<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:p="urn:schemas-microsoft-com:office:powerpoint" xmlns:a="urn:schemas-microsoft-com:office:access" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema" xmlns:b="urn:schemas-microsoft-com:office:publisher" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:c="urn:schemas-microsoft-com:office:component:spreadsheet" xmlns:odc="urn:schemas-microsoft-com:office:odc" xmlns:oa="urn:schemas-microsoft-com:office:activation" xmlns:html="http://www.w3.org/TR/REC-html40" xmlns:q="http://schemas.xmlsoap.org/soap/envelope/" xmlns:rtc="http://microsoft.com/officenet/conferencing" xmlns:D="DAV:" xmlns:Repl="http://schemas.microsoft.com/repl/" xmlns:mt="http://schemas.microsoft.com/sharepoint/soap/meetings/" xmlns:x2="http://schemas.microsoft.com/office/excel/2003/xml" xmlns:ppda="http://www.passport.com/NameSpace.xsd" xmlns:ois="http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsp="http://schemas.microsoft.com/sharepoint/dsp" xmlns:udc="http://schemas.microsoft.com/data/udc" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:sub="http://schemas.microsoft.com/sharepoint/soap/2002/1/alerts/" xmlns:ec="http://www.w3.org/2001/04/xmlenc#" xmlns:sp="http://schemas.microsoft.com/sharepoint/" xmlns:sps="http://schemas.microsoft.com/sharepoint/soap/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:udcs="http://schemas.microsoft.com/data/udc/soap" xmlns:udcxf="http://schemas.microsoft.com/data/udc/xmlfile" xmlns:udcp2p="http://schemas.microsoft.com/data/udc/parttopart" xmlns:wf="http://schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:dsss="http://schemas.microsoft.com/office/2006/digsig-setup" xmlns:dssi="http://schemas.microsoft.com/office/2006/digsig" xmlns:mdssi="http://schemas.openxmlformats.org/package/2006/digital-signature" xmlns:mver="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mrels="http://schemas.openxmlformats.org/package/2006/relationships" xmlns:spwp="http://microsoft.com/sharepoint/webpartpages" xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:pptsl="http://schemas.microsoft.com/sharepoint/soap/SlideLibrary/" xmlns:spsl="http://microsoft.com/webservices/SharePointPortalServer/PublishedLinksService" xmlns:Z="urn:schemas-microsoft-com:" xmlns:st="" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=WordSection1>
<p class=MsoNormal>I just got another one of my first-thing-Monday-morning trouble
calls. This one is a single tunnel with two sites, named NSSSS and
Garelick. The tunnel was down. Restarting IPSEC at NSSSS brought it
back up. <o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Looking at /var/log/secure at the NSSSS site, looks like the
problem started Saturday morning Sept. 18 around 1:20 AM. I’ve
included some earlier stuff in case it produces some clues. I also obfuscated
the first two octets of the public IP Address for both sites. <o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Here is an extract from the NSSSS log. This is the one
I restarted to get everyone back up and running.<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Sep 17 23:03:48 localhost pluto[13557]:
"garelick-hq" #1695: STATE_MAIN_R3: sent<o:p></o:p></p>
<p class=MsoNormal> MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG
cipher=aes_128 prf=oakley_sha g<o:p></o:p></p>
<p class=MsoNormal>roup=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [Openswan (this version) 2.6.28 ]<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [Dead Peer Detection]<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [RFC 3947] method set to=109<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108,
but already using me<o:p></o:p></p>
<p class=MsoNormal>thod 109<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]: packet from 1.2.100.18:500:
received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
meth=106, but already using<o:p></o:p></p>
<p class=MsoNormal>method 109<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107,
but already using me<o:p></o:p></p>
<p class=MsoNormal>thod 109<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]:
"garelick-hq" #1696: responding to Main<o:p></o:p></p>
<p class=MsoNormal>Mode<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]:
"garelick-hq" #1696: transition from sta<o:p></o:p></p>
<p class=MsoNormal>te STATE_MAIN_R0 to state STATE_MAIN_R1<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]:
"garelick-hq" #1696: STATE_MAIN_R1: sent<o:p></o:p></p>
<p class=MsoNormal> MR1, expecting MI2<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]:
"garelick-hq" #1696: NAT-Traversal: Resu<o:p></o:p></p>
<p class=MsoNormal>lt using RFC 3947 (NAT-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]:
"garelick-hq" #1696: transition from sta<o:p></o:p></p>
<p class=MsoNormal>te STATE_MAIN_R1 to state STATE_MAIN_R2<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]:
"garelick-hq" #1696: STATE_MAIN_R2: sent<o:p></o:p></p>
<p class=MsoNormal> MR2, expecting MI3<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]:
"garelick-hq" #1696: Main mode peer ID i<o:p></o:p></p>
<p class=MsoNormal>s ID_FQDN: '@garelick.local'<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]: "garelick-hq"
#1696: transition from sta<o:p></o:p></p>
<p class=MsoNormal>te STATE_MAIN_R2 to state STATE_MAIN_R3<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[13557]:
"garelick-hq" #1696: STATE_MAIN_R3: sent<o:p></o:p></p>
<p class=MsoNormal> MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG
cipher=aes_128 prf=oakley_sha g<o:p></o:p></p>
<p class=MsoNormal>roup=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:03:48 localhost pluto[13557]: packet from
1.2.100.18:500: Informati<o:p></o:p></p>
<p class=MsoNormal>onal Exchange is for an unknown (expired?) SA with
MSGID:0x62442f25<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [Openswan (this version) 2.6.28 ]<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [Dead Peer Detection]<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [RFC 3947] method set to=109<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108,
but already using me<o:p></o:p></p>
<p class=MsoNormal>thod 109<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
meth=106, but already using<o:p></o:p></p>
<p class=MsoNormal>method 109<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107,
but already using me<o:p></o:p></p>
<p class=MsoNormal>thod 109<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]:
"garelick-hq" #1697: responding to Main<o:p></o:p></p>
<p class=MsoNormal>Mode<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]: "garelick-hq"
#1697: transition from sta<o:p></o:p></p>
<p class=MsoNormal>te STATE_MAIN_R0 to state STATE_MAIN_R1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]:
"garelick-hq" #1697: STATE_MAIN_R1: sent<o:p></o:p></p>
<p class=MsoNormal> MR1, expecting MI2<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]:
"garelick-hq" #1697: NAT-Traversal: Resu<o:p></o:p></p>
<p class=MsoNormal>lt using RFC 3947 (NAT-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]:
"garelick-hq" #1697: transition from sta<o:p></o:p></p>
<p class=MsoNormal>te STATE_MAIN_R1 to state STATE_MAIN_R2<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]:
"garelick-hq" #1697: STATE_MAIN_R2: sent<o:p></o:p></p>
<p class=MsoNormal> MR2, expecting MI3<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]:
"garelick-hq" #1697: Main mode peer ID i<o:p></o:p></p>
<p class=MsoNormal>s ID_FQDN: '@garelick.local'<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]:
"garelick-hq" #1697: transition from sta<o:p></o:p></p>
<p class=MsoNormal>te STATE_MAIN_R2 to state STATE_MAIN_R3<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[13557]:
"garelick-hq" #1697: STATE_MAIN_R3: sent<o:p></o:p></p>
<p class=MsoNormal> MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG
cipher=aes_128 prf=oakley_sha g<o:p></o:p></p>
<p class=MsoNormal>roup=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [Openswan (this version) 2.6.28 ]<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [Dead Peer Detection]<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [RFC 3947] method set to=109<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108,
but already using me<o:p></o:p></p>
<p class=MsoNormal>thod 109<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
meth=106, but already using<o:p></o:p></p>
<p class=MsoNormal>method 109<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107,
but already using me<o:p></o:p></p>
<p class=MsoNormal>thod 109<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]: packet from
1.2.100.18:500: received<o:p></o:p></p>
<p class=MsoNormal>Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]: "garelick-hq"
#1698: responding to Main<o:p></o:p></p>
<p class=MsoNormal>Mode<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]:
"garelick-hq" #1698: transition from sta<o:p></o:p></p>
<p class=MsoNormal>te STATE_MAIN_R0 to state STATE_MAIN_R1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]:
"garelick-hq" #1698: STATE_MAIN_R1: sent<o:p></o:p></p>
<p class=MsoNormal> MR1, expecting MI2<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]:
"garelick-hq" #1698: NAT-Traversal: Resu<o:p></o:p></p>
<p class=MsoNormal>lt using RFC 3947 (NAT-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]:
"garelick-hq" #1698: transition from sta<o:p></o:p></p>
<p class=MsoNormal>te STATE_MAIN_R1 to state STATE_MAIN_R2<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]:
"garelick-hq" #1698: STATE_MAIN_R2: sent<o:p></o:p></p>
<p class=MsoNormal> MR2, expecting MI3<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]:
"garelick-hq" #1698: Main mode peer ID i<o:p></o:p></p>
<p class=MsoNormal>s ID_FQDN: '@garelick.local'<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]: "garelick-hq"
#1698: transition from sta<o:p></o:p></p>
<p class=MsoNormal>te STATE_MAIN_R2 to state STATE_MAIN_R3<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[13557]:
"garelick-hq" #1698: STATE_MAIN_R3: sent<o:p></o:p></p>
<p class=MsoNormal> MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG
cipher=aes_128 prf=oakley_sha g<o:p></o:p></p>
<p class=MsoNormal>roup=modp2048}<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:37:12 localhost pluto[13557]: packet from
1.2.100.18:500: Informati<o:p></o:p></p>
<p class=MsoNormal>onal Exchange is for an unknown (expired?) SA with
MSGID:0x6808f130<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:18 localhost pluto[13557]:
"garelick-hq" #1699: initiating Quick Mo<o:p></o:p></p>
<p class=MsoNormal>de RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW to replace #1688
{using isakmp#1698 m<o:p></o:p></p>
<p class=MsoNormal>sgid:50633fe2 proposal=defaults
pfsgroup=OAKLEY_GROUP_MODP2048}<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:18 localhost pluto[13557]:
"garelick-hq" #1699: KE has 255 byte DH<o:p></o:p></p>
<p class=MsoNormal>public value; 256 required<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:18 localhost pluto[13557]:
"garelick-hq" #1699: sending encrypted n<o:p></o:p></p>
<p class=MsoNormal>otification INVALID_KEY_INFORMATION to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:28 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:28 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:28 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:28 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:28 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:48 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:48 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:48 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:48 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:48 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:54:28 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:54:28 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:54:28 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:54:28 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:54:28 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:55:08 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:55:08 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:55:08 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:55:08 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:55:08 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:55:48 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:55:48 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:55:48 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:55:48 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:55:48 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:56:28 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:56:28 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:56:28 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:56:28 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:56:28 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:57:08 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:57:08 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:57:08 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:57:08 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:57:08 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:57:48 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:57:48 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:57:48 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:57:48 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:57:48 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:58:28 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:58:28 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:58:28 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:58:28 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:58:28 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:59:08 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:59:08 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:59:08 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:59:08 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:59:08 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:59:48 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:59:48 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:59:48 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:59:48 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:59:48 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:00:28 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:01:08 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:01:08 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:01:08 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:01:08 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:01:48 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:01:48 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:01:48 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:01:48 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:01:48 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:02:28 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:02:28 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:02:28 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:02:28 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:02:28 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:03:08 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:03:08 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:03:08 localhost pluto[13557]: | payload malformed
after IV<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:03:08 localhost pluto[13557]: | a3 1b
78 a8 01 0c 02 23 a0 82 8a 2<o:p></o:p></p>
<p class=MsoNormal>6 9b a9 1f f1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:03:08 localhost pluto[13557]:
"garelick-hq" #1698: sending notificatio<o:p></o:p></p>
<p class=MsoNormal>n PAYLOAD_MALFORMED to 1.2.100.18:500<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:03:48 localhost pluto[13557]:
"garelick-hq" #1698: next payload type o<o:p></o:p></p>
<p class=MsoNormal>f ISAKMP Hash Payload has an unknown value: 202<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:03:48 localhost pluto[13557]:
"garelick-hq" #1698: malformed payload i<o:p></o:p></p>
<p class=MsoNormal>n packet<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:03:48 localhost pluto[13557]:
"garelick-hq" #1698: too many (17) malfo<o:p></o:p></p>
<p class=MsoNormal>rmed payloads. Deleting state<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:03:48 localhost pluto[13557]: packet from 1.2.100.18:500:
Informati<o:p></o:p></p>
<p class=MsoNormal>onal Exchange is for an unknown (expired?) SA with
MSGID:0xdcb2d7de<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:04:28 localhost pluto[13557]: packet from
1.2.100.18:500: Quick Mod<o:p></o:p></p>
<p class=MsoNormal>e message is for a non-existent (expired?) ISAKMP SA<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:05:08 localhost pluto[13557]: packet from
1.2.100.18:500: Quick Mod<o:p></o:p></p>
<p class=MsoNormal>e message is for a non-existent (expired?) ISAKMP SA<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:05:48 localhost pluto[13557]: packet from
1.2.100.18:500: Quick Mod<o:p></o:p></p>
<p class=MsoNormal>e message is for a non-existent (expired?) ISAKMP SA<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:10:04 localhost pluto[13557]:
"garelick-hq" #1688: IPsec SA expired (L<o:p></o:p></p>
<p class=MsoNormal>ATEST!)<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:10:04 localhost pluto[13557]:
"garelick-hq" #1688: down-client output:<o:p></o:p></p>
<p class=MsoNormal> Running hq-updown<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:13:01 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:13:42 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:14:21 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:15:02 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:15:52 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:16:52 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:17:52 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:18:52 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:19:52 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:20:52 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:21:52 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:22:52 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:23:31 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:24:11 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:24:52 localhost pluto[13557]: initiate on demand
from 10.86.0.20:54587<o:p></o:p></p>
<p class=MsoNormal> to 10.86.2.202:161 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>--More--(62%)<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Here is an extract from the log from the Garelick site.<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Sep 17 23:03:48 localhost pluto[2320]:
"garelick-hq" #1370: NAT-Traversal: Resul<o:p></o:p></p>
<p class=MsoNormal>t using RFC 3947 (NAT-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:03:48 localhost pluto[2320]:
"garelick-hq" #1370: transition from stat<o:p></o:p></p>
<p class=MsoNormal>e STATE_MAIN_I2 to state STATE_MAIN_I3<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:03:48 localhost pluto[2320]:
"garelick-hq" #1370: STATE_MAIN_I3: sent<o:p></o:p></p>
<p class=MsoNormal>MI3, expecting MR3<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:03:48 localhost pluto[2320]:
"garelick-hq" #1370: received Vendor ID p<o:p></o:p></p>
<p class=MsoNormal>ayload [CAN-IKEv2]<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:03:48 localhost pluto[2320]:
"garelick-hq" #1370: Main mode peer ID is<o:p></o:p></p>
<p class=MsoNormal> ID_FQDN: '@hq.local'<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:03:48 localhost pluto[2320]:
"garelick-hq" #1370: transition from stat<o:p></o:p></p>
<p class=MsoNormal>e STATE_MAIN_I3 to state STATE_MAIN_I4<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:03:48 localhost pluto[2320]:
"garelick-hq" #1370: STATE_MAIN_I4: ISAKM<o:p></o:p></p>
<p class=MsoNormal>P SA established {auth=OAKLEY_RSA_SIG cipher=aes_128
prf=oakley_sha group=modp20<o:p></o:p></p>
<p class=MsoNormal>48}<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:16:14 localhost pluto[2320]:
"garelick-hq" #1369: received Delete SA p<o:p></o:p></p>
<p class=MsoNormal>ayload: deleting ISAKMP State #1369<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:16:14 localhost pluto[2320]: packet from
1.2.46.182:500: received a<o:p></o:p></p>
<p class=MsoNormal>nd ignored informational message<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]:
"garelick-hq" #1371: initiating Main Mode<o:p></o:p></p>
<p class=MsoNormal> to replace #1370<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]:
"garelick-hq" #1371: received Vendor ID p<o:p></o:p></p>
<p class=MsoNormal>ayload [Openswan (this version) 2.6.28 ]<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]:
"garelick-hq" #1371: received Vendor ID p<o:p></o:p></p>
<p class=MsoNormal>ayload [Dead Peer Detection]<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]: "garelick-hq"
#1371: received Vendor ID p<o:p></o:p></p>
<p class=MsoNormal>ayload [RFC 3947] method set to=109<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]:
"garelick-hq" #1371: enabling possible NA<o:p></o:p></p>
<p class=MsoNormal>T-traversal with method 4<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]:
"garelick-hq" #1371: transition from stat<o:p></o:p></p>
<p class=MsoNormal>e STATE_MAIN_I1 to state STATE_MAIN_I2<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]:
"garelick-hq" #1371: STATE_MAIN_I2: sent<o:p></o:p></p>
<p class=MsoNormal>MI2, expecting MR2<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]:
"garelick-hq" #1371: NAT-Traversal: Resul<o:p></o:p></p>
<p class=MsoNormal>t using RFC 3947 (NAT-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]:
"garelick-hq" #1371: transition from stat<o:p></o:p></p>
<p class=MsoNormal>e STATE_MAIN_I2 to state STATE_MAIN_I3<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]:
"garelick-hq" #1371: STATE_MAIN_I3: sent<o:p></o:p></p>
<p class=MsoNormal>MI3, expecting MR3<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]:
"garelick-hq" #1371: received Vendor ID p<o:p></o:p></p>
<p class=MsoNormal>ayload [CAN-IKEv2]<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]:
"garelick-hq" #1371: Main mode peer ID is<o:p></o:p></p>
<p class=MsoNormal> ID_FQDN: '@hq.local'<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]:
"garelick-hq" #1371: transition from stat<o:p></o:p></p>
<p class=MsoNormal>e STATE_MAIN_I3 to state STATE_MAIN_I4<o:p></o:p></p>
<p class=MsoNormal>Sep 17 23:52:06 localhost pluto[2320]:
"garelick-hq" #1371: STATE_MAIN_I4: ISAKM<o:p></o:p></p>
<p class=MsoNormal>P SA established {auth=OAKLEY_RSA_SIG cipher=aes_128
prf=oakley_sha group=modp20<o:p></o:p></p>
<p class=MsoNormal>48}<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:03:48 localhost pluto[2320]:
"garelick-hq" #1370: received Delete SA p<o:p></o:p></p>
<p class=MsoNormal>ayload: deleting ISAKMP State #1370<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:03:48 localhost pluto[2320]: packet from
1.2.46.182:500: received a<o:p></o:p></p>
<p class=MsoNormal>nd ignored informational message<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]: "garelick-hq"
#1372: initiating Main Mode<o:p></o:p></p>
<p class=MsoNormal> to replace #1371<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]:
"garelick-hq" #1372: received Vendor ID p<o:p></o:p></p>
<p class=MsoNormal>ayload [Openswan (this version) 2.6.28 ]<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]:
"garelick-hq" #1372: received Vendor ID p<o:p></o:p></p>
<p class=MsoNormal>ayload [Dead Peer Detection]<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]:
"garelick-hq" #1372: received Vendor ID p<o:p></o:p></p>
<p class=MsoNormal>ayload [RFC 3947] method set to=109<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]:
"garelick-hq" #1372: enabling possible NA<o:p></o:p></p>
<p class=MsoNormal>T-traversal with method 4<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]:
"garelick-hq" #1372: transition from stat<o:p></o:p></p>
<p class=MsoNormal>e STATE_MAIN_I1 to state STATE_MAIN_I2<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]:
"garelick-hq" #1372: STATE_MAIN_I2: sent<o:p></o:p></p>
<p class=MsoNormal>MI2, expecting MR2<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]: "garelick-hq"
#1372: NAT-Traversal: Resul<o:p></o:p></p>
<p class=MsoNormal>t using RFC 3947 (NAT-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]:
"garelick-hq" #1372: transition from stat<o:p></o:p></p>
<p class=MsoNormal>e STATE_MAIN_I2 to state STATE_MAIN_I3<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]:
"garelick-hq" #1372: STATE_MAIN_I3: sent<o:p></o:p></p>
<p class=MsoNormal>MI3, expecting MR3<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]:
"garelick-hq" #1372: received Vendor ID p<o:p></o:p></p>
<p class=MsoNormal>ayload [CAN-IKEv2]<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]:
"garelick-hq" #1372: Main mode peer ID is<o:p></o:p></p>
<p class=MsoNormal> ID_FQDN: '@hq.local'<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]:
"garelick-hq" #1372: transition from stat<o:p></o:p></p>
<p class=MsoNormal>e STATE_MAIN_I3 to state STATE_MAIN_I4<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:37:12 localhost pluto[2320]:
"garelick-hq" #1372: STATE_MAIN_I4: ISAKM<o:p></o:p></p>
<p class=MsoNormal>P SA established {auth=OAKLEY_RSA_SIG cipher=aes_128
prf=oakley_sha group=modp20<o:p></o:p></p>
<p class=MsoNormal>48}<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:52:06 localhost pluto[2320]: ERROR:
"garelick-hq" #1371: sendto on br0<o:p></o:p></p>
<p class=MsoNormal> to 1.2.46.182:500 failed in delete notify. Errno 1:
Operation not permitted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 00:52:06 localhost pluto[2320]: packet from
1.2.46.182:500: Informatio<o:p></o:p></p>
<p class=MsoNormal>nal Exchange is for an unknown (expired?) SA with
MSGID:0x84a00c90<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: initiating Main Mode<o:p></o:p></p>
<p class=MsoNormal> to replace #1372<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: received Vendor ID p<o:p></o:p></p>
<p class=MsoNormal>ayload [Openswan (this version) 2.6.28 ]<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: received Vendor ID p<o:p></o:p></p>
<p class=MsoNormal>ayload [Dead Peer Detection]<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: received Vendor ID p<o:p></o:p></p>
<p class=MsoNormal>ayload [RFC 3947] method set to=109<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: enabling possible NA<o:p></o:p></p>
<p class=MsoNormal>T-traversal with method 4<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: transition from stat<o:p></o:p></p>
<p class=MsoNormal>e STATE_MAIN_I1 to state STATE_MAIN_I2<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: STATE_MAIN_I2: sent<o:p></o:p></p>
<p class=MsoNormal>MI2, expecting MR2<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: NAT-Traversal: Resul<o:p></o:p></p>
<p class=MsoNormal>t using RFC 3947 (NAT-Traversal): no NAT detected<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: transition from stat<o:p></o:p></p>
<p class=MsoNormal>e STATE_MAIN_I2 to state STATE_MAIN_I3<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: STATE_MAIN_I3: sent<o:p></o:p></p>
<p class=MsoNormal>MI3, expecting MR3<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: received Vendor ID p<o:p></o:p></p>
<p class=MsoNormal>ayload [CAN-IKEv2]<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: Main mode peer ID is<o:p></o:p></p>
<p class=MsoNormal> ID_FQDN: '@hq.local'<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: transition from stat<o:p></o:p></p>
<p class=MsoNormal>e STATE_MAIN_I3 to state STATE_MAIN_I4<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:20:56 localhost pluto[2320]:
"garelick-hq" #1373: STATE_MAIN_I4: ISAKM<o:p></o:p></p>
<p class=MsoNormal>P SA established {auth=OAKLEY_RSA_SIG cipher=aes_128
prf=oakley_sha group=modp20<o:p></o:p></p>
<p class=MsoNormal>48}<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:37:12 localhost pluto[2320]: "garelick-hq"
#1372: received Delete SA p<o:p></o:p></p>
<p class=MsoNormal>ayload: deleting ISAKMP State #1372<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:37:12 localhost pluto[2320]: packet from
1.2.46.182:500: received a<o:p></o:p></p>
<p class=MsoNormal>nd ignored informational message<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:18 localhost pluto[2320]:
"garelick-hq" #1373: the peer proposed: 1<o:p></o:p></p>
<p class=MsoNormal>0.86.2.0/24:0/0 -> 10.86.0.0/24:0/0<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:18 localhost pluto[2320]:
"garelick-hq" #1374: responding to Quick<o:p></o:p></p>
<p class=MsoNormal>Mode proposal {msgid:50633fe2}<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:18 localhost pluto[2320]:
"garelick-hq" #1374: us: 10.86.2.0/24<o:p></o:p></p>
<p class=MsoNormal>===1.2.100.18<1.2.100.18>[@garelick.local,+S=C]---1.2.100.17<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:18 localhost pluto[2320]:
"garelick-hq" #1374: them: 1.2.46.17<o:p></o:p></p>
<p class=MsoNormal>7---1.2.46.182<1.2.46.182>[@hq.local,+S=C]===10.86.0.0/24<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:18 localhost pluto[2320]:
"garelick-hq" #1374: keeping refhim=42949<o:p></o:p></p>
<p class=MsoNormal>01761 during rekey<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:18 localhost pluto[2320]:
"garelick-hq" #1374: transition from stat<o:p></o:p></p>
<p class=MsoNormal>e STATE_QUICK_R0 to state STATE_QUICK_R1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:18 localhost pluto[2320]:
"garelick-hq" #1374: STATE_QUICK_R1: sent<o:p></o:p></p>
<p class=MsoNormal> QR1, inbound IPsec SA installed, expecting QI2<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:18 localhost pluto[2320]:
"garelick-hq" #1373: ignoring information<o:p></o:p></p>
<p class=MsoNormal>al payload, type INVALID_KEY_INFORMATION msgid=00000000<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:18 localhost pluto[2320]:
"garelick-hq" #1373: received and ignored<o:p></o:p></p>
<p class=MsoNormal> informational message<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:28 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:53:48 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:54:28 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:55:48 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:56:28 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:57:08 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:57:48 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:58:28 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:59:08 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 01:59:48 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:00:28 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:01:08 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:01:48 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:02:28 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:03:08 localhost pluto[2320]:
"garelick-hq" #1373: Informational Exchan<o:p></o:p></p>
<p class=MsoNormal>ge message must be encrypted<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:03:48 localhost pluto[2320]:
"garelick-hq" #1373: received Delete SA p<o:p></o:p></p>
<p class=MsoNormal>ayload: deleting ISAKMP State #1373<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:03:48 localhost pluto[2320]: packet from
1.2.46.182:500: received a<o:p></o:p></p>
<p class=MsoNormal>nd ignored informational message<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:06:28 localhost pluto[2320]:
"garelick-hq" #1374: max number of retran<o:p></o:p></p>
<p class=MsoNormal>smissions (20) reached STATE_QUICK_R1<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:10:04 localhost pluto[2320]:
"garelick-hq" #1363: IPsec SA expired (LA<o:p></o:p></p>
<p class=MsoNormal>TEST!)<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:10:04 localhost pluto[2320]:
"garelick-hq" #1363: down-client output:<o:p></o:p></p>
<p class=MsoNormal>Running garelick-updown<o:p></o:p></p>
<p class=MsoNormal>Sep 18 02:10:04 localhost pluto[2320]:
"garelick-hq" #1363: down-client output:<o:p></o:p></p>
<p class=MsoNormal>Updating route to HQ<o:p></o:p></p>
<p class=MsoNormal>Sep 18 04:09:30 localhost pluto[2320]: initiate on demand
from 10.86.2.102:4318<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 05:58:56 localhost pluto[2320]: initiate on demand
from 10.86.2.114:1054<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 09:09:41 localhost pluto[2320]: initiate on demand
from 10.86.2.102:4318<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 09:30:21 localhost pluto[2320]: initiate on demand
from 10.86.2.105:2159<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 09:41:00 localhost pluto[2320]: initiate on demand
from 10.86.2.102:3874<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 10:38:28 localhost pluto[2320]: initiate on demand
from 10.86.2.110:49400<o:p></o:p></p>
<p class=MsoNormal> to 10.86.0.9:53 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 10:59:00 localhost pluto[2320]: initiate on demand
from 10.86.2.114:1054<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 12:08:13 localhost pluto[2320]: initiate on demand
from 10.86.2.102:4318<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 14:09:52 localhost pluto[2320]: initiate on demand
from 10.86.2.102:4318<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 14:27:25 localhost pluto[2320]: initiate on demand
from 10.86.2.105:63464<o:p></o:p></p>
<p class=MsoNormal> to 10.86.0.9:53 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 14:30:37 localhost pluto[2320]: initiate on demand
from 10.86.2.105:50586<o:p></o:p></p>
<p class=MsoNormal> to 10.86.0.9:53 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 15:31:13 localhost pluto[2320]: initiate on demand
from 10.86.2.105:53231<o:p></o:p></p>
<p class=MsoNormal> to 10.86.0.9:53 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 15:59:04 localhost pluto[2320]: initiate on demand
from 10.86.2.114:1054<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 16:24:57 localhost pluto[2320]: initiate on demand
from 10.86.2.109:55001<o:p></o:p></p>
<p class=MsoNormal> to 10.86.0.9:53 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 17:27:53 localhost pluto[2320]: initiate on demand
from 10.86.2.100:52150<o:p></o:p></p>
<p class=MsoNormal> to 10.86.0.9:53 proto=17 state: fos_start because:
acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 17:49:00 localhost pluto[2320]: initiate on demand
from 10.86.2.102:4135<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 18:30:21 localhost pluto[2320]: initiate on demand
from 10.86.2.105:2329<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 19:10:03 localhost pluto[2320]: initiate on demand
from 10.86.2.102:4318<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 19:41:10 localhost pluto[2320]: initiate on demand
from 10.86.2.114:1054<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 18 20:59:09 localhost pluto[2320]: initiate on demand from
10.86.2.114:1054<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 19 00:10:17 localhost pluto[2320]: initiate on demand
from 10.86.2.102:4318<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>Sep 19 01:59:13 localhost pluto[2320]: initiate on demand
from 10.86.2.114:1054<o:p></o:p></p>
<p class=MsoNormal>to 10.86.0.9:53 proto=17 state: fos_start because: acquire<o:p></o:p></p>
<p class=MsoNormal>[root@Garelick-fw1 log]#<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</body>
</html>