[Openswan Users] connection- after about 1 hour goes down.

Paul Wouters paul at xelerance.com
Thu Jul 13 20:42:48 CEST 2006 

On Thu, 13 Jul 2006, Adam Gawda wrote:

> Subject: Re: [Openswan Users] connection- after about 1 hour goes down.
>
> when it's working I have:
> --------------------------------------

Can you get me the logs with plutodebug=none, and show me a continious log
of the connection being setup when it works, upto and including the failure.
The logs below is not covering all the information I'd like to see (and
spams a bit with needless internals)

Thanks,

Paul

> Jul 13 12:31:54 rt_1 pluto[12574]: | *time to handle event
> Jul 13 12:31:54 rt_1 pluto[12574]: | event after this is EVENT_SA_REPLACE
> in 162 seconds
> Jul 13 12:31:54 rt_1 pluto[12574]: | ka_event: send NAT-KA to
> x.x.x.x:4500
> Jul 13 12:31:54 rt_1 pluto[12574]: | sending 1 bytes for NAT-T Keep Alive
> through eth0 to x.x.x.x:4500:
> Jul 13 12:31:54 rt_1 pluto[12574]: |   ff
> Jul 13 12:31:54 rt_1 pluto[12574]: | inserting event
> EVENT_NAT_T_KEEPALIVE, timeout in 20 seconds
> Jul 13 12:31:54 rt_1 pluto[12574]: | next event EVENT_NAT_T_KEEPALIVE in
> 20 seconds
> Jul 13 12:32:14 rt_1 pluto[12574]: |
> Jul 13 12:32:14 rt_1 pluto[12574]: | *time to handle event
> Jul 13 12:32:14 rt_1 pluto[12574]: | event after this is EVENT_SA_REPLACE
> in 142 seconds
> Jul 13 12:32:14 rt_1 pluto[12574]: | ka_event: send NAT-KA to
> x.x.x.x:4500
> Jul 13 12:32:14 rt_1 pluto[12574]: | sending 1 bytes for NAT-T Keep Alive
> through eth0 to x.x.x.x:4500:
>
>
> after a few minutes I have..and doesn't work:
> -----------------------------------------------------------------------
>
> Jul 13 12:43:14 rt_1 pluto[12574]: |
> Jul 13 12:43:14 rt_1 pluto[12574]: | *time to handle event
> Jul 13 12:43:14 rt_1 pluto[12574]: | event after this is EVENT_RETRANSMIT
> in 33 seconds
> Jul 13 12:43:14 rt_1 pluto[12574]: | ka_event: send NAT-KA to
> x.x.x.x:4500
> Jul 13 12:43:14 rt_1 pluto[12574]: | sending 1 bytes for NAT-T Keep Alive
> through eth0 to x.x.x.x:4500:
> Jul 13 12:43:14 rt_1 pluto[12574]: |   ff
> Jul 13 12:43:14 rt_1 pluto[12574]: | inserting event
> EVENT_NAT_T_KEEPALIVE, timeout in 20 seconds
> Jul 13 12:43:14 rt_1 pluto[12574]: | next event EVENT_NAT_T_KEEPALIVE in
> 20 seconds
> Jul 13 12:43:34 rt_1 pluto[12574]: |
> Jul 13 12:43:34 rt_1 pluto[12574]: | *time to handle event
> Jul 13 12:43:34 rt_1 pluto[12574]: | event after this is EVENT_RETRANSMIT
> in 13 seconds
> Jul 13 12:43:34 rt_1 pluto[12574]: | ka_event: send NAT-KA to
> x.x.x.x:4500
> Jul 13 12:43:34 rt_1 pluto[12574]: | sending 1 bytes for NAT-T Keep Alive
> through eth0 to x.x.x.x:4500:
> Jul 13 12:43:34 rt_1 pluto[12574]: |   ff
> Jul 13 12:43:34 rt_1 pluto[12574]: | inserting event
> EVENT_NAT_T_KEEPALIVE, timeout in 20 seconds
> Jul 13 12:43:34 rt_1 pluto[12574]: | next event EVENT_RETRANSMIT in 13
> seconds for #3
> Jul 13 12:43:47 rt_1 pluto[12574]: |
> Jul 13 12:43:47 rt_1 pluto[12574]: | *time to handle event
> Jul 13 12:43:47 rt_1 pluto[12574]: | event after this is
> EVENT_NAT_T_KEEPALIVE in 7 seconds
> Jul 13 12:43:47 rt_1 pluto[12574]: | handling event EVENT_RETRANSMIT for
> x.x.x.x "alfa-watchguard" #3
> Jul 13 12:43:47 rt_1 pluto[12574]: | sending 236 bytes for
> EVENT_RETRANSMIT through eth0 to x.x.x.x:4500:
> Jul 13 12:43:47 rt_1 pluto[12574]: |   43 3b ec 86  81 fc f2 5b  00 00 00
> 00  00 00 00 00
> Jul 13 12:43:47 rt_1 pluto[12574]: |   01 10 02 00  00 00 00 00  00 00 00
> ec  0d 00 00 94
> Jul 13 12:43:47 rt_1 pluto[12574]: |   00 00 00 01  00 00 00 01  00 00 00
> 88  00 01 00 04
> Jul 13 12:43:47 rt_1 pluto[12574]: |   03 00 00 20  00 01 00 00  80 0b 00
> 01  80 0c 0e 10
> Jul 13 12:43:47 rt_1 pluto[12574]: |   80 01 00 05  80 02 00 01  80 03 00
> 01  80 04 00 05
> Jul 13 12:43:47 rt_1 pluto[12574]: |   03 00 00 20  01 01 00 00  80 0b 00
> 01  80 0c 0e 10
> Jul 13 12:43:47 rt_1 pluto[12574]: |   80 01 00 05  80 02 00 01  80 03 00
> 01  80 04 00 02
> Jul 13 12:43:47 rt_1 pluto[12574]: |   03 00 00 20  02 01 00 00  80 0b 00
> 01  80 0c 0e 10
> Jul 13 12:43:48 rt_1 pluto[12574]: |   80 01 00 05  80 02 00 02  80 03 00
> 01  80 04 00 05
> Jul 13 12:43:48 rt_1 pluto[12574]: |   00 00 00 20  03 01 00 00  80 0b 00
> 01  80 0c 0e 10
> Jul 13 12:43:48 rt_1 pluto[12574]: |   80 01 00 05  80 02 00 02  80 03 00
> 01  80 04 00 02
> Jul 13 12:43:48 rt_1 pluto[12574]: |   0d 00 00 14  7d 94 19 a6  53 10 ca
> 6f  2c 17 9d 92
> Jul 13 12:43:48 rt_1 pluto[12574]: |   15 52 9d 56  0d 00 00 14  cd 60 46
> 43  35 df 21 f8
> Jul 13 12:43:48 rt_1 pluto[12574]: |   18 b6 bb cd  0b e8 a8 46  95 79 dd
> cc
> Jul 13 12:43:48 rt_1 pluto[12574]: | inserting event EVENT_RETRANSMIT,
> timeout in 40 seconds for #3
> Jul 13 12:43:48 rt_1 pluto[12574]: | next event EVENT_NAT_T_KEEPALIVE in
> 6 seconds
> Jul 13 12:43:54 rt_1 pluto[12574]: |
> Jul 13 12:43:54 rt_1 pluto[12574]: | *time to handle event
> Jul 13 12:43:54 rt_1 pluto[12574]: | event after this is EVENT_RETRANSMIT
> in 34 seconds
> Jul 13 12:43:54 rt_1 pluto[12574]: | ka_event: send NAT-KA to
> x.x.x.x:4500
> Jul 13 12:43:54 rt_1 pluto[12574]: | sending 1 bytes for NAT-T Keep Alive
> through eth0 to x.x.x.x:4500:
> Jul 13 12:43:54 rt_1 pluto[12574]: |   ff
> Jul 13 12:43:54 rt_1 pluto[12574]: | inserting event
> EVENT_NAT_T_KEEPALIVE, timeout in 20 seconds
> Jul 13 12:43:54 rt_1 pluto[12574]: | next event EVENT_NAT_T_KEEPALIVE in
> 20 seconds
> Jul 13 12:44:14 rt_1 pluto[12574]: |
> Jul 13 12:44:14 rt_1 pluto[12574]: | *time to handle event
> Jul 13 12:44:14 rt_1 pluto[12574]: | event after this is EVENT_RETRANSMIT
> in 14 seconds
> Jul 13 12:44:14 rt_1 pluto[12574]: | ka_event: send NAT-KA to
> x.x.x.x:4500
> Jul 13 12:44:14 rt_1 pluto[12574]: | sending 1 bytes for NAT-T Keep Alive
> through eth0 to x.x.x.x:4500:
> Jul 13 12:44:14 rt_1 pluto[12574]: |   ff
> Jul 13 12:44:14 rt_1 pluto[12574]: | inserting event
> EVENT_NAT_T_KEEPALIVE, timeout in 20 seconds
> Jul 13 12:44:14 rt_1 pluto[12574]: | next event EVENT_RETRANSMIT in 14
> seconds for #3
>
>
>
>
>
> Paul Wouters wrote:
>
>  On Thu, 13 Jul 2006, Adam Gawda wrote:
>
>
>
>  I have problem with conneciton between linux machine (kernel 2.6, trustix-ip:
> y.y.y.y) and router watchguard (ip x.x.x.x). The connection is up but after
> about 1 houer goes down.
> First I have:
> 11:52:34.024491 IP y.y.y.y.4500 > x.x.x.x.4500: UDP, length: 1
> 11:52:35.076491 IP x.x.x.x.4500 > y.y.y.y.4500: UDP, length: 1
> 11:52:54.025762 IP y.y.y.y.4500 > x.x.x.x.4500: UDP, length: 1
> 11:52:55.073841 IP x.x.x.x.4500 > y.y.y.y.4500: UDP, length: 1
> and when connection goes down:
> 11:50:41.889449 IP x.x.x.x.isakmp > y.y.y.y.4500: isakmp: phase 1 ? ident
> 11:51:11.937249 IP x.x.x.x.isakmp > y.y.y.y.4500: isakmp: phase 1 ? ident
> 11:51:21.876927 IP y.y.y.y.4500 > x.x.x.x.4500: UDP, length: 240
> 11:51:21.923872 IP x.x.x.x.isakmp > y.y.y.y.4500: isakmp: phase 1 ? ident
> 11:51:32.524673 IP x.x.x.x.isakmp > y.y.y.y.4500: isakmp: phase 1 ? ident
> 11:51:32.525172 IP x.x.x.x.isakmp > y.y.y.y.4500: isakmp: phase 1 ? ident
>
>
>  This does not tell us anything. Show us the pluto logs of the openswan
> server when this happens.
>
> Paui
>
>
>
>
>
>
>

-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

More information about the Users mailing list