[Openswan Users] Rekeying issue with Windows XP (SP2) & L2TP
Tarountaev Evgueni
tarountaev at aist.com
Tue Nov 2 23:04:59 CET 2004
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #3: initiating Quick Mode RSASIG+ENCRYPT+COMPRESS+TUNNEL
to replace #2 {using isakmp#1}
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: initiating Main Mode to replace #1
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #1: ignoring informational payload, type
INVALID_ID_INFORMATION
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #1: received and ignored informational message
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: ignoring Vendor ID payload [FRAGMENTATION]
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: enabling possible NAT-traversal with method RFC XXXX
(NAT-Traversal)
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: transition from state STATE_MAIN_I1 to state
STATE_MAIN_I2
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: NAT-Traversal: Only 0 NAT-D - Aborting NAT-Traversal
negociation
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: I am sending my cert
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: I am sending a certificate request
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: transition from state STATE_MAIN_I2 to state
STATE_MAIN_I3
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: Peer ID is ID_DER_ASN1_DN: 'C=DE, ST=Bayern,
L=Ampfing, O=AIST, OU=Development, CN=Eugene Tarountaev,
E=tarountaev at aist.com'
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: crl update for "C=DE, ST=Bayern, L=Ampfing, O=AIST,
OU=Network, CN=System Administrator, E=root at aist.com" is overdue since
Aug 14 10:15:21 UTC 2004
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: transition from state STATE_MAIN_I3 to state
STATE_MAIN_I4
Nov 2 18:14:45 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: ISAKMP SA established
Nov 2 18:14:46 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: discarding duplicate packet; already STATE_MAIN_I4
Nov 2 18:14:48 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: discarding duplicate packet; already STATE_MAIN_I4
Nov 2 18:14:52 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: discarding duplicate packet; already STATE_MAIN_I4
Nov 2 18:15:00 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: discarding duplicate packet; already STATE_MAIN_I4
Nov 2 18:15:16 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: discarding duplicate packet; already STATE_MAIN_I4
Nov 2 18:15:18 wasserfall l2tpd[2722]: check_control: control, cid = 0,
Ns = 4, Nr = 58
Nov 2 18:15:48 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #4: received Delete SA payload: deleting ISAKMP State #4
Nov 2 18:15:48 wasserfall pluto[25023]: packet from 80.128.144.207:500:
received and ignored informational message
Nov 2 18:15:55 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #3: max number of retransmissions (2) reached STATE_QUICK_I1
Nov 2 18:16:18 wasserfall l2tpd[2722]: check_control: control, cid = 0,
Ns = 4, Nr = 59
Nov 2 18:17:18 wasserfall l2tpd[2722]: check_control: control, cid = 0,
Ns = 4, Nr = 60
Nov 2 18:18:18 wasserfall l2tpd[2722]: check_control: control, cid = 0,
Ns = 4, Nr = 61
Nov 2 18:19:15 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207 #2: IPsec SA expired (LATEST!)
Nov 2 18:19:15 wasserfall pluto[25023]: "roadwarrior-l2tp"[2]
80.128.144.207: deleting connection "roadwarrior-l2tp" instance with
peer 80.128.144.207 {isakmp=#0/ipsec=#0}
Jacco de Leeuw wrote:
>
> Evgueni Tarountaev wrote:
>
>> I have NON-NATTED Windows XP Pro (SP2) client which have problems with
>> rekeying. Connection works fine except when rekeying happens it
>> disconnects.
>> This happens 60 minutes after the connection is established.
>
>
> What do the logs say when this happens?
>
>> Can somebody give me any advice, because I am completely lost...
>
>
> Perhaps fiddle with the rekeying settings?
>
> Jacco
More information about the Users
mailing list