[Openswan Users] WinXP Behind Nat to Openswan Server Behind NAT

Andy Gay andy at andynet.net
Thu Aug 3 05:30:19 EDT 2006


On Thu, 2006-08-03 at 07:42 +0300, Meron Lavie wrote:
> I am trying to set up a typical Road Warrior connection, where both the
> OpenSwan server and the XP clients are both NAT-ed. Authentication is via
> PSK. OpenSwan sits on my gateway/firewall, which is connected to the
> Internet by an ADSL PPPoE modem. The open Internet address is
> 111.111.111.111. This is PPP'd to the ADSL modem, which presents itself as
> 10.0.0.138 to the external interface on the gateway. The external interface
> on the gateway/firewall is 10.0.0.1. Its internal interface to the LAN is
> 192.168.254/
> 
> OpenSwan 2.4.5 is installed on an FC5 with the latest kernel on that
> gateway/firewall, which NATs to 192.168.1.0/24. I made a test of connecting
> a WinXP/SP2 client from within the LAN and it worked fine. However, external
> access from behind a NAT'ed Road Warrior fails. I should emphasize that the
> XP/SP2 Road Warrior clients have the registry fix to allow NAT-ed use.
> 
> My "ipsec verify" returns everything OK.
> 
> Yet it doesn't work.
> 
> Any help would be greatly appreciated.

Please remove the 'plutodebug="control parsing"' line, or set it to
'none', and post your logs after doing that.

> 
> Lavie
> 
> 
> Following is my ipsec.secrets:
> ==========================
> 10.0.0.1 %any: PSK "password"
> 192.168.1.254 %any: PSK "password"
> 111.111.111.111 %any: PSK "password"
> 10.0.0.138 %any: PSK "password"
> ==========================
> 
> Following is my ipsec.conf:
> ==========================
> # /etc/ipsec.conf - Openswan IPsec configuration file
> # Manual:     ipsec.conf.5
> # Please place your own config files in /etc/ipsec.d/ ending in .conf
> 
> version 2.0     # conforms to second version of ipsec.conf specification
> 
> # basic configuration
> config setup
>         # Debug-logging controls:  "none" for (almost) none, "all" for lots.
>         # klipsdebug=none
>         plutodebug="control parsing"
>         nat_traversal=yes
>  
> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192
> .168.1.1/24
>         
> conn L2TP-PSK-INTERNAL
>         authby=secret 
>         pfs=no
>         rekey=no
>         keyingtries=3
>         left=192.168.1.254
>         leftprotoport=17/%any
>         right=%any
>         rightprotoport=17/%any
>         auto=add
>         
> conn L2TP-PSK-EXTERNAL
>         authby=secret 
>         pfs=no
>         rekey=no
>         keyingtries=3
>         left=10.0.0.1
>         leftnexthop=10.0.0.138
>         leftid=10.0.0.1
>         leftprotoport=17/1701
>         right=%any
>         rightsubnet=vhost:%no,%priv
>         rightprotoport=17/1701
>         #rightid=@LAVIED610.chdomain.careerharmony.com
>         auto=add
>         
> #include /etc/ipsec.d/*.conf
> #Disable Opportunistic Encryption
> include /etc/ipsec.d/examples/no_oe.conf
> ==========================
> 
> Following is /var/log/secure
> ==========================
> Aug  3 07:35:33 lavie010 pluto[30617]: |  
> Aug  3 07:35:33 lavie010 pluto[30617]: | *time to handle event
> Aug  3 07:35:33 lavie010 pluto[30617]: | handling event EVENT_PENDING_PHASE2
> Aug  3 07:35:33 lavie010 pluto[30617]: | event after this is
> EVENT_REINIT_SECRET in 3360 seconds
> Aug  3 07:35:33 lavie010 pluto[30617]: | inserting event
> EVENT_PENDING_PHASE2, timeout in 120 seconds
> Aug  3 07:35:33 lavie010 pluto[30617]: | pending review: connection
> "L2TP-PSK-INTERNAL" was not up, skipped
> Aug  3 07:35:33 lavie010 pluto[30617]: | pending review: connection
> "L2TP-PSK-EXTERNAL" was not up, skipped
> Aug  3 07:35:33 lavie010 pluto[30617]: | next event EVENT_PENDING_PHASE2 in
> 120 seconds
> Aug  3 07:35:36 lavie010 pluto[30617]: |  
> Aug  3 07:35:36 lavie010 pluto[30617]: | *received 312 bytes from
> 72.72.115.187:500 on eth0 (port=500)
> Aug  3 07:35:36 lavie010 pluto[30617]: | **parse ISAKMP Message:
> Aug  3 07:35:36 lavie010 pluto[30617]: |    initiator cookie:
> Aug  3 07:35:36 lavie010 pluto[30617]: |   0c 2b 55 a7  6e e5 b6 c4
> Aug  3 07:35:36 lavie010 pluto[30617]: |    responder cookie:
> Aug  3 07:35:36 lavie010 pluto[30617]: |   00 00 00 00  00 00 00 00
> Aug  3 07:35:36 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_SA
> Aug  3 07:35:36 lavie010 pluto[30617]: |    ISAKMP version: ISAKMP Version
> 1.0
> Aug  3 07:35:36 lavie010 pluto[30617]: |    exchange type:
> ISAKMP_XCHG_IDPROT
> Aug  3 07:35:36 lavie010 pluto[30617]: |    flags: none
> Aug  3 07:35:36 lavie010 pluto[30617]: |    message ID:  00 00 00 00
> Aug  3 07:35:36 lavie010 pluto[30617]: |    length: 312
> Aug  3 07:35:36 lavie010 pluto[30617]: |  processing packet with exchange
> type=ISAKMP_XCHG_IDPROT (2)
> Aug  3 07:35:36 lavie010 pluto[30617]: | ***parse ISAKMP Security
> Association Payload:
> Aug  3 07:35:36 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_VID
> Aug  3 07:35:36 lavie010 pluto[30617]: |    length: 200
> Aug  3 07:35:36 lavie010 pluto[30617]: |    DOI: ISAKMP_DOI_IPSEC
> Aug  3 07:35:36 lavie010 pluto[30617]: | ***parse ISAKMP Vendor ID Payload:
> Aug  3 07:35:36 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_VID
> Aug  3 07:35:36 lavie010 pluto[30617]: |    length: 24
> Aug  3 07:35:36 lavie010 pluto[30617]: | ***parse ISAKMP Vendor ID Payload:
> Aug  3 07:35:36 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_VID
> Aug  3 07:35:36 lavie010 pluto[30617]: |    length: 20
> Aug  3 07:35:36 lavie010 pluto[30617]: | ***parse ISAKMP Vendor ID Payload:
> Aug  3 07:35:36 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_VID
> Aug  3 07:35:36 lavie010 pluto[30617]: |    length: 20
> Aug  3 07:35:36 lavie010 pluto[30617]: | ***parse ISAKMP Vendor ID Payload:
> Aug  3 07:35:36 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_NONE
> Aug  3 07:35:36 lavie010 pluto[30617]: |    length: 20
> Aug  3 07:35:36 lavie010 pluto[30617]: packet from 72.72.115.187:500:
> ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
> Aug  3 07:35:36 lavie010 pluto[30617]: packet from 72.72.115.187:500:
> ignoring Vendor ID payload [FRAGMENTATION]
> Aug  3 07:35:36 lavie010 pluto[30617]: packet from 72.72.115.187:500:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set
> to=106 
> Aug  3 07:35:36 lavie010 pluto[30617]: packet from 72.72.115.187:500:
> ignoring Vendor ID payload [Vid-Initial-Contact]
> Aug  3 07:35:36 lavie010 pluto[30617]: | instantiated "L2TP-PSK-EXTERNAL"
> for 72.72.115.187
> Aug  3 07:35:36 lavie010 pluto[30617]: | creating state object #1 at
> 0x89ff3f8
> Aug  3 07:35:36 lavie010 pluto[30617]: | processing connection
> L2TP-PSK-EXTERNAL[1] 72.72.115.187
> Aug  3 07:35:36 lavie010 pluto[30617]: | ICOOKIE:  0c 2b 55 a7  6e e5 b6 c4
> Aug  3 07:35:36 lavie010 pluto[30617]: | RCOOKIE:  e5 94 45 5f  b5 ac 1d f3
> Aug  3 07:35:36 lavie010 pluto[30617]: | peer:  48 48 73 bb
> Aug  3 07:35:36 lavie010 pluto[30617]: | state hash entry 14
> Aug  3 07:35:36 lavie010 pluto[30617]: | inserting event EVENT_SO_DISCARD,
> timeout in 0 seconds for #1
> Aug  3 07:35:36 lavie010 pluto[30617]: "L2TP-PSK-EXTERNAL"[1] 72.72.115.187
> #1: responding to Main Mode from unknown peer 72.72.115.187
> Aug  3 07:35:36 lavie010 pluto[30617]: | ****parse IPsec DOI SIT:
> Aug  3 07:35:36 lavie010 pluto[30617]: |    IPsec DOI SIT: SIT_IDENTITY_ONLY
> Aug  3 07:35:36 lavie010 pluto[30617]: | ****parse ISAKMP Proposal Payload:
> Aug  3 07:35:36 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_NONE
> Aug  3 07:35:36 lavie010 pluto[30617]: |    length: 188
> Aug  3 07:35:36 lavie010 pluto[30617]: |    proposal number: 1
> Aug  3 07:35:36 lavie010 pluto[30617]: |    protocol ID: PROTO_ISAKMP
> Aug  3 07:35:36 lavie010 pluto[30617]: |    SPI size: 0
> Aug  3 07:35:36 lavie010 pluto[30617]: |    number of transforms: 5
> Aug  3 07:35:36 lavie010 pluto[30617]: | *****parse ISAKMP Transform Payload
> (ISAKMP):
> Aug  3 07:35:36 lavie010 pluto[30617]: |    next payload type: ISAKMP_NEXT_T
> Aug  3 07:35:36 lavie010 pluto[30617]: |    length: 36
> Aug  3 07:35:36 lavie010 pluto[30617]: |    transform number: 1
> Aug  3 07:35:36 lavie010 pluto[30617]: |    transform ID: KEY_IKE
> Aug  3 07:35:36 lavie010 pluto[30617]: | ******parse ISAKMP Oakley
> attribute:
> Aug  3 07:35:36 lavie010 pluto[30617]: |    af+type:
> OAKLEY_ENCRYPTION_ALGORITHM
> Aug  3 07:35:36 lavie010 pluto[30617]: |    length/value: 5
> Aug  3 07:35:36 lavie010 pluto[30617]: |    [5 is OAKLEY_3DES_CBC]
> Aug  3 07:35:36 lavie010 pluto[30617]: | ******parse ISAKMP Oakley
> attribute:
> Aug  3 07:35:36 lavie010 pluto[30617]: |    af+type: OAKLEY_HASH_ALGORITHM
> Aug  3 07:35:36 lavie010 pluto[30617]: |    length/value: 2
> Aug  3 07:35:36 lavie010 pluto[30617]: |    [2 is OAKLEY_SHA1]
> Aug  3 07:35:36 lavie010 pluto[30617]: | ******parse ISAKMP Oakley
> attribute:
> Aug  3 07:35:36 lavie010 pluto[30617]: |    af+type:
> OAKLEY_GROUP_DESCRIPTION
> Aug  3 07:35:36 lavie010 pluto[30617]: |    length/value: 14
> Aug  3 07:35:36 lavie010 pluto[30617]: |    [14 is OAKLEY_GROUP_MODP2048]
> Aug  3 07:35:37 lavie010 pluto[30617]: | ******parse ISAKMP Oakley
> attribute:
> Aug  3 07:35:37 lavie010 pluto[30617]: |    af+type:
> OAKLEY_AUTHENTICATION_METHOD
> Aug  3 07:35:37 lavie010 pluto[30617]: |    length/value: 1
> Aug  3 07:35:37 lavie010 pluto[30617]: |    [1 is OAKLEY_PRESHARED_KEY]
> Aug  3 07:35:37 lavie010 pluto[30617]: | started looking for secret for
> 10.0.0.1->72.72.115.187 of kind PPK_PSK
> Aug  3 07:35:37 lavie010 pluto[30617]: | instantiating him to 0.0.0.0
> Aug  3 07:35:37 lavie010 pluto[30617]: | actually looking for secret for
> 10.0.0.1->0.0.0.0 of kind PPK_PSK
> Aug  3 07:35:37 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:37 lavie010 pluto[30617]: | 2: compared PSK 10.0.0.138 to
> 10.0.0.1 / 72.72.115.187 -> 2
> Aug  3 07:35:37 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:37 lavie010 pluto[30617]: | 2: compared PSK 192.117.103.195 to
> 10.0.0.1 / 72.72.115.187 -> 2
> Aug  3 07:35:37 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:37 lavie010 pluto[30617]: | 2: compared PSK 192.168.1.254 to
> 10.0.0.1 / 72.72.115.187 -> 2
> Aug  3 07:35:37 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:37 lavie010 pluto[30617]: | 2: compared PSK 10.0.0.1 to
> 10.0.0.1 / 72.72.115.187 -> 6
> Aug  3 07:35:37 lavie010 pluto[30617]: | best_match 0>6 best=0x89fdf38
> (line=16)
> Aug  3 07:35:37 lavie010 pluto[30617]: | concluding with best_match=6
> best=0x89fdf38 (lineno=16)
> Aug  3 07:35:37 lavie010 pluto[30617]: | ******parse ISAKMP Oakley
> attribute:
> Aug  3 07:35:37 lavie010 pluto[30617]: |    af+type: OAKLEY_LIFE_TYPE
> Aug  3 07:35:37 lavie010 pluto[30617]: |    length/value: 1
> Aug  3 07:35:37 lavie010 pluto[30617]: |    [1 is OAKLEY_LIFE_SECONDS]
> Aug  3 07:35:37 lavie010 pluto[30617]: | ******parse ISAKMP Oakley
> attribute:
> Aug  3 07:35:37 lavie010 pluto[30617]: |    af+type: OAKLEY_LIFE_DURATION
> (variable length)
> Aug  3 07:35:37 lavie010 pluto[30617]: |    length/value: 4
> Aug  3 07:35:37 lavie010 pluto[30617]: |    long duration: 28800
> Aug  3 07:35:37 lavie010 pluto[30617]: | Oakley Transform 1 accepted
> Aug  3 07:35:37 lavie010 pluto[30617]: | complete state transition with
> STF_OK
> Aug  3 07:35:37 lavie010 pluto[30617]: "L2TP-PSK-EXTERNAL"[1] 72.72.115.187
> #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Aug  3 07:35:37 lavie010 pluto[30617]: | sending reply packet to
> 72.72.115.187:500 (from port=500)
> Aug  3 07:35:37 lavie010 pluto[30617]: | sending 140 bytes for STATE_MAIN_R0
> through eth0:500 to 72.72.115.187:500:
> Aug  3 07:35:37 lavie010 pluto[30617]: | inserting event EVENT_RETRANSMIT,
> timeout in 10 seconds for #1
> Aug  3 07:35:37 lavie010 pluto[30617]: "L2TP-PSK-EXTERNAL"[1] 72.72.115.187
> #1: STATE_MAIN_R1: sent MR1, expecting MI2
> Aug  3 07:35:37 lavie010 pluto[30617]: | modecfg pull: noquirk policy:push
> not-client
> Aug  3 07:35:37 lavie010 pluto[30617]: | phase 1 is done, looking for phase
> 1 to unpend
> Aug  3 07:35:37 lavie010 pluto[30617]: | next event EVENT_RETRANSMIT in 10
> seconds for #1
> Aug  3 07:35:37 lavie010 pluto[30617]: |  
> Aug  3 07:35:37 lavie010 pluto[30617]: | *received 312 bytes from
> 72.72.115.187:500 on eth0 (port=500)
> Aug  3 07:35:37 lavie010 pluto[30617]: | **parse ISAKMP Message:
> Aug  3 07:35:37 lavie010 pluto[30617]: |    initiator cookie:
> Aug  3 07:35:37 lavie010 pluto[30617]: |   0c 2b 55 a7  6e e5 b6 c4
> Aug  3 07:35:37 lavie010 pluto[30617]: |    responder cookie:
> Aug  3 07:35:37 lavie010 pluto[30617]: |   00 00 00 00  00 00 00 00
> Aug  3 07:35:37 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_SA
> Aug  3 07:35:37 lavie010 pluto[30617]: |    ISAKMP version: ISAKMP Version
> 1.0
> Aug  3 07:35:37 lavie010 pluto[30617]: |    exchange type:
> ISAKMP_XCHG_IDPROT
> Aug  3 07:35:37 lavie010 pluto[30617]: |    flags: none
> Aug  3 07:35:37 lavie010 pluto[30617]: |    message ID:  00 00 00 00
> Aug  3 07:35:37 lavie010 pluto[30617]: |    length: 312
> Aug  3 07:35:37 lavie010 pluto[30617]: |  processing packet with exchange
> type=ISAKMP_XCHG_IDPROT (2)
> Aug  3 07:35:37 lavie010 pluto[30617]: | ***parse ISAKMP Security
> Association Payload:
> Aug  3 07:35:37 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_VID
> Aug  3 07:35:37 lavie010 pluto[30617]: |    length: 200
> Aug  3 07:35:37 lavie010 pluto[30617]: |    DOI: ISAKMP_DOI_IPSEC
> Aug  3 07:35:37 lavie010 pluto[30617]: | ***parse ISAKMP Vendor ID Payload:
> Aug  3 07:35:37 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_VID
> Aug  3 07:35:37 lavie010 pluto[30617]: |    length: 24
> Aug  3 07:35:37 lavie010 pluto[30617]: | ***parse ISAKMP Vendor ID Payload:
> Aug  3 07:35:37 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_VID
> Aug  3 07:35:37 lavie010 pluto[30617]: |    length: 20
> Aug  3 07:35:37 lavie010 pluto[30617]: | ***parse ISAKMP Vendor ID Payload:
> Aug  3 07:35:37 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_VID
> Aug  3 07:35:37 lavie010 pluto[30617]: |    length: 20
> Aug  3 07:35:37 lavie010 pluto[30617]: | ***parse ISAKMP Vendor ID Payload:
> Aug  3 07:35:37 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_NONE
> Aug  3 07:35:37 lavie010 pluto[30617]: |    length: 20
> Aug  3 07:35:37 lavie010 pluto[30617]: packet from 72.72.115.187:500:
> ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
> Aug  3 07:35:37 lavie010 pluto[30617]: packet from 72.72.115.187:500:
> ignoring Vendor ID payload [FRAGMENTATION]
> Aug  3 07:35:37 lavie010 pluto[30617]: packet from 72.72.115.187:500:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set
> to=106 
> Aug  3 07:35:37 lavie010 pluto[30617]: packet from 72.72.115.187:500:
> ignoring Vendor ID payload [Vid-Initial-Contact]
> Aug  3 07:35:37 lavie010 pluto[30617]: | creating state object #2 at
> 0x89ffa50
> Aug  3 07:35:37 lavie010 pluto[30617]: | processing connection
> L2TP-PSK-EXTERNAL[1] 72.72.115.187
> Aug  3 07:35:37 lavie010 pluto[30617]: | ICOOKIE:  0c 2b 55 a7  6e e5 b6 c4
> Aug  3 07:35:37 lavie010 pluto[30617]: | RCOOKIE:  a0 73 4e 9e  05 b3 6d 3e
> Aug  3 07:35:37 lavie010 pluto[30617]: | peer:  48 48 73 bb
> Aug  3 07:35:37 lavie010 pluto[30617]: | state hash entry 10
> Aug  3 07:35:37 lavie010 pluto[30617]: | inserting event EVENT_SO_DISCARD,
> timeout in 0 seconds for #2
> Aug  3 07:35:37 lavie010 pluto[30617]: "L2TP-PSK-EXTERNAL"[1] 72.72.115.187
> #2: responding to Main Mode from unknown peer 72.72.115.187
> Aug  3 07:35:37 lavie010 pluto[30617]: | ****parse IPsec DOI SIT:
> Aug  3 07:35:37 lavie010 pluto[30617]: |    IPsec DOI SIT: SIT_IDENTITY_ONLY
> Aug  3 07:35:37 lavie010 pluto[30617]: | ****parse ISAKMP Proposal Payload:
> Aug  3 07:35:37 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_NONE
> Aug  3 07:35:37 lavie010 pluto[30617]: |    length: 188
> Aug  3 07:35:38 lavie010 pluto[30617]: |    proposal number: 1
> Aug  3 07:35:38 lavie010 pluto[30617]: |    protocol ID: PROTO_ISAKMP
> Aug  3 07:35:38 lavie010 pluto[30617]: |    SPI size: 0
> Aug  3 07:35:38 lavie010 pluto[30617]: |    number of transforms: 5
> Aug  3 07:35:38 lavie010 pluto[30617]: | *****parse ISAKMP Transform Payload
> (ISAKMP):
> Aug  3 07:35:38 lavie010 pluto[30617]: |    next payload type: ISAKMP_NEXT_T
> Aug  3 07:35:38 lavie010 pluto[30617]: |    length: 36
> Aug  3 07:35:38 lavie010 pluto[30617]: |    transform number: 1
> Aug  3 07:35:38 lavie010 pluto[30617]: |    transform ID: KEY_IKE
> Aug  3 07:35:38 lavie010 pluto[30617]: | ******parse ISAKMP Oakley
> attribute:
> Aug  3 07:35:38 lavie010 pluto[30617]: |    af+type:
> OAKLEY_ENCRYPTION_ALGORITHM
> Aug  3 07:35:38 lavie010 pluto[30617]: |    length/value: 5
> Aug  3 07:35:38 lavie010 pluto[30617]: |    [5 is OAKLEY_3DES_CBC]
> Aug  3 07:35:38 lavie010 pluto[30617]: | ******parse ISAKMP Oakley
> attribute:
> Aug  3 07:35:38 lavie010 pluto[30617]: |    af+type: OAKLEY_HASH_ALGORITHM
> Aug  3 07:35:38 lavie010 pluto[30617]: |    length/value: 2
> Aug  3 07:35:38 lavie010 pluto[30617]: |    [2 is OAKLEY_SHA1]
> Aug  3 07:35:38 lavie010 pluto[30617]: | ******parse ISAKMP Oakley
> attribute:
> Aug  3 07:35:38 lavie010 pluto[30617]: |    af+type:
> OAKLEY_GROUP_DESCRIPTION
> Aug  3 07:35:38 lavie010 pluto[30617]: |    length/value: 14
> Aug  3 07:35:38 lavie010 pluto[30617]: |    [14 is OAKLEY_GROUP_MODP2048]
> Aug  3 07:35:38 lavie010 pluto[30617]: | ******parse ISAKMP Oakley
> attribute:
> Aug  3 07:35:38 lavie010 pluto[30617]: |    af+type:
> OAKLEY_AUTHENTICATION_METHOD
> Aug  3 07:35:38 lavie010 pluto[30617]: |    length/value: 1
> Aug  3 07:35:38 lavie010 pluto[30617]: |    [1 is OAKLEY_PRESHARED_KEY]
> Aug  3 07:35:38 lavie010 pluto[30617]: | started looking for secret for
> 10.0.0.1->72.72.115.187 of kind PPK_PSK
> Aug  3 07:35:38 lavie010 pluto[30617]: | instantiating him to 0.0.0.0
> Aug  3 07:35:38 lavie010 pluto[30617]: | actually looking for secret for
> 10.0.0.1->0.0.0.0 of kind PPK_PSK
> Aug  3 07:35:38 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:38 lavie010 pluto[30617]: | 2: compared PSK 10.0.0.138 to
> 10.0.0.1 / 72.72.115.187 -> 2
> Aug  3 07:35:38 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:38 lavie010 pluto[30617]: | 2: compared PSK 192.117.103.195 to
> 10.0.0.1 / 72.72.115.187 -> 2
> Aug  3 07:35:38 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:38 lavie010 pluto[30617]: | 2: compared PSK 192.168.1.254 to
> 10.0.0.1 / 72.72.115.187 -> 2
> Aug  3 07:35:38 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:38 lavie010 pluto[30617]: | 2: compared PSK 10.0.0.1 to
> 10.0.0.1 / 72.72.115.187 -> 6
> Aug  3 07:35:38 lavie010 pluto[30617]: | best_match 0>6 best=0x89fdf38
> (line=16)
> Aug  3 07:35:38 lavie010 pluto[30617]: | concluding with best_match=6
> best=0x89fdf38 (lineno=16)
> Aug  3 07:35:38 lavie010 pluto[30617]: | ******parse ISAKMP Oakley
> attribute:
> Aug  3 07:35:38 lavie010 pluto[30617]: |    af+type: OAKLEY_LIFE_TYPE
> Aug  3 07:35:38 lavie010 pluto[30617]: |    length/value: 1
> Aug  3 07:35:38 lavie010 pluto[30617]: |    [1 is OAKLEY_LIFE_SECONDS]
> Aug  3 07:35:38 lavie010 pluto[30617]: | ******parse ISAKMP Oakley
> attribute:
> Aug  3 07:35:38 lavie010 pluto[30617]: |    af+type: OAKLEY_LIFE_DURATION
> (variable length)
> Aug  3 07:35:38 lavie010 pluto[30617]: |    length/value: 4
> Aug  3 07:35:38 lavie010 pluto[30617]: |    long duration: 28800
> Aug  3 07:35:38 lavie010 pluto[30617]: | Oakley Transform 1 accepted
> Aug  3 07:35:38 lavie010 pluto[30617]: | complete state transition with
> STF_OK
> Aug  3 07:35:38 lavie010 pluto[30617]: "L2TP-PSK-EXTERNAL"[1] 72.72.115.187
> #2: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Aug  3 07:35:38 lavie010 pluto[30617]: | sending reply packet to
> 72.72.115.187:500 (from port=500)
> Aug  3 07:35:38 lavie010 pluto[30617]: | sending 140 bytes for STATE_MAIN_R0
> through eth0:500 to 72.72.115.187:500:
> Aug  3 07:35:38 lavie010 pluto[30617]: | inserting event EVENT_RETRANSMIT,
> timeout in 10 seconds for #2
> Aug  3 07:35:38 lavie010 pluto[30617]: "L2TP-PSK-EXTERNAL"[1] 72.72.115.187
> #2: STATE_MAIN_R1: sent MR1, expecting MI2
> Aug  3 07:35:38 lavie010 pluto[30617]: | modecfg pull: noquirk policy:push
> not-client
> Aug  3 07:35:38 lavie010 pluto[30617]: | phase 1 is done, looking for phase
> 1 to unpend
> Aug  3 07:35:38 lavie010 pluto[30617]: | next event EVENT_RETRANSMIT in 9
> seconds for #1
> Aug  3 07:35:38 lavie010 pluto[30617]: |  
> Aug  3 07:35:38 lavie010 pluto[30617]: | *received 360 bytes from
> 72.72.115.187:500 on eth0 (port=500)
> Aug  3 07:35:38 lavie010 pluto[30617]: | **parse ISAKMP Message:
> Aug  3 07:35:38 lavie010 pluto[30617]: |    initiator cookie:
> Aug  3 07:35:38 lavie010 pluto[30617]: |   0c 2b 55 a7  6e e5 b6 c4
> Aug  3 07:35:38 lavie010 pluto[30617]: |    responder cookie:
> Aug  3 07:35:38 lavie010 pluto[30617]: |   e5 94 45 5f  b5 ac 1d f3
> Aug  3 07:35:38 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_KE
> Aug  3 07:35:38 lavie010 pluto[30617]: |    ISAKMP version: ISAKMP Version
> 1.0
> Aug  3 07:35:38 lavie010 pluto[30617]: |    exchange type:
> ISAKMP_XCHG_IDPROT
> Aug  3 07:35:38 lavie010 pluto[30617]: |    flags: none
> Aug  3 07:35:38 lavie010 pluto[30617]: |    message ID:  00 00 00 00
> Aug  3 07:35:38 lavie010 pluto[30617]: |    length: 360
> Aug  3 07:35:38 lavie010 pluto[30617]: |  processing packet with exchange
> type=ISAKMP_XCHG_IDPROT (2)
> Aug  3 07:35:38 lavie010 pluto[30617]: | ICOOKIE:  0c 2b 55 a7  6e e5 b6 c4
> Aug  3 07:35:38 lavie010 pluto[30617]: | RCOOKIE:  e5 94 45 5f  b5 ac 1d f3
> Aug  3 07:35:38 lavie010 pluto[30617]: | peer:  48 48 73 bb
> Aug  3 07:35:38 lavie010 pluto[30617]: | state hash entry 14
> Aug  3 07:35:38 lavie010 pluto[30617]: | peer and cookies match on #1,
> provided msgid 00000000 vs 00000000
> Aug  3 07:35:38 lavie010 pluto[30617]: | state object #1 found, in
> STATE_MAIN_R1
> Aug  3 07:35:38 lavie010 pluto[30617]: | processing connection
> L2TP-PSK-EXTERNAL[1] 72.72.115.187
> Aug  3 07:35:38 lavie010 pluto[30617]: | ***parse ISAKMP Key Exchange
> Payload:
> Aug  3 07:35:38 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_NONCE
> Aug  3 07:35:38 lavie010 pluto[30617]: |    length: 260
> Aug  3 07:35:38 lavie010 pluto[30617]: | ***parse ISAKMP Nonce Payload:
> Aug  3 07:35:38 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_NAT-D
> Aug  3 07:35:39 lavie010 pluto[30617]: |    length: 24
> Aug  3 07:35:39 lavie010 pluto[30617]: | ***parse ISAKMP NAT-D Payload:
> Aug  3 07:35:39 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_NAT-D
> Aug  3 07:35:39 lavie010 pluto[30617]: |    length: 24
> Aug  3 07:35:39 lavie010 pluto[30617]: | ***parse ISAKMP NAT-D Payload:
> Aug  3 07:35:39 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_NONE
> Aug  3 07:35:39 lavie010 pluto[30617]: |    length: 24
> Aug  3 07:35:39 lavie010 pluto[30617]: "L2TP-PSK-EXTERNAL"[1] 72.72.115.187
> #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are
> NATed
> Aug  3 07:35:39 lavie010 pluto[30617]: | inserting event
> EVENT_NAT_T_KEEPALIVE, timeout in 20 seconds
> Aug  3 07:35:39 lavie010 pluto[30617]: | 0: w->pcw_dead: 0 w->pcw_work: 0
> cnt: 1
> Aug  3 07:35:39 lavie010 pluto[30617]: | asking helper 0 to do build_kenonce
> op on seq: 1
> Aug  3 07:35:39 lavie010 pluto[30617]: | inserting event
> EVENT_CRYPTO_FAILED, timeout in 300 seconds for #1
> Aug  3 07:35:39 lavie010 pluto[30623]: ! helper -1 doing build_kenonce op
> id: 1
> Aug  3 07:35:39 lavie010 pluto[30617]: | complete state transition with
> STF_SUSPEND
> Aug  3 07:35:39 lavie010 pluto[30617]: | next event EVENT_RETRANSMIT in 9
> seconds for #2
> Aug  3 07:35:39 lavie010 pluto[30617]: |  
> Aug  3 07:35:39 lavie010 pluto[30617]: | *received 360 bytes from
> 72.72.115.187:500 on eth0 (port=500)
> Aug  3 07:35:39 lavie010 pluto[30617]: | **parse ISAKMP Message:
> Aug  3 07:35:39 lavie010 pluto[30617]: |    initiator cookie:
> Aug  3 07:35:39 lavie010 pluto[30617]: |   0c 2b 55 a7  6e e5 b6 c4
> Aug  3 07:35:39 lavie010 pluto[30617]: |    responder cookie:
> Aug  3 07:35:39 lavie010 pluto[30617]: |   e5 94 45 5f  b5 ac 1d f3
> Aug  3 07:35:39 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_KE
> Aug  3 07:35:39 lavie010 pluto[30617]: |    ISAKMP version: ISAKMP Version
> 1.0
> Aug  3 07:35:39 lavie010 pluto[30617]: |    exchange type:
> ISAKMP_XCHG_IDPROT
> Aug  3 07:35:39 lavie010 pluto[30617]: |    flags: none
> Aug  3 07:35:39 lavie010 pluto[30617]: |    message ID:  00 00 00 00
> Aug  3 07:35:39 lavie010 pluto[30617]: |    length: 360
> Aug  3 07:35:39 lavie010 pluto[30617]: |  processing packet with exchange
> type=ISAKMP_XCHG_IDPROT (2)
> Aug  3 07:35:39 lavie010 pluto[30617]: | ICOOKIE:  0c 2b 55 a7  6e e5 b6 c4
> Aug  3 07:35:39 lavie010 pluto[30617]: | RCOOKIE:  e5 94 45 5f  b5 ac 1d f3
> Aug  3 07:35:39 lavie010 pluto[30617]: | peer:  48 48 73 bb
> Aug  3 07:35:39 lavie010 pluto[30617]: | state hash entry 14
> Aug  3 07:35:39 lavie010 pluto[30617]: | peer and cookies match on #1,
> provided msgid 00000000 vs 00000000
> Aug  3 07:35:39 lavie010 pluto[30617]: | state object #1 found, in
> STATE_MAIN_R1
> Aug  3 07:35:39 lavie010 pluto[30617]: | processing connection
> L2TP-PSK-EXTERNAL[1] 72.72.115.187
> Aug  3 07:35:39 lavie010 pluto[30617]: "L2TP-PSK-EXTERNAL"[1] 72.72.115.187
> #1: discarding packet received during asynchronous work (DNS or crypto) in
> STATE_MAIN_R1
> Aug  3 07:35:39 lavie010 pluto[30617]: | next event EVENT_RETRANSMIT in 9
> seconds for #2
> Aug  3 07:35:39 lavie010 pluto[30617]: | processing connection
> L2TP-PSK-EXTERNAL[1] 72.72.115.187
> Aug  3 07:35:39 lavie010 pluto[30617]: | started looking for secret for
> 10.0.0.1->72.72.115.187 of kind PPK_PSK
> Aug  3 07:35:39 lavie010 pluto[30617]: | instantiating him to 0.0.0.0
> Aug  3 07:35:39 lavie010 pluto[30617]: | actually looking for secret for
> 10.0.0.1->0.0.0.0 of kind PPK_PSK
> Aug  3 07:35:39 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:39 lavie010 pluto[30617]: | 2: compared PSK 10.0.0.138 to
> 10.0.0.1 / 72.72.115.187 -> 2
> Aug  3 07:35:39 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:39 lavie010 pluto[30617]: | 2: compared PSK 192.117.103.195 to
> 10.0.0.1 / 72.72.115.187 -> 2
> Aug  3 07:35:39 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:39 lavie010 pluto[30617]: | 2: compared PSK 192.168.1.254 to
> 10.0.0.1 / 72.72.115.187 -> 2
> Aug  3 07:35:39 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:39 lavie010 pluto[30617]: | 2: compared PSK 10.0.0.1 to
> 10.0.0.1 / 72.72.115.187 -> 6
> Aug  3 07:35:39 lavie010 pluto[30617]: | best_match 0>6 best=0x89fdf38
> (line=16)
> Aug  3 07:35:39 lavie010 pluto[30617]: | concluding with best_match=6
> best=0x89fdf38 (lineno=16)
> Aug  3 07:35:39 lavie010 pluto[30617]: | complete state transition with
> STF_OK
> Aug  3 07:35:39 lavie010 pluto[30617]: "L2TP-PSK-EXTERNAL"[1] 72.72.115.187
> #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Aug  3 07:35:39 lavie010 pluto[30617]: | sending reply packet to
> 72.72.115.187:500 (from port=500)
> Aug  3 07:35:39 lavie010 pluto[30617]: | sending 356 bytes for STATE_MAIN_R1
> through eth0:500 to 72.72.115.187:500:
> Aug  3 07:35:39 lavie010 pluto[30617]: | inserting event EVENT_RETRANSMIT,
> timeout in 10 seconds for #1
> Aug  3 07:35:39 lavie010 pluto[30617]: "L2TP-PSK-EXTERNAL"[1] 72.72.115.187
> #1: STATE_MAIN_R2: sent MR2, expecting MI3
> Aug  3 07:35:39 lavie010 pluto[30617]: | modecfg pull: noquirk policy:push
> not-client
> Aug  3 07:35:39 lavie010 pluto[30617]: | phase 1 is done, looking for phase
> 1 to unpend
> Aug  3 07:35:39 lavie010 pluto[30617]: | next event EVENT_RETRANSMIT in 9
> seconds for #2
> Aug  3 07:35:40 lavie010 pluto[30617]: |  
> Aug  3 07:35:40 lavie010 pluto[30617]: | *received 100 bytes from
> 72.72.115.187:50576 on eth0 (port=4500)
> Aug  3 07:35:40 lavie010 pluto[30617]: | **parse ISAKMP Message:
> Aug  3 07:35:40 lavie010 pluto[30617]: |    initiator cookie:
> Aug  3 07:35:40 lavie010 pluto[30617]: |   0c 2b 55 a7  6e e5 b6 c4
> Aug  3 07:35:40 lavie010 pluto[30617]: |    responder cookie:
> Aug  3 07:35:40 lavie010 pluto[30617]: |   e5 94 45 5f  b5 ac 1d f3
> Aug  3 07:35:40 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_ID
> Aug  3 07:35:40 lavie010 pluto[30617]: |    ISAKMP version: ISAKMP Version
> 1.0
> Aug  3 07:35:40 lavie010 pluto[30617]: |    exchange type:
> ISAKMP_XCHG_IDPROT
> Aug  3 07:35:40 lavie010 pluto[30617]: |    flags: ISAKMP_FLAG_ENCRYPTION
> Aug  3 07:35:40 lavie010 pluto[30617]: |    message ID:  00 00 00 00
> Aug  3 07:35:40 lavie010 pluto[30617]: |    length: 100
> Aug  3 07:35:40 lavie010 pluto[30617]: |  processing packet with exchange
> type=ISAKMP_XCHG_IDPROT (2)
> Aug  3 07:35:40 lavie010 pluto[30617]: | ICOOKIE:  0c 2b 55 a7  6e e5 b6 c4
> Aug  3 07:35:40 lavie010 pluto[30617]: | RCOOKIE:  e5 94 45 5f  b5 ac 1d f3
> Aug  3 07:35:40 lavie010 pluto[30617]: | peer:  48 48 73 bb
> Aug  3 07:35:40 lavie010 pluto[30617]: | state hash entry 14
> Aug  3 07:35:40 lavie010 pluto[30617]: | peer and cookies match on #1,
> provided msgid 00000000 vs 00000000
> Aug  3 07:35:40 lavie010 pluto[30617]: | state object #1 found, in
> STATE_MAIN_R2
> Aug  3 07:35:40 lavie010 pluto[30617]: | processing connection
> L2TP-PSK-EXTERNAL[1] 72.72.115.187
> Aug  3 07:35:40 lavie010 pluto[30617]: | ***parse ISAKMP Identification
> Payload:
> Aug  3 07:35:40 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_HASH
> Aug  3 07:35:40 lavie010 pluto[30617]: |    length: 44
> Aug  3 07:35:40 lavie010 pluto[30617]: |    ID type: ID_FQDN
> Aug  3 07:35:40 lavie010 pluto[30617]: |    DOI specific A: 0
> Aug  3 07:35:40 lavie010 pluto[30617]: |    DOI specific B: 0
> Aug  3 07:35:40 lavie010 pluto[30617]: | ***parse ISAKMP Hash Payload:
> Aug  3 07:35:40 lavie010 pluto[30617]: |    next payload type:
> ISAKMP_NEXT_NONE
> Aug  3 07:35:40 lavie010 pluto[30617]: |    length: 24
> Aug  3 07:35:40 lavie010 pluto[30617]: | removing 4 bytes of padding
> Aug  3 07:35:40 lavie010 pluto[30617]: "L2TP-PSK-EXTERNAL"[1] 72.72.115.187
> #1: Main mode peer ID is ID_FQDN: '@LAVIED610.chdomain.careerharmony.com'
> Aug  3 07:35:40 lavie010 pluto[30617]: | started looking for secret for
> 10.0.0.1->72.72.115.187 of kind PPK_PSK
> Aug  3 07:35:40 lavie010 pluto[30617]: | instantiating him to 0.0.0.0
> Aug  3 07:35:40 lavie010 pluto[30617]: | actually looking for secret for
> 10.0.0.1->0.0.0.0 of kind PPK_PSK
> Aug  3 07:35:40 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 2: compared PSK 10.0.0.138 to
> 10.0.0.1 / 72.72.115.187 -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 2: compared PSK 192.117.103.195 to
> 10.0.0.1 / 72.72.115.187 -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 2: compared PSK 192.168.1.254 to
> 10.0.0.1 / 72.72.115.187 -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / 72.72.115.187 -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 2: compared PSK 10.0.0.1 to
> 10.0.0.1 / 72.72.115.187 -> 6
> Aug  3 07:35:40 lavie010 pluto[30617]: | best_match 0>6 best=0x89fdf38
> (line=16)
> Aug  3 07:35:40 lavie010 pluto[30617]: | concluding with best_match=6
> best=0x89fdf38 (lineno=16)
> Aug  3 07:35:40 lavie010 pluto[30617]: | started looking for secret for
> 10.0.0.1->(none) of kind PPK_PSK
> Aug  3 07:35:40 lavie010 pluto[30617]: | replace him to 0.0.0.0
> Aug  3 07:35:40 lavie010 pluto[30617]: | actually looking for secret for
> 10.0.0.1->0.0.0.0 of kind PPK_PSK
> Aug  3 07:35:40 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / (none) -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 2: compared PSK 10.0.0.138 to
> 10.0.0.1 / (none) -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / (none) -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 2: compared PSK 192.117.103.195 to
> 10.0.0.1 / (none) -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / (none) -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 2: compared PSK 192.168.1.254 to
> 10.0.0.1 / (none) -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 1: compared PSK 0.0.0.0 to 10.0.0.1
> / (none) -> 2
> Aug  3 07:35:40 lavie010 pluto[30617]: | 2: compared PSK 10.0.0.1 to
> 10.0.0.1 / (none) -> 6
> Aug  3 07:35:40 lavie010 pluto[30617]: | best_match 0>6 best=0x89fdf38
> (line=16)
> Aug  3 07:35:40 lavie010 pluto[30617]: | concluding with best_match=6
> best=0x89fdf38 (lineno=16)
> Aug  3 07:35:40 lavie010 pluto[30617]: | offered CA: '%none'
> Aug  3 07:35:40 lavie010 pluto[30617]: | switched from "L2TP-PSK-EXTERNAL"
> to "L2TP-PSK-EXTERNAL"
> Aug  3 07:35:40 lavie010 pluto[30617]: | instantiated "L2TP-PSK-EXTERNAL"
> for 72.72.115.187
> Aug  3 07:35:40 lavie010 pluto[30617]: | processing connection
> L2TP-PSK-EXTERNAL[2] 72.72.115.187
> Aug  3 07:35:40 lavie010 pluto[30617]: | thinking about whether to send my
> certificate:
> Aug  3 07:35:40 lavie010 pluto[30617]: |   I have RSA key:
> OAKLEY_PRESHARED_KEY cert.type: CERT_NONE 
> Aug  3 07:35:40 lavie010 pluto[30617]: |   sendcert: CERT_ALWAYSSEND and I
> did not get a certificate request 
> Aug  3 07:35:40 lavie010 pluto[30617]: |   so do not send cert.
> Aug  3 07:35:40 lavie010 pluto[30617]: "L2TP-PSK-EXTERNAL"[2] 72.72.115.187
> #1: I did not send a certificate because I do not have one.
> Aug  3 07:35:40 lavie010 pluto[30617]: | complete state transition with
> STF_OK
> Aug  3 07:35:40 lavie010 pluto[30617]: "L2TP-PSK-EXTERNAL"[2] 72.72.115.187
> #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> ==========================
> 
> 
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan: 
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> 



More information about the Users mailing list