[Openswan Users] Lack of communication after a few time...

stefano.pazzaglia at fastwebnet.it stefano.pazzaglia at fastwebnet.it
Thu Aug 4 16:03:50 CEST 2005 

Hi everybody,
this is my first post in this ML; first of all I apologize for my  not very
bright english. I've set up a VPN Server with Openswan 2.3.1 with NAT-T patch
and (almost) everything works. Connection starts and I can work in VPN but
after some hours (very often between 296,297 minutes) after connection has
started communication falls and these are the message I see...

Jul  6 16:36:21 Orione pluto[32645]: packet from xxx.xxx.xxx.82:500: ignoring
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Jul  6 16:36:21 Orione pluto[32645]: packet from xxx.xxx.xxx.82:500: ignoring
Vendor ID payload [FRAGMENTATION]
Jul  6 16:36:21 Orione pluto[32645]: packet from xxx.xxx.xxx.82:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
Jul  6 16:36:21 Orione pluto[32645]: packet from xxx.xxx.xxx.82:500: ignoring
Vendor ID payload [Vid-Initial-Contact]
Jul  6 16:36:21 Orione pluto[32645]: "roadwarrior-l2tp"[1] xxx.xxx.xxx.82
#1: responding to Main Mode from unknown peer xxx.xxx.xxx.82
Jul  6 16:36:22 Orione pluto[32645]: "roadwarrior-l2tp"[1] xxx.xxx.xxx.82
#1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jul  6 16:36:22 Orione pluto[32645]: "roadwarrior-l2tp"[1] xxx.xxx.xxx.82
#1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are
NATed
Jul  6 16:36:22 Orione pluto[32645]: "roadwarrior-l2tp"[1] xxx.xxx.xxx.82
#1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jul  6 16:36:22 Orione pluto[32645]: "roadwarrior-l2tp"[1] xxx.xxx.xxx.82
#1: Main mode peer ID is ID_FQDN: '@org28.icdoc.local'
Jul  6 16:36:22 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: deleting connection "roadwarrior-l2tp" instance with peer xxx.xxx.xxx.82
{isakmp=#0/ipsec=#0}
Jul  6 16:36:22 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: I did not send a certificate because I do not have one.
Jul  6 16:36:22 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jul  6 16:36:22 Orione pluto[32645]: | NAT-T: new mapping xxx.xxx.xxx.82:500/4500)
Jul  6 16:36:22 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: sent MR3, ISAKMP SA established
Jul  6 16:36:22 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: cannot respond to IPsec SA request because no connection is known for
xxx.xxx.xxx.85/32===xxx.xxx.xxx.91:17/1701...xxx.xxx.xxx.82[@org28.icdoc.local]:17/1701
Jul  6 16:36:22 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: sending encrypted notification INVALID_ID_INFORMATION to xxx.xxx.xxx.82:4500
Jul  6 16:36:22 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: failed to build notification for spisize=0
Jul  6 16:36:23 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: Quick Mode I1 message is unacceptable because it uses a previously used
Message ID 0xc82704fc (perhaps this is a duplicated packet)
Jul  6 16:36:23 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: sending encrypted notification INVALID_MESSAGE_ID to xxx.xxx.xxx.82:4500
Jul  6 16:36:23 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: failed to build notification for spisize=0
Jul  6 16:36:25 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: Quick Mode I1 message is unacceptable because it uses a previously used
Message ID 0xc82704fc (perhaps this is a duplicated packet)
Jul  6 16:36:25 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: sending encrypted notification INVALID_MESSAGE_ID to xxx.xxx.xxx.82:4500
Jul  6 16:36:25 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: failed to build notification for spisize=0
Jul  6 16:36:29 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: Quick Mode I1 message is unacceptable because it uses a previously used
Message ID 0xc82704fc (perhaps this is a duplicated packet)
Jul  6 16:36:29 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: sending encrypted notification INVALID_MESSAGE_ID to xxx.xxx.xxx.82:4500
Jul  6 16:36:29 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: failed to build notification for spisize=0
Jul  6 16:36:37 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: Quick Mode I1 message is unacceptable because it uses a previously used
Message ID 0xc82704fc (perhaps this is a duplicated packet)
Jul  6 16:36:37 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: sending encrypted notification INVALID_MESSAGE_ID to xxx.xxx.xxx.82:4500
Jul  6 16:36:37 Orione pluto[32645]: "roadwarrior-l2tp"[2] xxx.xxx.xxx.82
#1: failed to build notification for spisize=0 

What am I doing wrong?
Thanks 
Stefano

More information about the Users mailing list