[Openswan Users] PSK roadwarrior problems
Marc Spiegelman
marc at itu.net
Sat Aug 14 17:11:38 CEST 2004
I'm setting up a PSK roadwarrior config using SoftRemote 10 and Openswan 2.1.4 as a preliminary step toward X-Auth. The Safenet Client indicates the VPN is up but traffic doesn't seem to pass. After closer inspection, I noticed "ipec look" doesn't show any established sa's and my auth.log shows ...
Nov 11 00:13:39 debian pluto[2748]: packet from 192.168.10.4:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Nov 11 00:13:39 debian pluto[2748]: packet from 192.168.10.4:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 0
Nov 11 00:13:39 debian pluto[2748]: "road-warrior" #13: responding to Main Mode
Nov 11 00:13:39 debian pluto[2748]: "road-warrior" #13: transition from state (null) to state STATE_MAIN_R1
Nov 11 00:13:39 debian pluto[2748]: "road-warrior" #13: ignoring Vendor ID payload [47bbe7c993f1fc13...]
Nov 11 00:13:39 debian pluto[2748]: "road-warrior" #13: ignoring Vendor ID payload [da8e937880010000]
Nov 11 00:13:39 debian pluto[2748]: "road-warrior" #13: ignoring Vendor ID payload [Dead Peer Detection]
Nov 11 00:13:39 debian pluto[2748]: "road-warrior" #13: received Vendor ID payload [XAUTH]
Nov 11 00:13:39 debian pluto[2748]: "road-warrior" #13: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Nov 11 00:13:40 debian pluto[2748]: "road-warrior" #13: ignoring informational payload, type IPSEC_REPLAY_STATUS
Nov 11 00:13:40 debian pluto[2748]: "road-warrior" #13: ignoring informational payload, type IPSEC_INITIAL_CONTACT
Nov 11 00:13:40 debian pluto[2748]: "road-warrior" #13: Peer ID is ID_IPV4_ADDR: '192.168.10.4'
Nov 11 00:13:40 debian pluto[2748]: "road-warrior" #13: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Nov 11 00:13:40 debian pluto[2748]: "road-warrior" #13: sent MR3, ISAKMP SA established
Nov 11 00:13:40 debian pluto[2748]: "road-warrior" #14: responding to Quick Mode
Nov 11 00:13:40 debian pluto[2748]: "road-warrior" #14: transition from state (null) to state STATE_QUICK_R1
Nov 11 00:13:40 debian pluto[2748]: "road-warrior" #14: up-client output: Generic IP Firewall Chains not in this kernel
Nov 11 00:13:40 debian pluto[2748]: "road-warrior" #14: up-client command exited with status 1
Nov 11 00:13:50 debian pluto[2748]: "road-warrior" #14: up-client output: Generic IP Firewall Chains not in this kernel
Nov 11 00:13:50 debian pluto[2748]: "road-warrior" #14: up-client command exited with status 1
Nov 11 00:13:50 debian pluto[2748]: ERROR: "road-warrior" #14: pfkey write() of SADB_DELETE message 178 for Delete SA esp.b22682d5 at 192.168.10.16 failed. Errno 3: No such process
Nov 11 00:13:50 debian pluto[2748]: | 02 04 00 03 0b 00 00 00 b2 00 00 00 bc 0a 00 00
Nov 11 00:13:50 debian pluto[2748]: | 03 00 01 00 b2 26 82 d5 00 01 00 00 00 00 00 00
Nov 11 00:13:50 debian pluto[2748]: | ff ff ff ff 00 00 00 00 03 00 05 00 00 00 00 00
Nov 11 00:13:50 debian pluto[2748]: | 02 00 00 00 c0 a8 0a 04 00 00 00 00 00 00 00 00
Nov 11 00:13:50 debian pluto[2748]: | 03 00 06 00 00 00 00 00 02 00 00 00 c0 a8 0a 10
Nov 11 00:13:50 debian pluto[2748]: | 00 00 00 00 00 00 00 00
Nov 11 00:14:10 debian pluto[2748]: "road-warrior" #14: up-client output: Generic IP Firewall Chains not in this kernel
Nov 11 00:14:10 debian pluto[2748]: "road-warrior" #14: up-client command exited with status 1
Nov 11 00:14:10 debian pluto[2748]: ERROR: "road-warrior" #14: pfkey write() of SADB_DELETE message 185 for Delete SA esp.b22682d5 at 192.168.10.16 failed. Errno 3: No such process
Nov 11 00:14:10 debian pluto[2748]: | 02 04 00 03 0b 00 00 00 b9 00 00 00 bc 0a 00 00
Nov 11 00:14:10 debian pluto[2748]: | 03 00 01 00 b2 26 82 d5 00 01 00 00 00 00 00 00
Nov 11 00:14:10 debian pluto[2748]: | ff ff ff ff 00 00 00 00 03 00 05 00 00 00 00 00
Nov 11 00:14:10 debian pluto[2748]: | 02 00 00 00 c0 a8 0a 04 00 00 00 00 00 00 00 00
Nov 11 00:14:10 debian pluto[2748]: | 03 00 06 00 00 00 00 00 02 00 00 00 c0 a8 0a 10
Nov 11 00:14:10 debian pluto[2748]: | 00 00 00 00 00 00 00 00
Nov 11 00:14:50 debian pluto[2748]: "road-warrior" #14: max number of retransmissions (2) reached STATE_QUICK_R1
Nov 11 00:14:50 debian pluto[2748]: ERROR: "road-warrior" #14: pfkey write() of SADB_DELETE message 186 for Delete SA esp.b22682d5 at 192.168.10.16 failed. Errno 3: No such process
Nov 11 00:14:50 debian pluto[2748]: | 02 04 00 03 0b 00 00 00 ba 00 00 00 bc 0a 00 00
Nov 11 00:14:50 debian pluto[2748]: | 03 00 01 00 b2 26 82 d5 00 01 00 00 00 00 00 00
Nov 11 00:14:50 debian pluto[2748]: | ff ff ff ff 00 00 00 00 03 00 05 00 00 00 00 00
Nov 11 00:14:50 debian pluto[2748]: | 02 00 00 00 c0 a8 0a 04 00 00 00 00 00 00 00 00
Nov 11 00:14:50 debian pluto[2748]: | 03 00 06 00 00 00 00 00 02 00 00 00 c0 a8 0a 10
Nov 11 00:14:50 debian pluto[2748]: | 00 00 00 00 00 00 00 00
Nov 11 00:28:08 debian pluto[2748]: "road-warrior" #13: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x054382e5) not found (maybe expired)
Nov 11 00:28:08 debian pluto[2748]: "road-warrior" #13: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xb22682d5) not found (maybe expired)
Nov 11 00:28:08 debian pluto[2748]: "road-warrior" #13: received Delete SA payload: deleting ISAKMP State #13
Anyone have any suggestions?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20040814/e471bb9a/attachment.htm
More information about the Users
mailing list