[Openswan Users] stopped at stage STATE_MAIN_R2

Harri Koppel harri at altien.com
Thu Aug 18 19:51:11 CEST 2005 

Roadwarriors are suddenly not able to connect to vpn connection.
Pluto goes to stage STATE_MAIN_R2 and stops there
 
 
Aug 18 18:49:30 host-83-146-9-106 pluto[3535]: "office-tinternet"[1]
220.224.54.244 #1: transition from state STATE_MAIN_R1 to state
STATE_MAIN_R2
Aug 18 18:49:30 host-83-146-9-106 pluto[3535]: "office-tinternet"[1]
220.224.54.244 #1: STATE_MAIN_R2: sent MR2, expecting MI3
Aug 18 18:49:31 host-83-146-9-106 pluto[3535]: "office-tinternet"[1]
220.224.54.244 #1: discarding duplicate packet; already STATE_MAIN_R2
Aug 18 18:50:35 host-83-146-9-106 pluto[3535]: "office-tinternet"[1]
220.224.54.244 #1: next payload type of ISAKMP Hash Payload has an
unknown value: 96
Aug 18 18:50:35 host-83-146-9-106 pluto[3535]: "office-tinternet"[1]
220.224.54.244 #1: malformed payload in packet
Aug 18 18:50:35 host-83-146-9-106 pluto[3535]: "office-tinternet"[1]
220.224.54.244 #1: sending notification PAYLOAD_MALFORMED to
220.224.54.244:500
Aug 18 18:50:40 host-83-146-9-106 pluto[3535]: "office-tinternet"[1]
220.224.54.244 #1: max number of retransmissions (2) reached
STATE_MAIN_R2
Aug 18 18:50:40 host-83-146-9-106 pluto[3535]: "office-tinternet"[1]
220.224.54.244 #2: max number of retransmissions (2) reached
STATE_MAIN_R1
Aug 18 18:50:40 host-83-146-9-106 pluto[3535]: "office-tinternet"[1]
220.224.54.244: deleting connection "office-tinternet" instance with
peer 220.224.54.244 {isakmp=#0/ipsec=#0}

 
# basic configuration
config setup
        # Debug-logging controls:  "none" for (almost) none, "all" for
lots.
        #klipsdebug=none
        #plutodebug="parsing"
        interfaces="ipsec0=eth3"
        nat_traversal=yes
        #virtual_private=%v4:14.0.0.0/16

conn %default
        keyingtries=4
        pfs=no
        disablearrivalcheck=no
 
conn office-tinternet
        authby=rsasig
        leftrsasigkey=%cert
        rightrsasigkey=%cert
        left=<server-ip>
        leftnexthop=<server-gw-ip>
        right=%any
        #rightsubnet=vhost:%no,%priv,%all
        leftcert=vpn.pem
        type=tunnel
        rightprotoport=17/1701
        leftprotoport=17/1701
        auto=add

 
 

Harri Koppel

Altien Ltd.

 

Mobile: +44 (0) 79 10878157

E-mail:  hkoppel at altien.com <mailto:hkoppel at altien.com> 

Web:    www.altien.com <http://www.altien.com/> 

 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20050818/a68998b7/attachment.htm

More information about the Users mailing list