[Openswan Users] Roadwarior problem (Windows XP behind NAT, VPN server on public IP)

Thu Jun 23 11:23:35 CEST 2005

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello list,

Here's my scenario :

Roadwarior -> NAT -> internet -> VPN server

Roadwarior is :
- - Windows XP (all updates from Windows Update)
- - LAN IP 192.168.15.177

NAT is :
- - linux server doing MASQUERADING with ipchains
- - internal IP 192.168.15.1
- - public IP 193.2.211.10

VPN server is :
- - RH 7.3, kernel 2.4.24
- - openswan 2.3.1 with NAT-T patch enabled
- - l2tpd-0.69-10jdl.i386.rpm
- - ppp-2.4.3
- - public IP 194.249.41.219
- - internal IP 192.168.0.1

I'm trying to connect from Win XP with l2tpd client to VPN server.
When the roadwarior is on public IP (analog dial-up connection; no NAT)
I can connect without any problems.
But when the roadwarior is behind NAT I can't connect and I get this
info in /var/log/secure on VPN server -> please see the attached
secure.txt file.

I have also attached my configs.

What am I doing wrong?

- --
Many thanks for your help,

	Andrej.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFCunGHVd/NU2yFfAoRAo83AJwNVSxN2+WbOR5/N2oWgUnbbEz5lwCfWkRO
Ul8rQwAWDED0UesekMbQUBU=
=lQpz
-----END PGP SIGNATURE-----
-------------- next part --------------
version 2.0

# Basic configuration
config setup
	interfaces="ipsec0=eth0"
	klipsdebug=none
	plutodebug=none
	uniqueids=yes
	nat_traversal=yes
	virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.15.0/24

conn %default
	keyingtries=1
	disablearrivalcheck=no
	authby=rsasig
	leftrsasigkey=%cert
	rightrsasigkey=%cert
	pfs=no

# Disable Opportunistic Encryption
conn block
	auto=ignore

conn private
	auto=ignore

conn private-or-clear
	auto=ignore

conn clear-or-private
	auto=ignore

conn clear
	auto=ignore

conn packetdefault
	auto=ignore

# Notebook on dial-up (analog modem ; plain Windows XP ipsec)
#conn windowsXP
#	left=194.249.41.219
#	leftsubnet=192.168.0.0/24
#	leftnexthop=194.249.41.1
#	leftcert=rikom.sk-branik.si.pem
#	right=%any
#	rightcert=rikom-nb.sk-branik.si.pem
#	auto=add

# Notebook on dial-up (analog modem ; l2tpd)
conn roadwarior-l2tpd
	left=194.249.41.219
	leftnexthop=194.249.41.1
	leftprotoport=17/1701
	leftcert=rikom.sk-branik.si.pem
	right=%any
	rightprotoport=17/1701
	rightcert=rikom-nb.sk-branik.si.pem
	rightsubnet=vhost:%no,%priv
	auto=add
-------------- next part --------------
;
; This is a minimal sample l2tpd configuration file for use
; with L2TP over IPsec.
;
; The idea is to provide an L2TP daemon to which remote Windows L2TP/IPsec
; clients connect. In this example, the internal (protected) network 
; is 192.168.1.0/24.  A special IP range within this network is reserved
; for the remote clients: 192.168.1.128/25
; (i.e. 192.168.1.128 ... 192.168.1.254)
;
; The listen-addr parameter can be used if you want to bind the L2TP daemon
; to a specific IP address instead of to all interfaces. For instance,
; you could bind it to the interface of the internal LAN (e.g. 192.168.1.98
; in the example below). Yet another IP address (local ip, e.g. 192.168.1.99)
; will be used by l2tpd as its address on pppX interfaces.

[global]
; listen-addr = 192.168.1.98

[lns default]
ip range = 192.168.0.130-192.168.0.135
local ip = 192.168.0.2
require chap = yes
refuse pap = yes
require authentication = yes
name = LinuxVPNserver
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd
length bit = yes
-------------- next part --------------

Jun 23 10:10:00 ns ipsec__plutorun: Starting Pluto subsystem...
Jun 23 10:10:00 ns pluto[8109]: Starting Pluto (Openswan Version 2.3.1 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OEExalF{_o`m)
Jun 23 10:10:00 ns pluto[8109]: Setting port floating to on
Jun 23 10:10:00 ns pluto[8109]: port floating activate 1/1
Jun 23 10:10:00 ns pluto[8109]:   including NAT-Traversal patch (Version 0.6c)
Jun 23 10:10:00 ns pluto[8109]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Jun 23 10:10:00 ns pluto[8109]: starting up 1 cryptographic helpers
Jun 23 10:10:00 ns pluto[8109]: started helper pid=8118 (fd:6)
Jun 23 10:10:00 ns pluto[8109]: Using KLIPS IPsec interface code
Jun 23 10:10:00 ns pluto[8109]: Changing to directory '/etc/ipsec.d/cacerts'
Jun 23 10:10:00 ns pluto[8109]:   loaded CA cert file 'cacert.pem' (1261 bytes)
Jun 23 10:10:00 ns pluto[8109]: Changing to directory '/etc/ipsec.d/aacerts'
Jun 23 10:10:00 ns pluto[8109]: Changing to directory '/etc/ipsec.d/ocspcerts'
Jun 23 10:10:00 ns pluto[8109]: Changing to directory '/etc/ipsec.d/crls'
Jun 23 10:10:00 ns pluto[8109]:   loaded crl file 'crl.pem' (512 bytes)
Jun 23 10:10:00 ns pluto[8109]:   loaded host cert file '/etc/ipsec.d/certs/rikom.sk-branik.si.pem' (3677 bytes)
Jun 23 10:10:00 ns pluto[8109]:   loaded host cert file '/etc/ipsec.d/certs/rikom-nb.sk-branik.si.pem' (3703 bytes)
Jun 23 10:10:00 ns pluto[8109]: added connection description "roadwarior-l2tpd"
Jun 23 10:10:00 ns pluto[8109]: listening for IKE messages
Jun 23 10:10:00 ns pluto[8109]: adding interface ipsec0/eth0 194.249.41.219:500
Jun 23 10:10:00 ns pluto[8109]: adding interface ipsec0/eth0 194.249.41.219:4500
Jun 23 10:10:00 ns pluto[8109]: loading secrets from "/etc/ipsec.secrets"
Jun 23 10:10:00 ns pluto[8109]:   loaded private key file '/etc/ipsec.d/private/rikom.sk-branik.si-private.pem' (1700 bytes)
Jun 23 10:10:28 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Jun 23 10:10:28 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [FRAGMENTATION]
Jun 23 10:10:28 ns pluto[8109]: packet from 193.2.211.10:61355: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 
Jun 23 10:10:28 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [Vid-Initial-Contact]
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #1: responding to Main Mode from unknown peer 193.2.211.10
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #1: Main mode peer ID is ID_DER_ASN1_DN: 'C=SI, ST=Slovenija, L=Maribor, O=Rikom d.o.o., OU=FreeSWAN Client certificate, CN=rikom-nb.sk-branik.si, E=admin at rikom.si'
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #1: I am sending my cert
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 23 10:10:28 ns pluto[8109]: | NAT-T: new mapping 193.2.211.10:61355/61356)
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #1: sent MR3, ISAKMP SA established
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #2: responding to Quick Mode {msgid:1aa21ac0}
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #2: IPsec SA established {ESP=>0x8c6e2cc8 <0x687120e7 xfrm=3DES_0-HMAC_MD5 NATD=193.2.211.10}
Jun 23 10:10:28 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Jun 23 10:10:28 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [FRAGMENTATION]
Jun 23 10:10:28 ns pluto[8109]: packet from 193.2.211.10:61355: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 
Jun 23 10:10:28 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [Vid-Initial-Contact]
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[2] 193.2.211.10 #3: responding to Main Mode from unknown peer 193.2.211.10
Jun 23 10:10:28 ns pluto[8109]: "roadwarior-l2tpd"[2] 193.2.211.10 #3: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[2] 193.2.211.10 #3: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[2] 193.2.211.10 #3: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[2] 193.2.211.10 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=SI, ST=Slovenija, L=Maribor, O=Rikom d.o.o., OU=FreeSWAN Client certificate, CN=rikom-nb.sk-branik.si, E=admin at rikom.si'
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[2] 193.2.211.10 #3: I am sending my cert
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[2] 193.2.211.10 #3: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 23 10:10:29 ns pluto[8109]: | NAT-T: new mapping 193.2.211.10:61355/61356)
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[2] 193.2.211.10 #3: sent MR3, ISAKMP SA established
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #4: responding to Quick Mode {msgid:ec7a148a}
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #4: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #4: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #4: IPsec SA established {ESP=>0x3d3502b1 <0x687120e8 xfrm=3DES_0-HMAC_MD5 NATD=193.2.211.10}
Jun 23 10:10:29 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Jun 23 10:10:29 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [FRAGMENTATION]
Jun 23 10:10:29 ns pluto[8109]: packet from 193.2.211.10:61355: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 
Jun 23 10:10:29 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [Vid-Initial-Contact]
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[3] 193.2.211.10 #5: responding to Main Mode from unknown peer 193.2.211.10
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[3] 193.2.211.10 #5: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[3] 193.2.211.10 #5: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[3] 193.2.211.10 #5: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[3] 193.2.211.10 #5: Main mode peer ID is ID_DER_ASN1_DN: 'C=SI, ST=Slovenija, L=Maribor, O=Rikom d.o.o., OU=FreeSWAN Client certificate, CN=rikom-nb.sk-branik.si, E=admin at rikom.si'
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[3] 193.2.211.10 #5: I am sending my cert
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[3] 193.2.211.10 #5: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 23 10:10:29 ns pluto[8109]: | NAT-T: new mapping 193.2.211.10:61355/61356)
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[3] 193.2.211.10 #5: sent MR3, ISAKMP SA established
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #6: responding to Quick Mode {msgid:0195f21c}
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #6: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #6: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #6: IPsec SA established {ESP=>0xd34e345b <0x687120e9 xfrm=3DES_0-HMAC_MD5 NATD=193.2.211.10}
Jun 23 10:10:29 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Jun 23 10:10:29 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [FRAGMENTATION]
Jun 23 10:10:29 ns pluto[8109]: packet from 193.2.211.10:61355: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 
Jun 23 10:10:29 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [Vid-Initial-Contact]
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[4] 193.2.211.10 #7: responding to Main Mode from unknown peer 193.2.211.10
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[4] 193.2.211.10 #7: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[4] 193.2.211.10 #7: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed
Jun 23 10:10:29 ns pluto[8109]: "roadwarior-l2tpd"[4] 193.2.211.10 #7: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[4] 193.2.211.10 #7: Main mode peer ID is ID_DER_ASN1_DN: 'C=SI, ST=Slovenija, L=Maribor, O=Rikom d.o.o., OU=FreeSWAN Client certificate, CN=rikom-nb.sk-branik.si, E=admin at rikom.si'
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[4] 193.2.211.10 #7: I am sending my cert
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[4] 193.2.211.10 #7: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 23 10:10:30 ns pluto[8109]: | NAT-T: new mapping 193.2.211.10:61355/61356)
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[4] 193.2.211.10 #7: sent MR3, ISAKMP SA established
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #8: responding to Quick Mode {msgid:7813fbb2}
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #8: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #8: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #8: IPsec SA established {ESP=>0x12659d1f <0x687120ea xfrm=3DES_0-HMAC_MD5 NATD=193.2.211.10}
Jun 23 10:10:30 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Jun 23 10:10:30 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [FRAGMENTATION]
Jun 23 10:10:30 ns pluto[8109]: packet from 193.2.211.10:61355: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 
Jun 23 10:10:30 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [Vid-Initial-Contact]
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[5] 193.2.211.10 #9: responding to Main Mode from unknown peer 193.2.211.10
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[5] 193.2.211.10 #9: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[5] 193.2.211.10 #9: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[5] 193.2.211.10 #9: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[5] 193.2.211.10 #9: Main mode peer ID is ID_DER_ASN1_DN: 'C=SI, ST=Slovenija, L=Maribor, O=Rikom d.o.o., OU=FreeSWAN Client certificate, CN=rikom-nb.sk-branik.si, E=admin at rikom.si'
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[5] 193.2.211.10 #9: I am sending my cert
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[5] 193.2.211.10 #9: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 23 10:10:30 ns pluto[8109]: | NAT-T: new mapping 193.2.211.10:61355/61356)
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[5] 193.2.211.10 #9: sent MR3, ISAKMP SA established
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #10: responding to Quick Mode {msgid:5cce65ea}
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #10: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #10: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #10: IPsec SA established {ESP=>0x18629cfb <0x687120eb xfrm=3DES_0-HMAC_MD5 NATD=193.2.211.10}
Jun 23 10:10:30 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Jun 23 10:10:30 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [FRAGMENTATION]
Jun 23 10:10:30 ns pluto[8109]: packet from 193.2.211.10:61355: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 
Jun 23 10:10:30 ns pluto[8109]: packet from 193.2.211.10:61355: ignoring Vendor ID payload [Vid-Initial-Contact]
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: responding to Main Mode from unknown peer 193.2.211.10
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed
Jun 23 10:10:30 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 23 10:10:31 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: Main mode peer ID is ID_DER_ASN1_DN: 'C=SI, ST=Slovenija, L=Maribor, O=Rikom d.o.o., OU=FreeSWAN Client certificate, CN=rikom-nb.sk-branik.si, E=admin at rikom.si'
Jun 23 10:10:31 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: I am sending my cert
Jun 23 10:10:31 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 23 10:10:31 ns pluto[8109]: | NAT-T: new mapping 193.2.211.10:61355/61356)
Jun 23 10:10:31 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: sent MR3, ISAKMP SA established
Jun 23 10:10:32 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Jun 23 10:10:34 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Jun 23 10:10:38 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: discarding duplicate packet -- exhausted retransmission; already STATE_MAIN_R3
Jun 23 10:11:02 ns last message repeated 2 times
Jun 23 10:11:03 ns pluto[8109]: "roadwarior-l2tpd"[5] 193.2.211.10 #9: received Delete SA(0x18629cfb) payload: deleting IPSEC State #10
Jun 23 10:11:03 ns pluto[8109]: "roadwarior-l2tpd"[5] 193.2.211.10 #9: received and ignored informational message
Jun 23 10:11:03 ns pluto[8109]: "roadwarior-l2tpd"[4] 193.2.211.10 #7: received Delete SA(0x12659d1f) payload: deleting IPSEC State #8
Jun 23 10:11:03 ns pluto[8109]: "roadwarior-l2tpd"[4] 193.2.211.10 #7: received and ignored informational message
Jun 23 10:11:03 ns pluto[8109]: "roadwarior-l2tpd"[3] 193.2.211.10 #5: received Delete SA(0xd34e345b) payload: deleting IPSEC State #6
Jun 23 10:11:03 ns pluto[8109]: "roadwarior-l2tpd"[3] 193.2.211.10 #5: received and ignored informational message
Jun 23 10:11:03 ns pluto[8109]: "roadwarior-l2tpd"[2] 193.2.211.10 #3: received Delete SA(0x3d3502b1) payload: deleting IPSEC State #4
Jun 23 10:11:03 ns pluto[8109]: "roadwarior-l2tpd"[2] 193.2.211.10 #3: received and ignored informational message
Jun 23 10:11:03 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #1: received Delete SA(0x8c6e2cc8) payload: deleting IPSEC State #2
Jun 23 10:11:03 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #1: received and ignored informational message
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: byte 2 of ISAKMP Hash Payload must be zero, but is not
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: malformed payload in packet
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: sending notification PAYLOAD_MALFORMED to 193.2.211.10:61356
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[6] 193.2.211.10 #11: failed to build notification for spisize=0 
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[5] 193.2.211.10 #9: received Delete SA payload: deleting ISAKMP State #9
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[5] 193.2.211.10: deleting connection "roadwarior-l2tpd" instance with peer 193.2.211.10 {isakmp=#0/ipsec=#0}
Jun 23 10:11:04 ns pluto[8109]: packet from 193.2.211.10:61356: received and ignored informational message
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[4] 193.2.211.10 #7: received Delete SA payload: deleting ISAKMP State #7
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[4] 193.2.211.10: deleting connection "roadwarior-l2tpd" instance with peer 193.2.211.10 {isakmp=#0/ipsec=#0}
Jun 23 10:11:04 ns pluto[8109]: packet from 193.2.211.10:61356: received and ignored informational message
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[3] 193.2.211.10 #5: received Delete SA payload: deleting ISAKMP State #5
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[3] 193.2.211.10: deleting connection "roadwarior-l2tpd" instance with peer 193.2.211.10 {isakmp=#0/ipsec=#0}
Jun 23 10:11:04 ns pluto[8109]: packet from 193.2.211.10:61356: received and ignored informational message
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[2] 193.2.211.10 #3: received Delete SA payload: deleting ISAKMP State #3
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[2] 193.2.211.10: deleting connection "roadwarior-l2tpd" instance with peer 193.2.211.10 {isakmp=#0/ipsec=#0}
Jun 23 10:11:04 ns pluto[8109]: packet from 193.2.211.10:61356: received and ignored informational message
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10 #1: received Delete SA payload: deleting ISAKMP State #1
Jun 23 10:11:04 ns pluto[8109]: "roadwarior-l2tpd"[1] 193.2.211.10: deleting connection "roadwarior-l2tpd" instance with peer 193.2.211.10 {isakmp=#0/ipsec=#0}
Jun 23 10:11:04 ns pluto[8109]: packet from 193.2.211.10:61356: received and ignored informational message