<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<style>
<!--
@font-face
        {font-family:"Cambria Math"}
@font-face
        {font-family:Calibri}
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif"}
a:link, span.MsoHyperlink
        {color:blue;
        text-decoration:underline}
a:visited, span.MsoHyperlinkFollowed
        {color:purple;
        text-decoration:underline}
span.EmailStyle17
        {font-family:"Arial","sans-serif";
        color:windowtext}
.MsoChpDefault
        {font-family:"Calibri","sans-serif"}
@page WordSection1
        {margin:70.85pt 2.0cm 2.0cm 2.0cm}
div.WordSection1
        {}
-->
</style>
</head>
<body lang="IT" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif"">Try adding “rekey=yes” in the conn(s).</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""> </span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif"">Example:</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""> </span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif"">conn vps1</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""> authby=secret</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""> left=173.254.195.244</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""> leftsourceip=192.168.200.10</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""> leftsubnet=</span><span style="font-size:10.0pt; font-family:"Arial","sans-serif""><a href="http://192.168.200.10/32" target="_blank"><span lang="EN-US">192.168.200.10/32</span></a></span><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""> right=64.237.39.24</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""> rightsubnet=</span><span style="font-size:10.0pt; font-family:"Arial","sans-serif""><a href="http://192.168.100.10/32" target="_blank"><span lang="EN-US">192.168.100.10/32</span></a></span><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""> auto=start</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""> rekey=yes</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""> </span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Arial","sans-serif""> </span></p>
<p class="MsoNormal"><span style="font-size:10.0pt; font-family:"Arial","sans-serif""> </span></p>
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:11.0pt; font-family:"Calibri","sans-serif"">From:</span></b><span lang="EN-US" style="font-size:11.0pt; font-family:"Calibri","sans-serif""> users-bounces@lists.openswan.org [mailto:users-bounces@lists.openswan.org]
<b>On Behalf Of </b>Dave Ariens<br>
<b>Sent:</b> Thursday, June 27, 2013 4:26 PM<br>
<b>To:</b> users@lists.openswan.org<br>
<b>Subject:</b> [Openswan Users] Established Tunnel Not Passing Traffic</span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<div>
<div>
<div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Hey there guys (first time posting),</p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt">I have two servers (VPS) one on the US east coast, another on US west coast. They both have an IPsec tunnel to my Juniper SRX firewall (on my home network in Ontario, Canada). This tunnel is rock solid and
I never have any issues with it. <br>
<br>
I'm trying to configure an OpenSwan IPsec tunnel between the two VMs, and it's up and running, I can ping through the tunnel, but some time afterwards, traffic is unable to pass (tunnel remains established).</p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt">This is really just a plain vanilla OpenSwan to OpenSwan implementation, below are some config details, and some logs.</p>
</div>
<p class="MsoNormal">Can anyone help me identify why the tunnel stops passing traffic after some time < 15 minutes. I know the traffic stopped shortly after midnight this morning (see logs below)</p>
<div>
<p class="MsoNormal"> </p>
<div>
<p class="MsoNormal">[ariens@vps1 ~]$ pacman -Qs openswan</p>
</div>
<div>
<p class="MsoNormal">local/openswan 2.6.38-1</p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"> Open Source implementation of IPsec for the Linux operating system</p>
</div>
<p class="MsoNormal"> </p>
<div>
<p class="MsoNormal">VPS2:/etc/ipsec.conf</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">version 2.0</p>
</div>
<div>
<p class="MsoNormal">config setup</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal"> dumpdir=/var/run/pluto/</p>
</div>
<div>
<p class="MsoNormal"> nat_traversal=yes</p>
</div>
<div>
<p class="MsoNormal"> virtual_private=%v4:<a href="http://10.0.0.0/8,%25v4:%21192.168.200.0/24,%25v4:192.168.0.0/16,%25v4:172.16.0.0/12,%25v4:25.0.0.0/8,%25v6:fd00::/8,%25v6:fe80::/10" target="_blank">10.0.0.0/8,%v4:!192.168.200.0/24,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10</a></p>
</div>
<div>
<p class="MsoNormal"> oe=off</p>
</div>
<div>
<p class="MsoNormal"> protostack=netkey</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">conn <a href="http://home.ariens.ca" target="_blank">home.ariens.ca</a></p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal"> authby=secret</p>
</div>
<div>
<p class="MsoNormal"> left=173.254.195.244</p>
</div>
<div>
<p class="MsoNormal"> leftsourceip=192.168.200.10</p>
</div>
<div>
<p class="MsoNormal"> leftsubnet=0/0</p>
</div>
<div>
<p class="MsoNormal"> right=<a href="tel:216.58.86.104" target="_blank">216.58.86.104</a></p>
</div>
<div>
<p class="MsoNormal"> rightsubnet=<a href="http://10.0.0.0/8" target="_blank">10.0.0.0/8</a></p>
</div>
<div>
<p class="MsoNormal"> auto=start</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">conn vps1</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal"> authby=secret</p>
</div>
<div>
<p class="MsoNormal"> left=173.254.195.244</p>
</div>
<div>
<p class="MsoNormal"> leftsourceip=192.168.200.10</p>
</div>
<div>
<p class="MsoNormal"> leftsubnet=<a href="http://192.168.200.10/32" target="_blank">192.168.200.10/32</a></p>
</div>
<div>
<p class="MsoNormal"> right=64.237.39.24</p>
</div>
<div>
<p class="MsoNormal"> rightsubnet=<a href="http://192.168.100.10/32" target="_blank">192.168.100.10/32</a></p>
</div>
<div>
<p class="MsoNormal"> auto=start</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">VPS1:/etc/ipsec.conf</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<div>
<p class="MsoNormal">version 2.0 </p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">config setup</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal"> dumpdir=/var/run/pluto/</p>
</div>
<div>
<p class="MsoNormal"> nat_traversal=yes</p>
</div>
<div>
<p class="MsoNormal"> virtual_private=%v4:<a href="http://10.0.0.0/8,%25v4:%21192.168.100.0/24,%25v4:192.168.0.0/16,%25v4:172.16.0.0/12,%25v4:25.0.0.0/8,%25v6:fd00::/8,%25v6:fe80::/10" target="_blank">10.0.0.0/8,%v4:!192.168.100.0/24,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10</a></p>
</div>
<div>
<p class="MsoNormal"> oe=off</p>
</div>
<div>
<p class="MsoNormal"> protostack=netkey</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">conn <a href="http://home.ariens.ca" target="_blank">home.ariens.ca</a></p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal"> authby=secret</p>
</div>
<div>
<p class="MsoNormal"> left=64.237.39.24</p>
</div>
<div>
<p class="MsoNormal"> leftsourceip=192.168.100.10</p>
</div>
<div>
<p class="MsoNormal"> leftsubnet=0/0</p>
</div>
<div>
<p class="MsoNormal"> right=<a href="tel:216.58.86.104" target="_blank">216.58.86.104</a></p>
</div>
<div>
<p class="MsoNormal"> rightsubnet=<a href="http://10.0.0.0/8" target="_blank">10.0.0.0/8</a></p>
</div>
<div>
<p class="MsoNormal"> auto=start</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">conn vps2</p>
</div>
<div>
<p class="MsoNormal"> authby=secret</p>
</div>
<div>
<p class="MsoNormal"> left=64.237.39.24</p>
</div>
<div>
<p class="MsoNormal"> leftsourceip=192.168.100.10</p>
</div>
<div>
<p class="MsoNormal"> leftsubnet=<a href="http://192.168.100.10/32" target="_blank">192.168.100.10/32</a></p>
</div>
<div>
<p class="MsoNormal"> right=173.254.195.244</p>
</div>
<div>
<p class="MsoNormal"> rightsubnet=<a href="http://192.168.200.10/32" target="_blank">192.168.200.10/32</a></p>
</div>
<div>
<p class="MsoNormal"> auto=start</p>
</div>
</div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Logs from VPS1:<span style="font-size:10.0pt"></span></p>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [Openswan (this version) 2.6.38 ]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [Dead Peer Detection]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [RFC 3947] method set to=115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #17: responding to Main Mode</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #17: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #17: STATE_MAIN_R1: sent MR1, expecting MI2</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #17: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): no NAT detected</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #17: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #17: STATE_MAIN_R2: sent MR2, expecting MI3</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #17: Main mode peer ID is ID_IPV4_ADDR: '173.254.195.244'</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #17: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #17: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #16: received Vendor ID payload [Openswan (this version) 2.6.38 ]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #16: received Vendor ID payload [Dead Peer Detection]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #16: received Vendor ID payload [RFC 3947] method set to=115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #16: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #16: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #16: STATE_MAIN_I2: sent MI2, expecting MR2</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #16: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): no NAT detected</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #16: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #16: STATE_MAIN_I3: sent MI3, expecting MR3</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #16: received Vendor ID payload [CAN-IKEv2]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #16: Main mode peer ID is ID_IPV4_ADDR: '173.254.195.244'</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #16: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #16: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:09:01 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: Informational Exchange is for an unknown (expired?) SA with MSGID:0xf86c4eb8</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:09:19 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #13: received Delete SA payload: deleting ISAKMP State #13</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:09:19 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received and ignored informational message</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:48:54 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: initiating Main Mode to replace #16</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [Openswan (this version) 2.6.38 ]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [Dead Peer Detection]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [RFC 3947] method set to=115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #20: responding to Main Mode</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #20: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #20: STATE_MAIN_R1: sent MR1, expecting MI2</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #20: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): no NAT detected</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #20: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #20: STATE_MAIN_R2: sent MR2, expecting MI3</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #20: Main mode peer ID is ID_IPV4_ADDR: '173.254.195.244'</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #20: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #20: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: received Vendor ID payload [Openswan (this version) 2.6.38 ]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: received Vendor ID payload [Dead Peer Detection]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: received Vendor ID payload [RFC 3947] method set to=115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: STATE_MAIN_I2: sent MI2, expecting MR2</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): no NAT detected</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: STATE_MAIN_I3: sent MI3, expecting MR3</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: received Vendor ID payload [CAN-IKEv2]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: Main mode peer ID is ID_IPV4_ADDR: '173.254.195.244'</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: "vps2" #19: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 01:04:49 <a href="http://vps1.layerzero.ca" target="_blank">
vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">
173.254.195.244:500</a>: Informational Exchange is for an unknown (expired?) SA with MSGID:0x4a2e1ab1</span></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:10.0pt">Jun 27 01:05:27
<a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from
<a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: Informational Exchange is for an unknown (expired?) SA with MSGID:0x999b390f</span></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:10.0pt">Logs for VPS2:</span></p>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: initiating Main Mode to replace #11</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: received Vendor ID payload [Openswan (this version) 2.6.38 ]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: received Vendor ID payload [Dead Peer Detection]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: received Vendor ID payload [RFC 3947] method set to=115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: STATE_MAIN_I2: sent MI2, expecting MR2</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): no NAT detected</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: STATE_MAIN_I3: sent MI3, expecting MR3</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: received Vendor ID payload [CAN-IKEv2]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: Main mode peer ID is ID_IPV4_ADDR: '64.237.39.24'</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #13: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">
64.237.39.24:500</a>: received Vendor ID payload [Openswan (this version) 2.6.38 ]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">
64.237.39.24:500</a>: received Vendor ID payload [Dead Peer Detection]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">
64.237.39.24:500</a>: received Vendor ID payload [RFC 3947] method set to=115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">
64.237.39.24:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">
64.237.39.24:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">
64.237.39.24:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 115</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">
64.237.39.24:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #14: responding to Main Mode</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #14: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #14: STATE_MAIN_R1: sent MR1, expecting MI2</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #14: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): no NAT detected</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #14: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #14: STATE_MAIN_R2: sent MR2, expecting MI3</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #14: Main mode peer ID is ID_IPV4_ADDR: '64.237.39.24'</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #14: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: "vps1" #14: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Jun 27 00:09:34 <a href="http://vps2.layerzero.ca" target="_blank">
vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">
64.237.39.24:500</a>: Informational Exchange is for an unknown (expired?) SA with MSGID:0xb8f1bbda</span></p>
</div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span></p>
</div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal"><br clear="all">
</p>
<div>
<div>
<div>
<p class="MsoNormal"><br>
-- </p>
<div>
<p class="MsoNormal"><a href="http://www.ariens.ca" target="_blank">www.ariens.ca</a></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p style="margin-bottom:7.0pt; margin-top:0.0pt"><span lang="IT-IT" style="font-size:8.0pt; font-family:'Arial',sans-serif; color:#535353; font-style:italic"><br>
<br>
<br>
Informativa Privacy - Ai sensi del D. Lgs n. 196/2003 (Codice Privacy) precisiamo che le informazioni contenute in questo messaggio sono riservate e a uso esclusivo del destinatario. Ogni uso, copia o distribuzione non autorizzata è proibita e passibile di
sanzioni ai termini di legge. Reitek non è responsabile di eventuali copie o distribuzioni non autorizzate. Se questo messaggio è stato ricevuto per errore, preghiamo gentilmente di eliminarlo e di informare il mittente. Grazie.
</span></p>
<p style="margin-top:7.0pt"><span lang="IT-IT" style="font-size:8.0pt; font-family:'Arial',sans-serif; color:#535353; font-style:italic"></span></p>
</body>
</html>