[Openswan Users] Network error on port 4500

sasa sasa at shoponweb.it
Thu Dec 15 17:59:35 CET 2005 

"Paul Wouters" wrote:
> The other end is hanging up. It will log it somewhere (eg OAKLOEY.LOG for
> windows)

..unfortunately the OAKLOEY.LOG now isn't available, but pheraps this is can 
be util:

Dec 15 13:17:18 fw pluto[2384]: "left-road"[4] 1.2.3.4 #3: received Delete 
SA(0x6b9e2b00) payload: deleting IPSEC State #4
Dec 15 13:17:18 fw pluto[2384]: "left-road"[4] 1.2.3.4 #3: received and 
ignored informational message
Dec 15 13:20:49 fw pluto[2384]: ERROR: asynchronous network error report on 
eth0 (sport=4500) for message to 1.2.3.4 port 4500, complainant 5.6.7.8: No 
route to host [errno 113, origin ICMP type 11 code 1 (not authenticated)]
Dec 15 13:29:03 fw last message repeated 4 times
Dec 15 13:30:19 fw last message repeated 7 times
Dec 15 13:33:23 fw last message repeated 5 times
Dec 15 13:34:32 fw last message repeated 8 times
Dec 15 13:34:43 fw pluto[2384]: ERROR: asynchronous network error report on 
eth0 (sport=4500) for message to 1.2.3.4 port 4500, complainant 5.6.7.8: No 
route to host [errno 113, origin ICMP type 11 code 1 (not authenticated)]
Dec 15 13:39:17 fw pluto[2384]: ERROR: asynchronous network error report on 
eth0 (sport=4500) for message to 1.2.31.41 port 4500, complainant 5.6.7.8: 
No route to host [errno 113, origin ICMP type 11 code 1 (not authenticated)]
Dec 15 13:39:23 fw last message repeated 5 times
Dec 15 13:42:04 fw pluto[2384]: ERROR: asynchronous network error report on 
eth0 (sport=4500) for message to 1.2.3.4 port 4500, complainant 5.6.7.8: No 
route to host [errno 113, origin ICMP type 11 code 1 (not authenticated)]
Dec 15 13:42:14 fw last message repeated 3 times
Dec 15 13:42:21 fw sshd[2405]: Received signal 15; terminating.
Dec 15 13:42:23 fw pluto[2384]: shutting down
Dec 15 13:42:23 fw pluto[2384]: forgetting secrets
Dec 15 13:42:23 fw pluto[2384]: "left-road"[10] 1.2.31.41: deleting 
connection "left-road" instance with peer 1.2.31.41 {isakmp=#9/ipsec=#10}
Dec 15 13:42:23 fw pluto[2384]: "left-road" #10: deleting state 
(STATE_QUICK_R2)
Dec 15 13:42:23 fw pluto[2384]: "left-road" #9: deleting state 
(STATE_MAIN_R3)
Dec 15 13:42:23 fw pluto[2384]: "left-road"[4] 1.2.3.4: deleting connection 
"left-road" instance with peer 1.2.3.4 {isakmp=#3/ipsec=#11}
Dec 15 13:42:23 fw pluto[2384]: "left-road" #11: deleting state 
(STATE_QUICK_R2)
Dec 15 13:42:23 fw pluto[2384]: "left-road" #3: deleting state 
(STATE_MAIN_R3)
Dec 15 13:42:23 fw pluto[2384]: "left-road": deleting connection
Dec 15 13:42:23 fw pluto[2384]: shutting down interface ipsec0/eth0 
5.6.7.8:4500
Dec 15 13:42:23 fw pluto[2384]: shutting down interface ipsec0/eth0 
5.6.7.8:500
Dec 15 14:10:01 fw ipsec__plutorun: Starting Pluto subsystem...
Dec 15 14:10:02 fw sshd[2307]: Server listening on :: port 22.
Dec 15 14:10:02 fw sshd[2307]: error: Bind to port 22 on 0.0.0.0 failed: 
Address already in use.
Dec 15 14:10:02 fw pluto[2288]: Starting Pluto (Openswan Version 2.4.4 
X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OEz}FFFfgr_e)
Dec 15 14:10:02 fw pluto[2288]: Setting NAT-Traversal port-4500 floating to 
on
Dec 15 14:10:02 fw pluto[2288]:    port floating activation criteria 
nat_t=1/port_fload=1
Dec 15 14:10:02 fw pluto[2288]:   including NAT-Traversal patch (Version 
0.6c)
Dec 15 14:10:02 fw pluto[2288]: ike_alg_register_enc(): Activating 
OAKLEY_AES_CBC: Ok (ret=0)
Dec 15 14:10:02 fw pluto[2288]: starting up 1 cryptographic helpers
Dec 15 14:10:02 fw pluto[2288]: started helper pid=2321 (fd:6)
Dec 15 14:10:02 fw pluto[2288]: Using KLIPS IPsec interface code on 
2.6.9-1.667.root
Dec 15 14:10:02 fw pluto[2288]: Could not change to directory 
'/etc/ipsec.d/cacerts'
Dec 15 14:10:02 fw pluto[2288]: Could not change to directory 
'/etc/ipsec.d/aacerts'
Dec 15 14:10:02 fw pluto[2288]: Could not change to directory 
'/etc/ipsec.d/ocspcerts'
Dec 15 14:10:02 fw pluto[2288]: Could not change to directory 
'/etc/ipsec.d/crls'
Dec 15 14:10:03 fw pluto[2288]: added connection description "left-road"
Dec 15 14:10:03 fw pluto[2288]: listening for IKE messages
Dec 15 14:10:03 fw pluto[2288]: adding interface ipsec0/eth0 5.6.7.8:500
Dec 15 14:10:03 fw pluto[2288]: adding interface ipsec0/eth0 5.6.7.8:4500
Dec 15 14:10:03 fw pluto[2288]: loading secrets from "/etc/ipsec.secrets"
Dec 15 14:18:15 fw ipsec__plutorun: Starting Pluto subsystem...
Dec 15 14:18:15 fw sshd[2599]: Server listening on :: port 22.
Dec 15 14:18:15 fw sshd[2599]: error: Bind to port 22 on 0.0.0.0 failed: 
Address already in use.
Dec 15 14:18:15 fw pluto[2569]: Starting Pluto (Openswan Version 2.4.4 
X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OEz}FFFfgr_e)
Dec 15 14:18:15 fw pluto[2569]: Setting NAT-Traversal port-4500 floating to 
on
Dec 15 14:18:15 fw pluto[2569]:    port floating activation criteria 
nat_t=1/port_fload=1
Dec 15 14:18:15 fw pluto[2569]:   including NAT-Traversal patch (Version 
0.6c)
Dec 15 14:18:15 fw pluto[2569]: ike_alg_register_enc(): Activating 
OAKLEY_AES_CBC: Ok (ret=0)
Dec 15 14:18:15 fw pluto[2569]: starting up 1 cryptographic helpers
Dec 15 14:18:15 fw pluto[2569]: started helper pid=2605 (fd:6)
Dec 15 14:18:15 fw pluto[2569]: Using KLIPS IPsec interface code on 
2.6.9-1.667.root
Dec 15 14:18:15 fw pluto[2569]: Could not change to directory 
'/etc/ipsec.d/cacerts'
Dec 15 14:18:15 fw pluto[2569]: Could not change to directory 
'/etc/ipsec.d/aacerts'
Dec 15 14:18:15 fw pluto[2569]: Could not change to directory 
'/etc/ipsec.d/ocspcerts'
Dec 15 14:18:15 fw pluto[2569]: Could not change to directory 
'/etc/ipsec.d/crls'
Dec 15 14:18:16 fw pluto[2569]: added connection description "left-road"
Dec 15 14:18:16 fw pluto[2569]: listening for IKE messages
Dec 15 14:18:16 fw pluto[2569]: adding interface ipsec0/eth0 5.6.7.8:500
Dec 15 14:18:16 fw pluto[2569]: adding interface ipsec0/eth0 5.6.7.8:4500
Dec 15 14:18:16 fw pluto[2569]: loading secrets from "/etc/ipsec.secrets"

thanks again.


----- Original Message ----- 
From: "Paul Wouters" <paul at xelerance.com>
To: "sasa" <sasa at shoponweb.it>
Cc: <users at openswan.org>
Sent: Thursday, December 15, 2005 5:31 PM
Subject: Re: [Openswan Users] Network error on port 4500


> On Thu, 15 Dec 2005, sasa wrote:
>
>> state STATE_QUICK_R1 to state STATE_QUICK_R2
>> Dec 15 13:17:18 fw pluto[2384]: "left-road"[4] 1.2.3.4 #11: 
>> STATE_QUICK_R2:
>> IPsec SA established {ESP=>0xf4a58cf3 <0xc3dd50e1 xfrm=3DES_0-HMAC_MD5
>> NATD=1.2.3.4:4500 DPD=none}
>> Dec 15 13:17:18 fw pluto[2384]: "left-road"[4] 1.2.3.4 #3: received 
>> Delete
>> SA(0x6b9e2b00) payload: deleting IPSEC State #4
>
> The other end is hanging up. It will log it somewhere (eg OAKLOEY.LOG for
> windows)
>
> Paul
>

More information about the Users mailing list