:p></o:p></p>
<p class=MsoNormal>tection]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: received Vendor ID payload [RFC 3947] me<o:p></o:p></p>
<p class=MsoNormal>thod set to=109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: enabling possible NAT-traversal with met<o:p></o:p></p>
<p class=MsoNormal>hod 4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: transition from state STATE_MAIN_I1 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: STATE_MAIN_I2: sent MI2, expecting MR2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: NAT-Traversal: Result using RFC 3947 (NA<o:p></o:p></p>
<p class=MsoNormal>T-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: transition from state STATE_MAIN_I2 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: STATE_MAIN_I3: sent MI3, expecting MR3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: received Vendor ID payload [CAN-IKEv2]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: Main mode peer ID is ID_FQDN: '@garelick<o:p></o:p></p>
<p class=MsoNormal>.local'<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: transition from state STATE_MAIN_I3 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:20:32 localhost pluto[3288]:
"garelick-hq" #2065: STATE_MAIN_I4: ISAKMP SA established {au<o:p></o:p></p>
<p class=MsoNormal>th=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha
group=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:38:29 localhost pluto[3288]:
"garelick-hq" #2064: received Delete SA payload: deleting ISA<o:p></o:p></p>
<p class=MsoNormal>KMP State #2064<o:p></o:p></p>
<p class=MsoNormal>Jul 14 19:38:29 localhost pluto[3288]: packet from 5.6.100.18:500:
received and ignored informati<o:p></o:p></p>
<p class=MsoNormal>onal message<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: initiating Main Mode to replace #2065<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: received Vendor ID payload [Openswan (th<o:p></o:p></p>
<p class=MsoNormal>is version) 2.6.25 ]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: received Vendor ID payload [Dead Peer De<o:p></o:p></p>
<p class=MsoNormal>tection]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: received Vendor ID payload [RFC 3947] me<o:p></o:p></p>
<p class=MsoNormal>thod set to=109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: enabling possible NAT-traversal with met<o:p></o:p></p>
<p class=MsoNormal>hod 4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: transition from state STATE_MAIN_I1 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: STATE_MAIN_I2: sent MI2, expecting MR2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: NAT-Traversal: Result using RFC 3947 (NA<o:p></o:p></p>
<p class=MsoNormal>T-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: transition from state STATE_MAIN_I2 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: STATE_MAIN_I3: sent MI3, expecting MR3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: received Vendor ID payload [CAN-IKEv2]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: Main mode peer ID is ID_FQDN: '@garelick<o:p></o:p></p>
<p class=MsoNormal>.local'<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: transition from state STATE_MAIN_I3 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:03:07 localhost pluto[3288]:
"garelick-hq" #2066: STATE_MAIN_I4: ISAKMP SA established {au<o:p></o:p></p>
<p class=MsoNormal>th=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha
group=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:20:32 localhost pluto[3288]: packet from 5.6.100.18:500:
Informational Exchange is for<o:p></o:p></p>
<p class=MsoNormal>an unknown (expired?) SA with MSGID:0xdfa25099<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: initiating Main Mode to replace #2066<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: received Vendor ID payload [Openswan (th<o:p></o:p></p>
<p class=MsoNormal>is version) 2.6.25 ]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: received Vendor ID payload [Dead Peer De<o:p></o:p></p>
<p class=MsoNormal>tection]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: received Vendor ID payload [RFC 3947] me<o:p></o:p></p>
<p class=MsoNormal>thod set to=109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: enabling possible NAT-traversal with met<o:p></o:p></p>
<p class=MsoNormal>hod 4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: transition from state STATE_MAIN_I1 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: STATE_MAIN_I2: sent MI2, expecting MR2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: NAT-Traversal: Result using RFC 3947 (NA<o:p></o:p></p>
<p class=MsoNormal>T-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: transition from state STATE_MAIN_I2 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: STATE_MAIN_I3: sent MI3, expecting MR3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: received Vendor ID payload [CAN-IKEv2]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: Main mode peer ID is ID_FQDN: '@garelick<o:p></o:p></p>
<p class=MsoNormal>.local'<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: transition from state STATE_MAIN_I3 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 20:51:12 localhost pluto[3288]:
"garelick-hq" #2067: STATE_MAIN_I4: ISAKMP SA established {au<o:p></o:p></p>
<p class=MsoNormal>th=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha
group=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:03:07 localhost pluto[3288]: packet from 5.6.100.18:500:
Informational Exchange is for<o:p></o:p></p>
<p class=MsoNormal>an unknown (expired?) SA with MSGID:0x3ad120f9<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]:
"garelick-hq" #2068: initiating Main Mode to replace #2067<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]:
"garelick-hq" #2068: received Vendor ID payload [Openswan (th<o:p></o:p></p>
<p class=MsoNormal>is version) 2.6.25 ]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]:
"garelick-hq" #2068: received Vendor ID payload [Dead Peer De<o:p></o:p></p>
<p class=MsoNormal>tection]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]:
"garelick-hq" #2068: received Vendor ID payload [RFC 3947] me<o:p></o:p></p>
<p class=MsoNormal>thod set to=109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]:
"garelick-hq" #2068: enabling possible NAT-traversal with met<o:p></o:p></p>
<p class=MsoNormal>hod 4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]:
"garelick-hq" #2068: transition from state STATE_MAIN_I1 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]: "garelick-hq"
#2068: STATE_MAIN_I2: sent MI2, expecting MR2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]:
"garelick-hq" #2068: NAT-Traversal: Result using RFC 3947 (NA<o:p></o:p></p>
<p class=MsoNormal>T-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]:
"garelick-hq" #2068: transition from state STATE_MAIN_I2 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]:
"garelick-hq" #2068: STATE_MAIN_I3: sent MI3, expecting MR3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]:
"garelick-hq" #2068: received Vendor ID payload [CAN-IKEv2]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]:
"garelick-hq" #2068: Main mode peer ID is ID_FQDN: '@garelick<o:p></o:p></p>
<p class=MsoNormal>.local'<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]:
"garelick-hq" #2068: transition from state STATE_MAIN_I3 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:34:20 localhost pluto[3288]:
"garelick-hq" #2068: STATE_MAIN_I4: ISAKMP SA established {au<o:p></o:p></p>
<p class=MsoNormal>th=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha
group=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Jul 14 21:51:12 localhost pluto[3288]: packet from 5.6.100.18:500:
Informational Exchange is for<o:p></o:p></p>
<p class=MsoNormal>an unknown (expired?) SA with MSGID:0xc401d943<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:02 localhost pluto[3288]:
"garelick-hq" #2069: initiating Main Mode to replace #2068<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]:
"garelick-hq" #2069: received Vendor ID payload [Openswan (th<o:p></o:p></p>
<p class=MsoNormal>is version) 2.6.25 ]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]:
"garelick-hq" #2069: received Vendor ID payload [Dead Peer De<o:p></o:p></p>
<p class=MsoNormal>tection]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]:
"garelick-hq" #2069: received Vendor ID payload [RFC 3947] me<o:p></o:p></p>
<p class=MsoNormal>thod set to=109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]:
"garelick-hq" #2069: enabling possible NAT-traversal with met<o:p></o:p></p>
<p class=MsoNormal>hod 4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]:
"garelick-hq" #2069: transition from state STATE_MAIN_I1 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]:
"garelick-hq" #2069: STATE_MAIN_I2: sent MI2, expecting MR2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]: packet from 5.6.100.18:500:
phase 1 message is part of an<o:p></o:p></p>
<p class=MsoNormal>unknown exchange<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]:
"garelick-hq" #2069: NAT-Traversal: Result using RFC 3947 (NA<o:p></o:p></p>
<p class=MsoNormal>T-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]:
"garelick-hq" #2069: transition from state STATE_MAIN_I2 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]:
"garelick-hq" #2069: STATE_MAIN_I3: sent MI3, expecting MR3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]:
"garelick-hq" #2069: received Vendor ID payload [CAN-IKEv2]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]:
"garelick-hq" #2069: Main mode peer ID is ID_FQDN: '@garelick<o:p></o:p></p>
<p class=MsoNormal>.local'<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]:
"garelick-hq" #2069: transition from state STATE_MAIN_I3 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:12 localhost pluto[3288]:
"garelick-hq" #2069: STATE_MAIN_I4: ISAKMP SA established {au<o:p></o:p></p>
<p class=MsoNormal>th=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha
group=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:20:32 localhost pluto[3288]: packet from 5.6.100.18:500:
phase 1 message is part of an<o:p></o:p></p>
<p class=MsoNormal>unknown exchange<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:34:20 localhost pluto[3288]:
"garelick-hq" #2068: received Delete SA payload: deleting ISA<o:p></o:p></p>
<p class=MsoNormal>KMP State #2068<o:p></o:p></p>
<p class=MsoNormal>Jul 14 22:34:20 localhost pluto[3288]: packet from 5.6.100.18:500:
received and ignored informati<o:p></o:p></p>
<p class=MsoNormal>onal message<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:28 localhost pluto[3288]:
"garelick-hq" #2070: initiating Main Mode to replace #2069<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]: "garelick-hq"
#2070: received Vendor ID payload [Openswan (th<o:p></o:p></p>
<p class=MsoNormal>is version) 2.6.25 ]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]:
"garelick-hq" #2070: received Vendor ID payload [Dead Peer De<o:p></o:p></p>
<p class=MsoNormal>tection]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]:
"garelick-hq" #2070: received Vendor ID payload [RFC 3947] me<o:p></o:p></p>
<p class=MsoNormal>thod set to=109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]:
"garelick-hq" #2070: enabling possible NAT-traversal with met<o:p></o:p></p>
<p class=MsoNormal>hod 4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]:
"garelick-hq" #2070: transition from state STATE_MAIN_I1 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]:
"garelick-hq" #2070: STATE_MAIN_I2: sent MI2, expecting MR2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]: packet from 5.6.100.18:500:
phase 1 message is part of an<o:p></o:p></p>
<p class=MsoNormal>unknown exchange<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]:
"garelick-hq" #2070: NAT-Traversal: Result using RFC 3947 (NA<o:p></o:p></p>
<p class=MsoNormal>T-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]:
"garelick-hq" #2070: transition from state STATE_MAIN_I2 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]:
"garelick-hq" #2070: STATE_MAIN_I3: sent MI3, expecting MR3<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]:
"garelick-hq" #2070: received Vendor ID payload [CAN-IKEv2]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]:
"garelick-hq" #2070: Main mode peer ID is ID_FQDN: '@garelick<o:p></o:p></p>
<p class=MsoNormal>.local'<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]:
"garelick-hq" #2070: transition from state STATE_MAIN_I3 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:38 localhost pluto[3288]:
"garelick-hq" #2070: STATE_MAIN_I4: ISAKMP SA established {au<o:p></o:p></p>
<p class=MsoNormal>th=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha
group=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:05:58 localhost pluto[3288]: packet from 5.6.100.18:500:
phase 1 message is part of an<o:p></o:p></p>
<p class=MsoNormal>unknown exchange<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:20:12 localhost pluto[3288]: packet from 5.6.100.18:500:
Informational Exchange is for<o:p></o:p></p>
<p class=MsoNormal>an unknown (expired?) SA with MSGID:0xd18c1e07<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:49:48 localhost pluto[3288]:
"garelick-hq" #2071: initiating Main Mode to replace #2070<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:49:48 localhost pluto[3288]:
"garelick-hq" #2071: received Vendor ID payload [Openswan (th<o:p></o:p></p>
<p class=MsoNormal>is version) 2.6.25 ]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:49:48 localhost pluto[3288]:
"garelick-hq" #2071: received Vendor ID payload [Dead Peer De<o:p></o:p></p>
<p class=MsoNormal>tection]<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:49:48 localhost pluto[3288]:
"garelick-hq" #2071: received Vendor ID payload [RFC 3947] me<o:p></o:p></p>
<p class=MsoNormal>thod set to=109<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:49:48 localhost pluto[3288]:
"garelick-hq" #2071: enabling possible NAT-traversal with met<o:p></o:p></p>
<p class=MsoNormal>hod 4<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:49:48 localhost pluto[3288]:
"garelick-hq" #2071: transition from state STATE_MAIN_I1 to s<o:p></o:p></p>
<p class=MsoNormal>tate STATE_MAIN_I2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:49:48 localhost pluto[3288]:
"garelick-hq" #2071: STATE_MAIN_I2: sent MI2, expecting MR2<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:49:48 localhost pluto[3288]:
"garelick-hq" #2071: NAT-Traversal: Result using RFC 3947 (NA<o:p></o:p></p>
<p class=MsoNormal>T-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Jul 14 23:49:48 localhost pluto[3288]:
"garelick-hq" #2071: transition from state STATE_MAIN_I2 to s<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><span
style='mso-list:Ignore'>-<span style='font:7.0pt "Times New Roman"'>
</span></span><![endif]>Greg Scott<o:p></o:p></p>
</div>
</body>
</html>