[Openswan Users] It just stopped

Gareth Slaven gareth.s at envent.co.uk
Wed Nov 24 02:06:28 CET 2004


Hi there ...

 

Yesterday my openswan connection just stopped working and I get this in my
logs : 

 

02:04:16 ipsec__plutorun: Starting Pluto subsystem... 

02:04:16 pluto[706]: Starting Pluto (Openswan Version 1.0.6) 

02:04:16 pluto[706]: including X.509 patch with traffic selectors (Version
0.9.41) 

02:04:16 pluto[706]: including NAT-Traversal patch (Version 0.6) 

02:04:16 pluto[706]: ike_alg_register_enc(): Activating OAKLEY_DES_CBC: Ok
(ret=0) 

02:04:16 pluto[706]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok
(ret=0) 

02:04:16 pluto[706]: ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC:
Ok (ret=0) 

02:04:16 pluto[706]: ike_alg_register_enc(): Activating OAKLEY_CAST_CBC: Ok
(ret=0) 

02:04:16 pluto[706]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC:
Ok (ret=0) 

02:04:16 pluto[706]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok
(ret=0) 

02:04:16 pluto[706]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok
(ret=0) 

02:04:16 pluto[706]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC:
Ok (ret=0) 

02:04:16 pluto[706]: ike_alg_register_enc(): Activating
OAKLEY_SSH_PRIVATE_65289: Ok (ret=0) 

02:04:16 pluto[706]: Changing to directory '/etc/ipsec.d/cacerts' 

02:04:16 pluto[706]: Warning: empty directory 

02:04:16 pluto[706]: Changing to directory '/etc/ipsec.d/crls' 

02:04:16 pluto[706]: Warning: empty directory 

02:04:16 pluto[706]: OpenPGP certificate file '/etc/pgpcert.pgp' not found 

02:04:17 pluto[706]: | from whack: got --esp=aes,3des 

02:04:17 pluto[706]: | from whack: got --ike=aes,3des 

02:04:17 pluto[706]: added connection description "TESTLABTRINITY" 

02:04:17 pluto[706]: listening for IKE messages 

02:04:17 pluto[706]: NAT-Traversal: ESPINUDP(1) not supported by kernel --
NAT-T disabled 

02:04:17 pluto[706]: adding interface ipsec0/eth1 196.35.70.90 

02:04:17 pluto[706]: loading secrets from "/etc/ipsec.secrets" 

02:04:17 pluto[706]: "TESTLABTRINITY" #1: initiating Main Mode 

02:04:17 pluto[706]: "TESTLABTRINITY" #1: transition from state
STATE_MAIN_I1 to state STATE_MAIN_I2 

02:04:17 pluto[706]: "TESTLABTRINITY" #1: transition from state
STATE_MAIN_I2 to state STATE_MAIN_I3 

02:04:17 pluto[706]: "TESTLABTRINITY" #1: Main mode peer ID is ID_FQDN:
'@roughwall.redirectme.net' 

02:04:17 pluto[706]: "TESTLABTRINITY" #1: transition from state
STATE_MAIN_I3 to state STATE_MAIN_I4 

02:04:17 pluto[706]: "TESTLABTRINITY" #1: ISAKMP SA established 

02:04:17 pluto[706]: "TESTLABTRINITY" #2: initiating Quick Mode
PSK+ENCRYPT+COMPRESS+TUNNEL+PFS+DISABLEARRIVALCHECK 

02:04:18 pluto[706]: "TESTLABTRINITY" #1: ignoring informational payload,
type INVALID_ID_INFORMATION 

02:04:18 pluto[706]: "TESTLABTRINITY" #1: received and ignored informational
message 

02:04:27 pluto[706]: "TESTLABTRINITY" #1: ignoring informational payload,
type INVALID_MESSAGE_ID 

02:04:27 pluto[706]: "TESTLABTRINITY" #1: received and ignored informational
message 

02:04:42 pluto[706]: "TESTLABTRINITY" #1: cannot respond to IPsec SA request
because no connection is known for
192.168.76.0/24===196.35.70.90...196.23.18.240[@roughwall.redirectme.net]===
192.168.1.0/24 

02:04:42 pluto[706]: "TESTLABTRINITY" #1: sending encrypted notification
INVALID_ID_INFORMATION to 196.23.18.240:500 

02:04:47 pluto[706]: "TESTLABTRINITY" #1: ignoring informational payload,
type INVALID_MESSAGE_ID 

02:04:47 pluto[706]: "TESTLABTRINITY" #1: received and ignored informational
message

 

I am totally lost any ideas? I didn't change anything and it's just dead :-)

 

 

Regards 

Gareth Slaven ( <mailto:gareth.s at envent.co.uk> gareth.s at envent.co.uk)
Managing Director (SA & UK)
ENVENT  |  Digital Innovation
Tel: +44 (0)79 639-55730
Website: http://www.envent.co.uk <http://www.envent.co.uk> 
__________________________________________

__________________________________________
:: Ensight 3.0 ::
The complete, integrated web and e-marketing solution
-> Create: Build your website
-> Publish: Take control of your content
-> Profile: Track your audience's every move
-> Personalize: Segment your audience
-> Communicate: Send out rich, personalized messages
-> Automate: Let it run!

__________________________________________

This is a confidential message for the named person's use only. It may
contain confidential, proprietary or legally privileged information. If you
receive this message in error please notify the sender and immediately
delete the message. You must not, directly or indirectly, use, disclose,
distribute, print or copy any part of this message if you are not the
intended recipient. All views expressed in this message are those of the
individual sender and do not necessarily reflect those of ENVENT Holdings
(Pty) Ltd. 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20041124/7a12d0cb/attachment-0001.htm


More information about the Users mailing list