[Openswan Users] It just stopped
Gareth Slaven
gareth.s at envent.co.uk
Wed Nov 24 02:09:37 CET 2004
Hi there ...
Yesterday my openswan connection just stopped working and I get this in my
logs :
02:04:16 ipsec__plutorun: Starting Pluto subsystem...
02:04:16 pluto[706]: Starting Pluto (Openswan Version 1.0.6)
02:04:16 pluto[706]: including X.509 patch with traffic selectors (Version
0.9.41)
02:04:16 pluto[706]: including NAT-Traversal patch (Version 0.6)
02:04:16 pluto[706]: ike_alg_register_enc(): Activating OAKLEY_DES_CBC: Ok
(ret=0)
02:04:16 pluto[706]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok
(ret=0)
02:04:16 pluto[706]: ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC:
Ok (ret=0)
02:04:16 pluto[706]: ike_alg_register_enc(): Activating OAKLEY_CAST_CBC: Ok
(ret=0)
02:04:16 pluto[706]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC:
Ok (ret=0)
02:04:16 pluto[706]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok
(ret=0)
02:04:16 pluto[706]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok
(ret=0)
02:04:16 pluto[706]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC:
Ok (ret=0)
02:04:16 pluto[706]: ike_alg_register_enc(): Activating
OAKLEY_SSH_PRIVATE_65289: Ok (ret=0)
02:04:16 pluto[706]: Changing to directory '/etc/ipsec.d/cacerts'
02:04:16 pluto[706]: Warning: empty directory
02:04:16 pluto[706]: Changing to directory '/etc/ipsec.d/crls'
02:04:16 pluto[706]: Warning: empty directory
02:04:16 pluto[706]: OpenPGP certificate file '/etc/pgpcert.pgp' not found
02:04:17 pluto[706]: | from whack: got --esp=aes,3des
02:04:17 pluto[706]: | from whack: got --ike=aes,3des
02:04:17 pluto[706]: added connection description "TESTLABTRINITY"
02:04:17 pluto[706]: listening for IKE messages
02:04:17 pluto[706]: NAT-Traversal: ESPINUDP(1) not supported by kernel --
NAT-T disabled
02:04:17 pluto[706]: adding interface ipsec0/eth1 196.35.70.90
02:04:17 pluto[706]: loading secrets from "/etc/ipsec.secrets"
02:04:17 pluto[706]: "TESTLABTRINITY" #1: initiating Main Mode
02:04:17 pluto[706]: "TESTLABTRINITY" #1: transition from state
STATE_MAIN_I1 to state STATE_MAIN_I2
02:04:17 pluto[706]: "TESTLABTRINITY" #1: transition from state
STATE_MAIN_I2 to state STATE_MAIN_I3
02:04:17 pluto[706]: "TESTLABTRINITY" #1: Main mode peer ID is ID_FQDN:
'@roughwall.redirectme.net'
02:04:17 pluto[706]: "TESTLABTRINITY" #1: transition from state
STATE_MAIN_I3 to state STATE_MAIN_I4
02:04:17 pluto[706]: "TESTLABTRINITY" #1: ISAKMP SA established
02:04:17 pluto[706]: "TESTLABTRINITY" #2: initiating Quick Mode
PSK+ENCRYPT+COMPRESS+TUNNEL+PFS+DISABLEARRIVALCHECK
02:04:18 pluto[706]: "TESTLABTRINITY" #1: ignoring informational payload,
type INVALID_ID_INFORMATION
02:04:18 pluto[706]: "TESTLABTRINITY" #1: received and ignored informational
message
02:04:27 pluto[706]: "TESTLABTRINITY" #1: ignoring informational payload,
type INVALID_MESSAGE_ID
02:04:27 pluto[706]: "TESTLABTRINITY" #1: received and ignored informational
message
02:04:42 pluto[706]: "TESTLABTRINITY" #1: cannot respond to IPsec SA request
because no connection is known for
192.168.76.0/24===196.35.70.90...196.23.18.240[@roughwall.redirectme.net]===
192.168.1.0/24
02:04:42 pluto[706]: "TESTLABTRINITY" #1: sending encrypted notification
INVALID_ID_INFORMATION to 196.23.18.240:500
02:04:47 pluto[706]: "TESTLABTRINITY" #1: ignoring informational payload,
type INVALID_MESSAGE_ID
02:04:47 pluto[706]: "TESTLABTRINITY" #1: received and ignored informational
message
I am totally lost any ideas? I didn't change anything and it's just dead :-)
Regards
Gareth Slaven ( <mailto:gareth.s at envent.co.uk> gareth.s at envent.co.uk)
Managing Director (SA & UK)
ENVENT | Digital Innovation
Tel: +44 (0)79 639-55730
Website: http://www.envent.co.uk <http://www.envent.co.uk>
__________________________________________
__________________________________________
:: Ensight 3.0 ::
The complete, integrated web and e-marketing solution
-> Create: Build your website
-> Publish: Take control of your content
-> Profile: Track your audience's every move
-> Personalize: Segment your audience
-> Communicate: Send out rich, personalized messages
-> Automate: Let it run!
__________________________________________
This is a confidential message for the named person's use only. It may
contain confidential, proprietary or legally privileged information. If you
receive this message in error please notify the sender and immediately
delete the message. You must not, directly or indirectly, use, disclose,
distribute, print or copy any part of this message if you are not the
intended recipient. All views expressed in this message are those of the
individual sender and do not necessarily reflect those of ENVENT Holdings
(Pty) Ltd.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20041124/a0c4991f/attachment-0001.htm
More information about the Users
mailing list