[Openswan Users] seems ok but receive 678 error
Luca Ballerini
luca.ballerini at gmail.com
Thu May 19 13:09:32 CEST 2005
Fixed the certificate issue, no more errors about it but win xp client
seems to loop and finally receive '678 No answer' error.I attach new
log extract. Wait for some helpful hints.
thanks in advance
luca
May 19 11:57:53 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[48]
CLIENTIP:4500 #49: responding to Quick Mode
May 19 11:57:53 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[48]
CLIENTIP:4500 #49: transition from state STATE_QUICK_R0 to state
STATE_QUICK_R1
May 19 11:57:53 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[48]
CLIENTIP:4500 #49: transition from state STATE_QUICK_R1 to state
STATE_QUICK_R2
May 19 11:57:53 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[48]
CLIENTIP:4500 #49: IPsec SA established {ESP/NAT=>0x19e40bf8
<0x97611071 NATOA=CLIENTLOCALIP}
May 19 11:57:53 SERVERNAME pluto[2131]: packet from CLIENTIP:500:
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
May 19 11:57:53 SERVERNAME pluto[2131]: packet from CLIENTIP:500:
ignoring Vendor ID payload [FRAGMENTATION]
May 19 11:57:53 SERVERNAME pluto[2131]: packet from CLIENTIP:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method
set to=106
May 19 11:57:53 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[49]
CLIENTIP #50: responding to Main Mode from unknown peer CLIENTIP
May 19 11:57:53 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[49]
CLIENTIP #50: transition from state STATE_MAIN_R0 to state
STATE_MAIN_R1
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[49]
CLIENTIP #50: NAT-Traversal: Result using
draft-ietf-ipsec-nat-t-ike-02/03: both are NATed
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[49]
CLIENTIP #50: transition from state STATE_MAIN_R1 to state
STATE_MAIN_R2
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[49]
CLIENTIP #50: Main mode peer ID is ID_DER_ASN1_DN: 'C=IT, ST=Marche,
L=Montegranaro, O=FILTERED, CN=FILTERED, E=EMAILFILTERED'
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[50]
CLIENTIP #50: deleting connection "roadwarrior-l2tp" instance with
peer CLIENTIP {isakmp=#0/ipsec=#0}
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[50]
CLIENTIP #50: I am sending my cert
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[50]
CLIENTIP #50: deleting connection "roadwarrior-l2tp" instance with
peer CLIENTIP {isakmp=#48/ipsec=#49}
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp" #49:
deleting state (STATE_QUICK_R2)
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp" #48:
deleting state (STATE_MAIN_R3)
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[50]
CLIENTIP #50: transition from state STATE_MAIN_R2 to state
STATE_MAIN_R3
May 19 11:57:54 SERVERNAME pluto[2131]: | NAT-T: new mapping CLIENTIP:500/4500)
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[50]
CLIENTIP:4500 #50: sent MR3, ISAKMP SA established
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[50]
CLIENTIP:4500 #51: responding to Quick Mode
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[50]
CLIENTIP:4500 #51: transition from state STATE_QUICK_R0 to state
STATE_QUICK_R1
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[50]
CLIENTIP:4500 #51: transition from state STATE_QUICK_R1 to state
STATE_QUICK_R2
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[50]
CLIENTIP:4500 #51: IPsec SA established {ESP/NAT=>0xb737329b
<0x95c4dbd8 NATOA=CLIENTLOCALIP}
May 19 11:57:54 SERVERNAME pluto[2131]: packet from CLIENTIP:500:
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
May 19 11:57:54 SERVERNAME pluto[2131]: packet from CLIENTIP:500:
ignoring Vendor ID payload [FRAGMENTATION]
May 19 11:57:54 SERVERNAME pluto[2131]: packet from CLIENTIP:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method
set to=106
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[51]
CLIENTIP #52: responding to Main Mode from unknown peer CLIENTIP
May 19 11:57:54 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[51]
CLIENTIP #52: transition from state STATE_MAIN_R0 to state
STATE_MAIN_R1
May 19 11:57:55 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[51]
CLIENTIP #52: NAT-Traversal: Result using
draft-ietf-ipsec-nat-t-ike-02/03: both are NATed
May 19 11:57:55 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[51]
CLIENTIP #52: transition from state STATE_MAIN_R1 to state
STATE_MAIN_R2
May 19 11:57:55 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[51]
CLIENTIP #52: Main mode peer ID is ID_DER_ASN1_DN: 'C=IT, ST=Marche,
L=Montegranaro, O=FILTERED, CN=FILTERED, E=EMAILFILTERED'
May 19 11:57:55 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[52]
CLIENTIP #52: deleting connection "roadwarrior-l2tp" instance with
peer CLIENTIP {isakmp=#0/ipsec=#0}
May 19 11:57:55 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[52]
CLIENTIP #52: I am sending my cert
May 19 11:57:55 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[52]
CLIENTIP #52: deleting connection "roadwarrior-l2tp" instance with
peer CLIENTIP {isakmp=#50/ipsec=#51}
May 19 11:57:55 SERVERNAME pluto[2131]: "roadwarrior-l2tp" #51:
deleting state (STATE_QUICK_R2)
May 19 11:57:55 SERVERNAME pluto[2131]: "roadwarrior-l2tp" #50:
deleting state (STATE_MAIN_R3)
May 19 11:57:55 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[52]
CLIENTIP #52: transition from state STATE_MAIN_R2 to state
STATE_MAIN_R3
May 19 11:57:55 SERVERNAME pluto[2131]: | NAT-T: new mapping CLIENTIP:500/4500)
May 19 11:57:55 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[52]
CLIENTIP:4500 #52: sent MR3, ISAKMP SA established
May 19 11:57:56 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[52]
CLIENTIP:4500 #53: responding to Quick Mode
May 19 11:57:56 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[52]
CLIENTIP:4500 #53: transition from state STATE_QUICK_R0 to state
STATE_QUICK_R1
May 19 11:57:56 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[52]
CLIENTIP:4500 #53: transition from state STATE_QUICK_R1 to state
STATE_QUICK_R2
May 19 11:57:56 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[52]
CLIENTIP:4500 #53: IPsec SA established {ESP/NAT=>0xd54b7553
<0xbbf1ea3a NATOA=CLIENTLOCALIP}
May 19 11:57:56 SERVERNAME pluto[2131]: packet from CLIENTIP:500:
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
May 19 11:57:56 SERVERNAME pluto[2131]: packet from CLIENTIP:500:
ignoring Vendor ID payload [FRAGMENTATION]
May 19 11:57:56 SERVERNAME pluto[2131]: packet from CLIENTIP:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method
set to=106
May 19 11:57:56 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[53]
CLIENTIP #54: responding to Main Mode from unknown peer CLIENTIP
May 19 11:57:56 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[53]
CLIENTIP #54: transition from state STATE_MAIN_R0 to state
STATE_MAIN_R1
May 19 11:57:57 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[53]
CLIENTIP #54: NAT-Traversal: Result using
draft-ietf-ipsec-nat-t-ike-02/03: both are NATed
May 19 11:57:57 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[53]
CLIENTIP #54: transition from state STATE_MAIN_R1 to state
STATE_MAIN_R2
May 19 11:57:57 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[53]
CLIENTIP #54: Main mode peer ID is ID_DER_ASN1_DN: 'C=IT, ST=Marche,
L=Montegranaro, O=FILTERED, CN=FILTERED, E=EMAILFILTERED'
May 19 11:57:57 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[54]
CLIENTIP #54: deleting connection "roadwarrior-l2tp" instance with
peer CLIENTIP {isakmp=#0/ipsec=#0}
May 19 11:57:57 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[54]
CLIENTIP #54: I am sending my cert
May 19 11:57:57 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[54]
CLIENTIP #54: deleting connection "roadwarrior-l2tp" instance with
peer CLIENTIP {isakmp=#52/ipsec=#53}
May 19 11:57:57 SERVERNAME pluto[2131]: "roadwarrior-l2tp" #53:
deleting state (STATE_QUICK_R2)
May 19 11:57:57 SERVERNAME pluto[2131]: "roadwarrior-l2tp" #52:
deleting state (STATE_MAIN_R3)
May 19 11:57:57 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[54]
CLIENTIP #54: transition from state STATE_MAIN_R2 to state
STATE_MAIN_R3
May 19 11:57:57 SERVERNAME pluto[2131]: | NAT-T: new mapping CLIENTIP:500/4500)
May 19 11:57:57 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[54]
CLIENTIP:4500 #54: sent MR3, ISAKMP SA established
May 19 11:57:57 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[54]
CLIENTIP:4500 #55: responding to Quick Mode
May 19 11:57:57 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[54]
CLIENTIP:4500 #55: transition from state STATE_QUICK_R0 to state
STATE_QUICK_R1
May 19 11:57:57 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[54]
CLIENTIP:4500 #54: received Delete SA payload: deleting ISAKMP State
#54
May 19 11:57:57 SERVERNAME pluto[2131]: packet from CLIENTIP:4500:
received and ignored informational message
May 19 11:58:26 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[47]
CLIENTIP:4500 #47: max number of retransmissions (2) reached
STATE_MAIN_R2
May 19 11:58:26 SERVERNAME pluto[2131]: "roadwarrior-l2tp"[47]
CLIENTIP:4500: deleting connection "roadwarrior-l2tp" instance with
peer CLIENTIP {isakmp=#0/ipsec=#0}
--
There is no great genius without a mixture of madness.
Aristotle
More information about the Users
mailing list