<html><head><meta http-equiv="Content-Type" content="text/html charset=windows-1252"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Rescued from the spam bucket. Please remember to subscribe to the mailing list before posting to it.</b></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b><br></b></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b><br></b></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>From: </b></span><span style="font-family:'Helvetica'; font-size:medium;">Peter <<a href="mailto:pit11@ukr.net">pit11@ukr.net</a>><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Subject: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><b>Mutual "Deleting connection" with same private IP from others companies</b><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Date: </b></span><span style="font-family:'Helvetica'; font-size:medium;">4 April, 2013 1:36:34 PM EDT<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>To: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><a href="mailto:users@lists.openswan.org">users@lists.openswan.org</a><br></span></div><br><br>Hi All!<br><br>CentOS 6.3<br>kernel 2.6.32-279.9.1.el6.local.x86_64 with SAref<br>openswan-2.6.38<br>xl2tpd 1.3.1-5.el6<br><br>ipsec.conf:<br><br>version 2.0 <br>config setup<br> nat_traversal=yes<br> virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10,%v4:!10.13.0.0/16,%v4:!192.168.18.0/24<br> oe=off<br> protostack=mast<br> interfaces="mast0=eth3"<br># Add connections here<br>conn L2TP-PSK-NAT<br> rightsubnet=vhost:%priv<br> also=L2TP-PSK-noNAT<br>conn L2TP-PSK-noNAT<br> authby=secret<br> pfs=no<br> auto=add<br> keyingtries=3<br> rekey=no<br> dpddelay=10<br> dpdtimeout=90<br> dpdaction=clear<br> ikelifetime=8h<br> keylife=1h<br> type=transport<br> sareftrack=yes<br> overlapip=no<br> left=xxx.xxx.xxx.xxx<br> leftprotoport=17/1701<br> right=%any<br> rightprotoport=17/%any<br><br><br>xl2tpd.conf:<br><br>global]<br>listen-addr = xxx.xxx.xxx.xxx<br>force userspace = yes<br>ipsec saref = yes<br><br>[lns default]<br>assign ip = yes<br>ip range = 10.13.1.128-10.13.2.254<br>local ip = 10.13.0.1<br>require chap = yes<br>refuse pap = yes<br>refuse authentication = no<br>require authentication = no<br>name = l2tpd<br>ppp debug = yes<br>pppoptfile = /etc/ppp/options.xl2tpd<br>length bit = yes<br>flow bit = yes<br><br><br>Mutual "Deleting connection" with same private IP from others companies, when they are connected at the same time.<br>192.168.0.105 --- 80.90.239.11 --------> My VPN-server (xxx.xxx.xxx.xxx)<br>192.168.0.105 --- 195.138.77.67 --------> My VPN-server (xxx.xxx.xxx.xxx)<br><br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14252: deleting connection "L2TP-PSK-NAT" instance with peer 195.138.77.67 {isakmp=#0/ipsec=#0}<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14252: deleting connection "L2TP-PSK-NAT" instance with peer 80.90.239.11 {isakmp=#14250/ipsec=#14251}<br><br><br>Full /var/log/secure:<br><br>Apr 4 17:50:32 vpn pluto[2047]: packet from 80.90.239.11:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]<br>Apr 4 17:50:32 vpn pluto[2047]: packet from 80.90.239.11:500: received Vendor ID payload [RFC 3947] method set to=115<br>Apr 4 17:50:32 vpn pluto[2047]: packet from 80.90.239.11:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115<br>Apr 4 17:50:32 vpn pluto[2047]: packet from 80.90.239.11:500: ignoring Vendor ID payload [FRAGMENTATION]<br>Apr 4 17:50:32 vpn pluto[2047]: packet from 80.90.239.11:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]<br>Apr 4 17:50:32 vpn pluto[2047]: packet from 80.90.239.11:500: ignoring Vendor ID payload [Vid-Initial-Contact]<br>Apr 4 17:50:32 vpn pluto[2047]: packet from 80.90.239.11:500: ignoring Vendor ID payload [IKE CGA version 1]<br>Apr 4 17:50:32 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14250: responding to Main Mode from unknown peer 80.90.239.11<br>Apr 4 17:50:32 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14250: OAKLEY_GROUP 20 not supported. Attribute OAKLEY_GROUP_DESCRIPTION<br>Apr 4 17:50:32 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14250: OAKLEY_GROUP 19 not supported. Attribute OAKLEY_GROUP_DESCRIPTION<br>Apr 4 17:50:32 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14250: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<br>Apr 4 17:50:32 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14250: STATE_MAIN_R1: sent MR1, expecting MI2<br>Apr 4 17:50:32 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14250: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): peer is NATed<br>Apr 4 17:50:32 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14250: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<br>Apr 4 17:50:32 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14250: STATE_MAIN_R2: sent MR2, expecting MI3<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14250: Main mode peer ID is ID_IPV4_ADDR: '192.168.0.105'<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14250: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT"<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14250: deleting connection "L2TP-PSK-NAT" instance with peer 195.138.77.67 {isakmp=#14236/ipsec=#14237}<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT" #14237: deleting state (STATE_QUICK_R2)<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT" #14236: deleting state (STATE_MAIN_R3)<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14250: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14250: new NAT mapping for #14250, was 80.90.239.11:500, now 80.90.239.11:1036<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14250: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp2048}<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14250: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14250: the peer proposed: xxx.xxx.xxx.xxx/32:17/1701 -> 192.168.0.105/32:17/0<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14250: NAT-Traversal: received 2 NAT-OA. using first, ignoring others<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14251: responding to Quick Mode proposal {msgid:01000000}<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14251: us: xxx.xxx.xxx.xxx<xxx.xxx.xxx.xxx>:17/1701<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14251: them: 80.90.239.11[192.168.0.105]:17/1701===192.168.0.105/32<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14251: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14251: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14251: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14251: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2<br>Apr 4 17:50:33 vpn pluto[2047]: "L2TP-PSK-NAT"[11115] 80.90.239.11 #14251: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x3bf28da1 <0x6fa7d29f xfrm=AES_128-HMAC_SHA1 NATOA=192.168.0.105 NATD=80.90.239.11:1036 DPD=none}<br>Apr 4 17:51:15 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]<br>Apr 4 17:51:15 vpn pluto[2047]: packet from 195.138.77.67:4500: received Vendor ID payload [RFC 3947] method set to=115<br>Apr 4 17:51:15 vpn pluto[2047]: packet from 195.138.77.67:4500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115<br>Apr 4 17:51:15 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [FRAGMENTATION]<br>Apr 4 17:51:15 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]<br>Apr 4 17:51:15 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [Vid-Initial-Contact]<br>Apr 4 17:51:15 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [IKE CGA version 1]<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11116] 195.138.77.67 #14252: responding to Main Mode from unknown peer 195.138.77.67<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11116] 195.138.77.67 #14252: OAKLEY_GROUP 20 not supported. Attribute OAKLEY_GROUP_DESCRIPTION<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11116] 195.138.77.67 #14252: OAKLEY_GROUP 19 not supported. Attribute OAKLEY_GROUP_DESCRIPTION<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11116] 195.138.77.67 #14252: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11116] 195.138.77.67 #14252: STATE_MAIN_R1: sent MR1, expecting MI2<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11116] 195.138.77.67 #14252: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): peer is NATed<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11116] 195.138.77.67 #14252: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11116] 195.138.77.67 #14252: STATE_MAIN_R2: sent MR2, expecting MI3<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11116] 195.138.77.67 #14252: Main mode peer ID is ID_IPV4_ADDR: '192.168.0.105'<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11116] 195.138.77.67 #14252: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT"<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14252: deleting connection "L2TP-PSK-NAT" instance with peer 195.138.77.67 {isakmp=#0/ipsec=#0}<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14252: deleting connection "L2TP-PSK-NAT" instance with peer 80.90.239.11 {isakmp=#14250/ipsec=#14251}<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT" #14251: deleting state (STATE_QUICK_R2)<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT" #14250: deleting state (STATE_MAIN_R3)<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14252: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14252: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp2048}<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14252: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14252: the peer proposed: xxx.xxx.xxx.xxx/32:17/1701 -> 192.168.0.105/32:17/0<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14252: NAT-Traversal: received 2 NAT-OA. using first, ignoring others<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14253: responding to Quick Mode proposal {msgid:01000000}<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14253: us: xxx.xxx.xxx.xxx<xxx.xxx.xxx.xxx>:17/1701<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14253: them: 195.138.77.67[192.168.0.105]:17/1701===192.168.0.105/32<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14253: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14253: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14253: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14253: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2<br>Apr 4 17:51:15 vpn pluto[2047]: "L2TP-PSK-NAT"[11117] 195.138.77.67 #14253: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x638ab232 <0x6fa7d2a0 xfrm=AES_128-HMAC_SHA1 NATOA=192.168.0.105 NATD=195.138.77.67:4500 DPD=none}<br>Apr 4 17:51:23 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]<br>Apr 4 17:51:23 vpn pluto[2047]: packet from 80.90.239.11:1036: received Vendor ID payload [RFC 3947] method set to=115<br>Apr 4 17:51:23 vpn pluto[2047]: packet from 80.90.239.11:1036: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115<br>Apr 4 17:51:23 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [FRAGMENTATION]<br>Apr 4 17:51:23 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]<br>Apr 4 17:51:23 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [Vid-Initial-Contact]<br>Apr 4 17:51:23 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [IKE CGA version 1]<br>Apr 4 17:51:23 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14254: responding to Main Mode from unknown peer 80.90.239.11<br>Apr 4 17:51:23 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14254: OAKLEY_GROUP 20 not supported. Attribute OAKLEY_GROUP_DESCRIPTION<br>Apr 4 17:51:23 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14254: OAKLEY_GROUP 19 not supported. Attribute OAKLEY_GROUP_DESCRIPTION<br>Apr 4 17:51:23 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14254: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<br>Apr 4 17:51:23 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14254: STATE_MAIN_R1: sent MR1, expecting MI2<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14254: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): peer is NATed<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14254: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14254: STATE_MAIN_R2: sent MR2, expecting MI3<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14254: Main mode peer ID is ID_IPV4_ADDR: '192.168.0.105'<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14254: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT"<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14254: deleting connection "L2TP-PSK-NAT" instance with peer 195.138.77.67 {isakmp=#14252/ipsec=#14253}<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT" #14253: deleting state (STATE_QUICK_R2)<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT" #14252: deleting state (STATE_MAIN_R3)<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14254: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14254: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp2048}<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14254: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14254: the peer proposed: xxx.xxx.xxx.xxx/32:17/1701 -> 192.168.0.105/32:17/0<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14254: NAT-Traversal: received 2 NAT-OA. using first, ignoring others<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14255: responding to Quick Mode proposal {msgid:01000000}<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14255: us: xxx.xxx.xxx.xxx<xxx.xxx.xxx.xxx>:17/1701<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14255: them: 80.90.239.11[192.168.0.105]:17/1701===192.168.0.105/32<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14255: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14255: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14255: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14255: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2<br>Apr 4 17:51:24 vpn pluto[2047]: "L2TP-PSK-NAT"[11118] 80.90.239.11 #14255: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x8ac9644f <0x6fa7d2a1 xfrm=AES_128-HMAC_SHA1 NATOA=192.168.0.105 NATD=80.90.239.11:1036 DPD=none}<br>Apr 4 17:51:25 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]<br>Apr 4 17:51:25 vpn pluto[2047]: packet from 195.138.77.67:4500: received Vendor ID payload [RFC 3947] method set to=115<br>Apr 4 17:51:25 vpn pluto[2047]: packet from 195.138.77.67:4500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115<br>Apr 4 17:51:25 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [FRAGMENTATION]<br>Apr 4 17:51:25 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]<br>Apr 4 17:51:25 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [Vid-Initial-Contact]<br>Apr 4 17:51:25 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [IKE CGA version 1]<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11119] 195.138.77.67 #14256: responding to Main Mode from unknown peer 195.138.77.67<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11119] 195.138.77.67 #14256: OAKLEY_GROUP 20 not supported. Attribute OAKLEY_GROUP_DESCRIPTION<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11119] 195.138.77.67 #14256: OAKLEY_GROUP 19 not supported. Attribute OAKLEY_GROUP_DESCRIPTION<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11119] 195.138.77.67 #14256: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11119] 195.138.77.67 #14256: STATE_MAIN_R1: sent MR1, expecting MI2<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11119] 195.138.77.67 #14256: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): peer is NATed<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11119] 195.138.77.67 #14256: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11119] 195.138.77.67 #14256: STATE_MAIN_R2: sent MR2, expecting MI3<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11119] 195.138.77.67 #14256: Main mode peer ID is ID_IPV4_ADDR: '192.168.0.105'<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11119] 195.138.77.67 #14256: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT"<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14256: deleting connection "L2TP-PSK-NAT" instance with peer 195.138.77.67 {isakmp=#0/ipsec=#0}<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14256: deleting connection "L2TP-PSK-NAT" instance with peer 80.90.239.11 {isakmp=#14254/ipsec=#14255}<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT" #14255: deleting state (STATE_QUICK_R2)<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT" #14254: deleting state (STATE_MAIN_R3)<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14256: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14256: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp2048}<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14256: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14256: the peer proposed: xxx.xxx.xxx.xxx/32:17/1701 -> 192.168.0.105/32:17/0<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14256: NAT-Traversal: received 2 NAT-OA. using first, ignoring others<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14257: responding to Quick Mode proposal {msgid:01000000}<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14257: us: xxx.xxx.xxx.xxx<xxx.xxx.xxx.xxx>:17/1701<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14257: them: 195.138.77.67[192.168.0.105]:17/1701===192.168.0.105/32<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14257: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14257: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14257: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14257: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2<br>Apr 4 17:51:25 vpn pluto[2047]: "L2TP-PSK-NAT"[11120] 195.138.77.67 #14257: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x749e33ed <0x6fa7d2a2 xfrm=AES_128-HMAC_SHA1 NATOA=192.168.0.105 NATD=195.138.77.67:4500 DPD=none}<br>Apr 4 17:51:26 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]<br>Apr 4 17:51:26 vpn pluto[2047]: packet from 80.90.239.11:1036: received Vendor ID payload [RFC 3947] method set to=115<br>Apr 4 17:51:26 vpn pluto[2047]: packet from 80.90.239.11:1036: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115<br>Apr 4 17:51:26 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [FRAGMENTATION]<br>Apr 4 17:51:26 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]<br>Apr 4 17:51:26 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [Vid-Initial-Contact]<br>Apr 4 17:51:26 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [IKE CGA version 1]<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14258: responding to Main Mode from unknown peer 80.90.239.11<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14258: OAKLEY_GROUP 20 not supported. Attribute OAKLEY_GROUP_DESCRIPTION<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14258: OAKLEY_GROUP 19 not supported. Attribute OAKLEY_GROUP_DESCRIPTION<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14258: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14258: STATE_MAIN_R1: sent MR1, expecting MI2<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14258: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): peer is NATed<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14258: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14258: STATE_MAIN_R2: sent MR2, expecting MI3<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14258: Main mode peer ID is ID_IPV4_ADDR: '192.168.0.105'<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14258: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT"<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14258: deleting connection "L2TP-PSK-NAT" instance with peer 195.138.77.67 {isakmp=#14256/ipsec=#14257}<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT" #14257: deleting state (STATE_QUICK_R2)<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT" #14256: deleting state (STATE_MAIN_R3)<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14258: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14258: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp2048}<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14258: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14258: the peer proposed: xxx.xxx.xxx.xxx/32:17/1701 -> 192.168.0.105/32:17/0<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14258: NAT-Traversal: received 2 NAT-OA. using first, ignoring others<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14259: responding to Quick Mode proposal {msgid:01000000}<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14259: us: xxx.xxx.xxx.xxx<xxx.xxx.xxx.xxx>:17/1701<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14259: them: 80.90.239.11[192.168.0.105]:17/1701===192.168.0.105/32<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14259: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14259: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14259: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14259: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2<br>Apr 4 17:51:26 vpn pluto[2047]: "L2TP-PSK-NAT"[11121] 80.90.239.11 #14259: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x66f75963 <0x6fa7d2a3 xfrm=AES_128-HMAC_SHA1 NATOA=192.168.0.105 NATD=80.90.239.11:1036 DPD=none}<br>Apr 4 17:51:35 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]<br>Apr 4 17:51:35 vpn pluto[2047]: packet from 195.138.77.67:4500: received Vendor ID payload [RFC 3947] method set to=115<br>Apr 4 17:51:35 vpn pluto[2047]: packet from 195.138.77.67:4500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115<br>Apr 4 17:51:35 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [FRAGMENTATION]<br>Apr 4 17:51:35 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]<br>Apr 4 17:51:35 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [Vid-Initial-Contact]<br>Apr 4 17:51:35 vpn pluto[2047]: packet from 195.138.77.67:4500: ignoring Vendor ID payload [IKE CGA version 1]<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11122] 195.138.77.67 #14261: responding to Main Mode from unknown peer 195.138.77.67<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11122] 195.138.77.67 #14261: OAKLEY_GROUP 20 not supported. Attribute OAKLEY_GROUP_DESCRIPTION<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11122] 195.138.77.67 #14261: OAKLEY_GROUP 19 not supported. Attribute OAKLEY_GROUP_DESCRIPTION<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11122] 195.138.77.67 #14261: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11122] 195.138.77.67 #14261: STATE_MAIN_R1: sent MR1, expecting MI2<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11122] 195.138.77.67 #14261: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): peer is NATed<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11122] 195.138.77.67 #14261: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11122] 195.138.77.67 #14261: STATE_MAIN_R2: sent MR2, expecting MI3<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11122] 195.138.77.67 #14261: Main mode peer ID is ID_IPV4_ADDR: '192.168.0.105'<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11122] 195.138.77.67 #14261: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT"<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14261: deleting connection "L2TP-PSK-NAT" instance with peer 195.138.77.67 {isakmp=#0/ipsec=#0}<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14261: deleting connection "L2TP-PSK-NAT" instance with peer 80.90.239.11 {isakmp=#14258/ipsec=#14259}<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT" #14259: deleting state (STATE_QUICK_R2)<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT" #14258: deleting state (STATE_MAIN_R3)<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14261: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14261: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp2048}<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14261: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14261: the peer proposed: xxx.xxx.xxx.xxx/32:17/1701 -> 192.168.0.105/32:17/0<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14261: NAT-Traversal: received 2 NAT-OA. using first, ignoring others<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14262: responding to Quick Mode proposal {msgid:01000000}<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14262: us: xxx.xxx.xxx.xxx<xxx.xxx.xxx.xxx>:17/1701<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14262: them: 195.138.77.67[192.168.0.105]:17/1701===192.168.0.105/32<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14262: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14262: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14262: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14262: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2<br>Apr 4 17:51:35 vpn pluto[2047]: "L2TP-PSK-NAT"[11123] 195.138.77.67 #14262: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x11a550d6 <0x6fa7d2a5 xfrm=AES_128-HMAC_SHA1 NATOA=192.168.0.105 NATD=195.138.77.67:4500 DPD=none}<br>Apr 4 17:51:42 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]<br>Apr 4 17:51:42 vpn pluto[2047]: packet from 80.90.239.11:1036: received Vendor ID payload [RFC 3947] method set to=115<br>Apr 4 17:51:42 vpn pluto[2047]: packet from 80.90.239.11:1036: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115<br>Apr 4 17:51:42 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [FRAGMENTATION]<br>Apr 4 17:51:42 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]<br>Apr 4 17:51:42 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [Vid-Initial-Contact]<br>Apr 4 17:51:42 vpn pluto[2047]: packet from 80.90.239.11:1036: ignoring Vendor ID payload [IKE CGA version 1]<br>Apr 4 17:51:42 vpn pluto[2047]: "L2TP-PSK-NAT"[8642] 80.90.239.11 #14263: responding to Main Mode from unknown peer 80.90.239.11<br><br><br>Need help…<br>Peter<br><br><br><br></body></html>