[Openswan Users] IPSec, Windows XP/2000 and Dead Peer Detection

Andrej Trobentar andrej.trobentar at rikom.si
Wed Oct 12 15:14:28 CEST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jacco de Leeuw wrote:
> There have been a few
> NAT-T related fixes in Openswan 2.4.x. You might want to try that version.

I have tried the version openswan-2.4.2dr1 and did :

make KERNELSRC=/usr/src/linux-2.4 programs module
make KERNELSRC=/usr/src/linux-2.4 install minstall

Rebooted the machine and now my static tunnels don't work anymore (on
the other side is still openswan 2.3.1). All I get is this (pls see the
attached file). Any ideas?

- --
Thanks,

	Andrej.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFDTP4kVd/NU2yFfAoRArWwAKC6K1flwhDJ33DHoP41RARAgxToPACeLsPn
T3nO2Iqwaf7i1hr8+xe7iHo=
=XMJY
-----END PGP SIGNATURE-----
-------------- next part --------------
Oct 12 13:44:13 rikom ipsec__plutorun: Starting Pluto subsystem...
Oct 12 13:44:14 rikom pluto[1473]: Starting Pluto (Openswan Version 2.4.1dr1 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OEVrxNnzrRMV)
Oct 12 13:44:14 rikom pluto[1473]: Setting NAT-Traversal port-4500 floating to on
Oct 12 13:44:14 rikom pluto[1473]:    port floating activation criteria nat_t=1/port_fload=1
Oct 12 13:44:14 rikom pluto[1473]:   including NAT-Traversal patch (Version 0.6c)
Oct 12 13:44:14 rikom pluto[1473]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Oct 12 13:44:14 rikom pluto[1473]: starting up 1 cryptographic helpers
Oct 12 13:44:14 rikom pluto[1473]: started helper pid=1528 (fd:6)
Oct 12 13:44:15 rikom pluto[1473]: Using KLIPS IPsec interface code on 2.4.31
Oct 12 13:44:15 rikom pluto[1473]: Changing to directory '/etc/ipsec.d/cacerts'
Oct 12 13:44:15 rikom pluto[1473]:   loaded CA cert file 'cacert-rikom.pem' (1261 bytes)
Oct 12 13:44:16 rikom pluto[1473]: Changing to directory '/etc/ipsec.d/aacerts'
Oct 12 13:44:16 rikom pluto[1473]: Changing to directory '/etc/ipsec.d/ocspcerts'
Oct 12 13:44:16 rikom pluto[1473]: Changing to directory '/etc/ipsec.d/crls'
Oct 12 13:44:17 rikom pluto[1473]:   loaded crl file 'crl.pem' (512 bytes)
Oct 12 13:44:17 rikom pluto[1473]:   loaded host cert file '/etc/ipsec.d/certs/rikom.sk-branik.si.pem' (3677 bytes)
Oct 12 13:44:17 rikom pluto[1473]:   loaded host cert file '/etc/ipsec.d/certs/fw.kr-gora.si.pem' (3699 bytes)
Oct 12 13:44:17 rikom pluto[1473]: added connection description "rikom-krgora-lan_vzp"
Oct 12 13:44:18 rikom pluto[1473]:   loaded host cert file '/etc/ipsec.d/certs/rikom.sk-branik.si.pem' (3677 bytes)
Oct 12 13:44:18 rikom pluto[1473]:   loaded host cert file '/etc/ipsec.d/certs/fw.donat.ers.si.pem' (3691 bytes)
Oct 12 13:44:18 rikom pluto[1473]: added connection description "rikom-donat-lan_vzp"
Oct 12 13:44:19 rikom pluto[1473]:   loaded host cert file '/etc/ipsec.d/certs/rikom.sk-branik.si.pem' (3677 bytes)
Oct 12 13:44:19 rikom pluto[1473]:   loaded host cert file '/etc/ipsec.d/certs/fw.kr-gora.si.pem' (3699 bytes)
Oct 12 13:44:19 rikom pluto[1473]: added connection description "rikom-krgora-lan_brm"
Oct 12 13:44:20 rikom pluto[1473]:   loaded host cert file '/etc/ipsec.d/certs/rikom.sk-branik.si.pem' (3677 bytes)
Oct 12 13:44:20 rikom pluto[1473]:   loaded host cert file '/etc/ipsec.d/certs/fw.donat.ers.si.pem' (3691 bytes)
Oct 12 13:44:20 rikom pluto[1473]: added connection description "rikom-donat-lan_rikom"
Oct 12 13:44:21 rikom pluto[1473]:   loaded host cert file '/etc/ipsec.d/certs/rikom.sk-branik.si.pem' (3677 bytes)
Oct 12 13:44:21 rikom pluto[1473]: added connection description "roadwarior-l2tpd"
Oct 12 13:44:21 rikom pluto[1473]:   loaded host cert file '/etc/ipsec.d/certs/rikom.sk-branik.si.pem' (3677 bytes)
Oct 12 13:44:22 rikom pluto[1473]:   loaded host cert file '/etc/ipsec.d/certs/fw.kr-gora.si.pem' (3699 bytes)
Oct 12 13:44:22 rikom pluto[1473]: added connection description "rikom-krgora-lan_rikom"
Oct 12 13:44:22 rikom pluto[1473]: listening for IKE messages
Oct 12 13:44:23 rikom pluto[1473]: adding interface ipsec0/eth0 193.2.211.10:500
Oct 12 13:44:23 rikom pluto[1473]: adding interface ipsec0/eth0 193.2.211.10:4500
Oct 12 13:44:23 rikom pluto[1473]: loading secrets from "/etc/ipsec.secrets"
Oct 12 13:44:23 rikom pluto[1473]:   loaded private key file '/etc/ipsec.d/private/rikom.sk-branik.si-private.pem' (1700 bytes)
Oct 12 13:44:24 rikom pluto[1473]: "rikom-krgora-lan_vzp" #1: initiating Main Mode
Oct 12 13:44:24 rikom pluto[1473]: "rikom-donat-lan_vzp" #2: initiating Main Mode
Oct 12 13:45:33 rikom pluto[1473]: initiate on demand from 192.168.15.11:0 to 192.168.200.10:0 proto=0 state: fos_start because: acquire
Oct 12 13:45:34 rikom pluto[1473]: "rikom-donat-lan_vzp" #2: max number of retransmissions (2) reached STATE_MAIN_I1.  No response (or no acceptable response) to our first IKE message
Oct 12 13:45:34 rikom pluto[1473]: "rikom-krgora-lan_vzp" #1: max number of retransmissions (2) reached STATE_MAIN_I1.  No response (or no acceptable response) to our first IKE message
Oct 12 13:45:45 rikom pluto[1473]: initiate on demand from 192.168.15.11:0 to 192.168.205.3:0 proto=0 state: fos_start because: acquire
Oct 12 13:45:45 rikom pluto[1473]: "rikom-donat-lan_rikom" #3: initiating Main Mode
Oct 12 13:46:55 rikom pluto[1473]: "rikom-donat-lan_rikom" #3: max number of retransmissions (2) reached STATE_MAIN_I1.  No response (or no acceptable response) to our first IKE message
Oct 12 13:47:08 rikom pluto[1473]: "rikom-donat-lan_rikom" #4: initiating Main Mode
Oct 12 13:48:18 rikom pluto[1473]: "rikom-donat-lan_rikom" #4: max number of retransmissions (2) reached STATE_MAIN_I1.  No response (or no acceptable response) to our first IKE message
Oct 12 13:48:55 rikom pluto[1473]: shutting down
Oct 12 13:48:55 rikom pluto[1473]: forgetting secrets
Oct 12 13:48:55 rikom pluto[1473]: "rikom-donat-lan_rikom": deleting connection
Oct 12 13:48:55 rikom pluto[1473]: "rikom-krgora-lan_rikom": deleting connection
Oct 12 13:48:55 rikom pluto[1473]: "rikom-krgora-lan_brm": deleting connection
Oct 12 13:48:55 rikom pluto[1473]: "rikom-donat-lan_vzp": deleting connection
Oct 12 13:48:55 rikom pluto[1473]: "rikom-krgora-lan_vzp": deleting connection
Oct 12 13:48:55 rikom pluto[1473]: "roadwarior-l2tpd": deleting connection
Oct 12 13:48:55 rikom pluto[1473]: shutting down interface ipsec0/eth0 193.2.211.10:4500
Oct 12 13:48:55 rikom pluto[1473]: shutting down interface ipsec0/eth0 193.2.211.10:500

More information about the Users mailing list