[Openswan Users] Windows Xp client to openswan

Paul Wouters paul at xelerance.com
Fri Mar 17 21:10:30 CET 2006


On Fri, 17 Mar 2006, Can Akalin wrote:

>  3-17: 14:21:23:750:4a8 CE Dead. sa:00103838 ce:0014F288 status:35ef
>
>  3-17: 14:22:38:281:f24 isadb_schedule_kill_oldPolicy_sas:
> 0121e593-e8f5-4db1-ba9b55526764191c 4

I am not sure what this means.

>  3-17: 14:22:38:281:4a8 QM Deleted. Notify from driver: Src 192.168.1.72Dest
> 10.10.10.0 InSPI 2102453735 OutSpi 2638595035  Tunnel 3701a8c0 TunnelFilter

Nor this.

>  3-17: 14:22:38:281:4a8 Construct QM Delete Spi 2102453735
>
>  3-17: 14:22:38:281:4a8 constructing HASH (Notify/Delete)

But here it is hanging up.

> Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[3] 192.168.1.72 #3:
> STATE_MAIN_R2: sent MR2, expecting MI3
>
> Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[3] 192.168.1.72 #3:
> Main mode peer ID is ID_DER_ASN1_DN: 'C=CA, ST=Ontario, O=Springboard Retail
> Networks Inc., CN=laptop, E=laptop at springboardnetworks.com'
>
> Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[4] 192.168.1.72 #3:
> deleting connection "roadwarrior" instance with peer
> 192.168.1.72{isakmp=#0/ipsec=#0}

Note that you seem to be trying to connect multiple times. Instance 3 and 4
seem to be racing.

> Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior-net"[2]
> 192.168.1.72#4: STATE_QUICK_R2: IPsec SA established {ESP=>0x7d50e5e7
> <0x9d45c3db
> xfrm=3DES_0-HMAC_MD5 NATD=192.168.1.72:4500 DPD=none}

And it does establish.

> Mar 17 14:22:59 linuxserver pluto[6001]: "roadwarrior"[4] 192.168.1.72 #3:
> received Delete SA(0x7d50e5e7) payload: deleting IPSEC State #4

But here it receives the delete from windows and terminates the connection.

Can you try and restart both ends. Eg on linux to: ipsec setup restart
and on windows do: net stop policyagent and net start policyagent.
(or reboot windows)

Paul
-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155


More information about the Users mailing list