[Openswan Users] Stops after "ISAKMP SA established"

Antony Gelberg antony at wayforth.co.uk
Wed Dec 14 17:09:22 CET 2005 

Hi all,

We have an openswan gateway with two XP roadwarriors.  One connects
fine.  The other is problematic.  It's a new box, and it doesn't get as
far as "responding to Quick Mode", rather stops after "ISAKMP SA
established" - see below.  No other differences in the logs.

I have checked all the settings I can think of.  Turned on PMTUD.  Tried
http://support.microsoft.com/default.aspx?kbid=885407.

What could cause this behaviour?

Dec 14 16:31:02 hotbox pluto[24195]: packet from 82.69.161.254:500:
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Dec 14 16:31:02 hotbox pluto[24195]: packet from 82.69.161.254:500:
ignoring Vendor ID payload [FRAGMENTATION]
Dec 14 16:31:02 hotbox pluto[24195]: packet from 82.69.161.254:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106,
but already using method 0
Dec 14 16:31:02 hotbox pluto[24195]: packet from 82.69.161.254:500:
ignoring Vendor ID payload [26244d38eddb61b3172a36e3d0cfb819]
Dec 14 16:31:02 hotbox pluto[24195]: "roadwarrior"[5] 82.69.161.254 #3:
responding to Main Mode from unknown peer 82.69.161.254
Dec 14 16:31:02 hotbox pluto[24195]: "roadwarrior"[5] 82.69.161.254 #3:
transition from state (null) to state STATE_MAIN_R1
Dec 14 16:31:02 hotbox pluto[24195]: "roadwarrior"[5] 82.69.161.254 #3:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Dec 14 16:31:02 hotbox pluto[24195]: "roadwarrior"[5] 82.69.161.254 #3:
Peer ID is ID_DER_ASN1_DN: 'C=GB, ST=Surrey, O=Nederkoorn (UK) Ltd,
CN=tpr50e'
Dec 14 16:31:02 hotbox pluto[24195]: "roadwarrior"[5] 82.69.161.254 #3:
crl update for "C=GB, ST=Surrey, L=Egham, O=Nederkoorn (UK) Ltd,
CN=RootCA" is overdue since Mar 04 12:16:46 UTC 2005
Dec 14 16:31:02 hotbox pluto[24195]: "roadwarrior"[6] 82.69.161.254 #3:
deleting connection "roadwarrior" instance with peer 82.69.161.254
{isakmp=#0/ipsec=#0}
Dec 14 16:31:02 hotbox pluto[24195]: "roadwarrior"[6] 82.69.161.254 #3:
I am sending my cert
Dec 14 16:31:02 hotbox pluto[24195]: "roadwarrior"[6] 82.69.161.254 #3:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Dec 14 16:31:02 hotbox pluto[24195]: "roadwarrior"[6] 82.69.161.254 #3:
sent MR3, ISAKMP SA established

More information about the Users mailing list