<div dir="ltr"><div><div><div>Hey there guys (first time posting),<br><br></div>I have two servers (VPS) one on the US east coast, another on US west coast.  They both have an IPsec tunnel to my Juniper SRX firewall (on my home network in Ontario, Canada).  This tunnel is rock solid and I never have any issues with it. <br>
<br>I&#39;m trying to configure an OpenSwan IPsec tunnel between the two VMs, and it&#39;s up and running, I can ping through the tunnel, but some time afterwards, traffic is unable to pass (tunnel remains established).<br>
<br></div>This is really just a plain vanilla OpenSwan to OpenSwan implementation, below are some config details, and some logs.<br><br></div>Can anyone help me identify why the tunnel stops passing traffic after some time &lt; 15 minutes.  I know the traffic stopped shortly after midnight this morning (see logs below)<br>
<div><br><div>[ariens@vps1 ~]$ pacman -Qs openswan</div><div>local/openswan 2.6.38-1</div><div>    Open Source implementation of IPsec for the Linux operating system<br><br></div><br><div>VPS2:/etc/ipsec.conf</div><div>
<br></div><div>version 2.0<br></div><div>config setup</div><div>    </div><div>    dumpdir=/var/run/pluto/</div><div>    nat_traversal=yes</div><div>    virtual_private=%v4:<a href="http://10.0.0.0/8,%v4:%21192.168.200.0/24,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10" target="_blank">10.0.0.0/8,%v4:!192.168.200.0/24,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10</a></div>

<div>    oe=off</div><div>    protostack=netkey</div><div><br></div><div>conn <a href="http://home.ariens.ca" target="_blank">home.ariens.ca</a></div><div><br></div><div>    authby=secret</div><div>    left=173.254.195.244</div>

<div>    leftsourceip=192.168.200.10</div><div>    leftsubnet=0/0</div><div>    right=<a href="tel:216.58.86.104" value="+12165886104" target="_blank">216.58.86.104</a></div><div>    rightsubnet=<a href="http://10.0.0.0/8" target="_blank">10.0.0.0/8</a></div>
<div>    auto=start</div>
<div><br></div><div>conn vps1</div><div><br></div><div>    authby=secret</div><div>    left=173.254.195.244</div><div>    leftsourceip=192.168.200.10</div><div>    leftsubnet=<a href="http://192.168.200.10/32" target="_blank">192.168.200.10/32</a></div>
<div>    right=64.237.39.24</div><div>    rightsubnet=<a href="http://192.168.100.10/32" target="_blank">192.168.100.10/32</a></div><div>    auto=start</div><div><br></div><div>VPS1:/etc/ipsec.conf</div>
<div><br></div><div><div>version 2.0 </div><div><br></div><div>config setup</div><div><br></div><div>    dumpdir=/var/run/pluto/</div><div>    nat_traversal=yes</div><div>    virtual_private=%v4:<a href="http://10.0.0.0/8,%v4:%21192.168.100.0/24,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10" target="_blank">10.0.0.0/8,%v4:!192.168.100.0/24,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10</a></div>

<div>    oe=off</div><div>    protostack=netkey</div><div><br></div><div>conn <a href="http://home.ariens.ca" target="_blank">home.ariens.ca</a></div><div><br></div><div>    authby=secret</div><div>    left=64.237.39.24</div>

<div>    leftsourceip=192.168.100.10</div><div>    leftsubnet=0/0</div><div>    right=<a href="tel:216.58.86.104" value="+12165886104" target="_blank">216.58.86.104</a></div><div>    rightsubnet=<a href="http://10.0.0.0/8" target="_blank">10.0.0.0/8</a></div>
<div>    auto=start</div>
<div><br></div><div>conn vps2<br><br></div><div>    authby=secret</div><div>    left=64.237.39.24</div><div>    leftsourceip=192.168.100.10</div><div>    leftsubnet=<a href="http://192.168.100.10/32" target="_blank">192.168.100.10/32</a></div>
<div>    right=173.254.195.244</div><div>    rightsubnet=<a href="http://192.168.200.10/32" target="_blank">192.168.200.10/32</a></div><div>    auto=start</div></div><br></div><div>Logs from VPS1:<br><br><font size="-1"><div>
Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [Openswan (this version) 2.6.38 ]</div>

<div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [Dead Peer Detection]</div>
<div>
Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [RFC 3947] method set to=115</div>

<div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 115</div>

<div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115</div>

<div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 115</div>

<div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]</div>

<div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #17: responding to Main Mode</div><div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #17: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1</div>

<div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #17: STATE_MAIN_R1: sent MR1, expecting MI2</div><div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #17: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): no NAT detected</div>

<div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #17: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2</div><div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #17: STATE_MAIN_R2: sent MR2, expecting MI3</div>

<div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #17: Main mode peer ID is ID_IPV4_ADDR: &#39;173.254.195.244&#39;</div><div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #17: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3</div>

<div>Jun 27 00:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a>
 pluto[28819]: &quot;vps2&quot; #17: STATE_MAIN_R3: sent MR3, ISAKMP SA 
established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha 
group=modp2048}</div>
<div>Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #16: received Vendor ID payload [Openswan (this version) 2.6.38 ]</div><div>Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #16: received Vendor ID payload [Dead Peer Detection]</div>

<div>Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #16: received Vendor ID payload [RFC 3947] method set to=115</div><div>Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #16: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)</div>

<div>Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #16: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2</div><div>Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #16: STATE_MAIN_I2: sent MI2, expecting MR2</div>

<div>Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #16: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): no NAT detected</div><div>
Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #16: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3</div>
<div>Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #16: STATE_MAIN_I3: sent MI3, expecting MR3</div><div>Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #16: received Vendor ID payload [CAN-IKEv2]</div>

<div>Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #16: Main mode peer ID is ID_IPV4_ADDR: &#39;173.254.195.244&#39;</div><div>Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #16: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4</div>

<div>Jun 27 00:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a>
 pluto[28819]: &quot;vps2&quot; #16: STATE_MAIN_I4: ISAKMP SA established 
{auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}</div>
<div>Jun 27 00:09:01 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: Informational Exchange is for an unknown (expired?) SA with MSGID:0xf86c4eb8</div>

<div>Jun 27 00:09:19 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #13: received Delete SA payload: deleting ISAKMP State #13</div><div>Jun 27 00:09:19 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received and ignored informational message</div>

<div>Jun 27 00:48:54 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #19: initiating Main Mode to replace #16</div><div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [Openswan (this version) 2.6.38 ]</div>

<div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [Dead Peer Detection]</div>
<div>
Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [RFC 3947] method set to=115</div>

<div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 115</div>

<div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115</div>

<div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 115</div>

<div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]</div>

<div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #20: responding to Main Mode</div><div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #20: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1</div>

<div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #20: STATE_MAIN_R1: sent MR1, expecting MI2</div><div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #20: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): no NAT detected</div>

<div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #20: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2</div><div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #20: STATE_MAIN_R2: sent MR2, expecting MI3</div>

<div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #20: Main mode peer ID is ID_IPV4_ADDR: &#39;173.254.195.244&#39;</div><div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #20: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3</div>

<div>Jun 27 01:00:57 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a>
 pluto[28819]: &quot;vps2&quot; #20: STATE_MAIN_R3: sent MR3, ISAKMP SA 
established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha 
group=modp2048}</div>
<div>Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #19: received Vendor ID payload [Openswan (this version) 2.6.38 ]</div><div>Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #19: received Vendor ID payload [Dead Peer Detection]</div>

<div>Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #19: received Vendor ID payload [RFC 3947] method set to=115</div><div>Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #19: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)</div>

<div>Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #19: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2</div><div>Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #19: STATE_MAIN_I2: sent MI2, expecting MR2</div>

<div>Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #19: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): no NAT detected</div><div>
Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #19: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3</div>
<div>Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #19: STATE_MAIN_I3: sent MI3, expecting MR3</div><div>Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #19: received Vendor ID payload [CAN-IKEv2]</div>

<div>Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #19: Main mode peer ID is ID_IPV4_ADDR: &#39;173.254.195.244&#39;</div><div>Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: &quot;vps2&quot; #19: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4</div>

<div>Jun 27 01:01:24 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a>
 pluto[28819]: &quot;vps2&quot; #19: STATE_MAIN_I4: ISAKMP SA established 
{auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}</div>
<div>Jun 27 01:04:49 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: Informational Exchange is for an unknown (expired?) SA with MSGID:0x4a2e1ab1</div>

<div>Jun 27 01:05:27 <a href="http://vps1.layerzero.ca" target="_blank">vps1.layerzero.ca</a> pluto[28819]: packet from <a href="http://173.254.195.244:500" target="_blank">173.254.195.244:500</a>: Informational Exchange is for an unknown (expired?) SA with MSGID:0x999b390f<br>
<br></div><div>Logs for VPS2:<br><br><font size="-1"><div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #13: initiating Main Mode to replace #11</div>
<div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #13: received Vendor ID payload [Openswan (this version) 2.6.38 ]</div>
<div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #13: received Vendor ID payload [Dead Peer Detection]</div><div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #13: received Vendor ID payload [RFC 3947] method set to=115</div>

<div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #13: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)</div><div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #13: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2</div>

<div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #13: STATE_MAIN_I2: sent MI2, expecting MR2</div><div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #13: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): no NAT detected</div>

<div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #13: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3</div><div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #13: STATE_MAIN_I3: sent MI3, expecting MR3</div>

<div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #13: received Vendor ID payload [CAN-IKEv2]</div><div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #13: Main mode peer ID is ID_IPV4_ADDR: &#39;64.237.39.24&#39;</div>

<div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #13: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4</div><div>Jun 27 00:05:04 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a>
 pluto[29906]: &quot;vps1&quot; #13: STATE_MAIN_I4: ISAKMP SA established 
{auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}</div>
<div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">64.237.39.24:500</a>: received Vendor ID payload [Openswan (this version) 2.6.38 ]</div>

<div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">64.237.39.24:500</a>: received Vendor ID payload [Dead Peer Detection]</div>
<div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">64.237.39.24:500</a>: received Vendor ID payload [RFC 3947] method set to=115</div>

<div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">64.237.39.24:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 115</div>

<div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">64.237.39.24:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115</div>

<div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">64.237.39.24:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 115</div>

<div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">64.237.39.24:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]</div>

<div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #14: responding to Main Mode</div><div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #14: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1</div>

<div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #14: STATE_MAIN_R1: sent MR1, expecting MI2</div><div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #14: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): no NAT detected</div>

<div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #14: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2</div><div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #14: STATE_MAIN_R2: sent MR2, expecting MI3</div>

<div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #14: Main mode peer ID is ID_IPV4_ADDR: &#39;64.237.39.24&#39;</div><div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: &quot;vps1&quot; #14: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3</div>

<div>Jun 27 00:05:42 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a>
 pluto[29906]: &quot;vps1&quot; #14: STATE_MAIN_R3: sent MR3, ISAKMP SA 
established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha 
group=modp2048}</div>
<div>Jun 27 00:09:34 <a href="http://vps2.layerzero.ca" target="_blank">vps2.layerzero.ca</a> pluto[29906]: packet from <a href="http://64.237.39.24:500" target="_blank">64.237.39.24:500</a>: Informational Exchange is for an unknown (expired?) SA with MSGID:0xb8f1bbda</div>
</font><br></div></font><br></div><div><br clear="all"><div><div><div><br>-- <br><div><a href="http://www.ariens.ca" target="_blank">www.ariens.ca</a></div>
</div></div></div></div></div>