[Openswan Users] Openswan issues
Kenneth Bergholm
kenneth.bergholm at tidax.se
Wed Apr 18 02:15:03 EDT 2007
Hi!
I'm having big problems with Openswan and vpn access against two different
offices.
One new office has a Watchguard firewall (I'm using PSK for this connection)
and it works fine, no problems to bring up
The Vpn tunnel. The other office has a Linux firewall with Stronswan Ipsec
(using certificates).
Our current firewall at our office are running Freeswan 1.99 and works fine
against the Strongswan ipsec firewall.
The thing is that I wan't to change firewall to the new one with Openswan
and get I to work both against office 1 and office 2.
When I got the watchguard tunnel to work, I added the configuration from the
old firewall (1.99) to new Openswans firewalls ipsec.conf.
I also copied the certificates and edited the ipsec.secrets to be correct...
But I don't get it to work!!!
Anyone has a clue on what I'm doing wrong!!!
Here is a output from Ipsec barf:
Apr 18 07:17:36 tidaxIpcop ipsec_setup: ...Openswan IPsec started
Apr 18 07:17:36 tidaxIpcop pluto[2818]: ike_alg_register_enc(): Activating
OAKLEY_AES_CBC: Ok (ret=0)
Apr 18 07:17:36 tidaxIpcop pluto[2818]: ike_alg_register_enc(): Activating
OAKLEY_BLOWFISH_CBC: Ok (ret=0)
Apr 18 07:17:36 tidaxIpcop pluto[2818]: ike_alg_register_enc(): Activating
OAKLEY_CAST_CBC: Ok (ret=0)
Apr 18 07:17:36 tidaxIpcop pluto[2818]: ike_alg_register_enc(): Activating
OAKLEY_SERPENT_CBC: Ok (ret=0)
Apr 18 07:17:36 tidaxIpcop pluto[2818]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_256: Ok (ret=0)
Apr 18 07:17:36 tidaxIpcop pluto[2818]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_512: Ok (ret=0)
Apr 18 07:17:36 tidaxIpcop pluto[2818]: ike_alg_register_enc(): Activating
OAKLEY_TWOFISH_CBC: Ok (ret=0)
Apr 18 07:17:36 tidaxIpcop pluto[2818]: ike_alg_register_enc(): Activating
OAKLEY_SSH_PRIVATE_65289: Ok (ret=0)
Apr 18 07:17:36 tidaxIpcop pluto[2818]: Changing to directory
'/etc/ipsec.d/cacerts'
Apr 18 07:17:36 tidaxIpcop pluto[2818]: loaded cacert file 'caCert.pem'
(1460 bytes)
Apr 18 07:17:36 tidaxIpcop pluto[2818]: Changing to directory
'/etc/ipsec.d/crls'
Apr 18 07:17:36 tidaxIpcop pluto[2818]: loaded crl file 'cacrl.pem' (682
bytes)
Apr 18 07:17:36 tidaxIpcop pluto[2818]: crl issuer cacert not found
Apr 18 07:17:36 tidaxIpcop pluto[2818]: OpenPGP certificate file
'/etc/pgpcert.pgp' not found
Apr 18 07:17:37 tidaxIpcop pluto[2818]: | from whack: got --esp=3des
Apr 18 07:17:37 tidaxIpcop pluto[2818]: | from whack: got --ike=3des
Apr 18 07:17:37 tidaxIpcop pluto[2818]: loaded host cert file
'/etc/ipsec.d/fw1.tidax.se.pem' (1346 bytes)
Apr 18 07:17:37 tidaxIpcop pluto[2818]: loaded host cert file
'/etc/ipsec.d/fw3.tidax.se.pem' (1346 bytes)
Apr 18 07:17:37 tidaxIpcop pluto[2818]: added connection description
"fw-fw3"
Apr 18 07:17:37 tidaxIpcop pluto[2818]: listening for IKE messages
Apr 18 07:17:37 tidaxIpcop pluto[2818]: adding interface ipsec0/eth1
195.178.169.130
Apr 18 07:17:37 tidaxIpcop pluto[2818]: adding interface ipsec0/eth1
195.178.169.130:4500
Apr 18 07:17:37 tidaxIpcop pluto[2818]: loading secrets from
"/etc/ipsec.secrets"
Apr 18 07:17:37 tidaxIpcop pluto[2818]: loaded private key file
'/etc/ipsec.d/private/fw1Key.pem' (963 bytes)
Apr 18 07:17:37 tidaxIpcop pluto[2818]: "fw-fw3" #1: initiating Main Mode
Apr 18 07:17:37 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:17:37 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:17:47 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:17:47 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:18:07 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:18:07 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:18:47 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:18:47 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:19:19 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
Quick Mode message is for a non-existent (expired?) ISAKMP SA
Apr 18 07:19:27 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:19:27 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:19:29 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
Quick Mode message is for a non-existent (expired?) ISAKMP SA
Apr 18 07:19:49 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
Quick Mode message is for a non-existent (expired?) ISAKMP SA
Apr 18 07:20:07 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:20:07 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:20:29 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
Quick Mode message is for a non-existent (expired?) ISAKMP SA
Apr 18 07:20:39 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
Quick Mode message is for a non-existent (expired?) ISAKMP SA
Apr 18 07:20:47 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:20:47 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:20:59 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
Quick Mode message is for a non-existent (expired?) ISAKMP SA
Apr 18 07:21:27 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:21:27 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:21:32 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring Vendor ID payload [b8f92b2fa2d3fe5fe158344bda1cc6ae]
Apr 18 07:21:32 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received Vendor ID payload [Dead Peer Detection]
Apr 18 07:21:32 tidaxIpcop pluto[2818]: "fw-fw3" #2: responding to Main Mode
Apr 18 07:21:32 tidaxIpcop pluto[2818]: "fw-fw3" #2: policy does not allow
OAKLEY_RSA_SIG authentication. Attribute OAKLEY_AUTHENTICATION_METHOD
Apr 18 07:21:32 tidaxIpcop pluto[2818]: "fw-fw3" #2: no acceptable Oakley
Transform
Apr 18 07:21:32 tidaxIpcop pluto[2818]: "fw-fw3" #2: sending notification
NO_PROPOSAL_CHOSEN to 212.181.91.211:500
Apr 18 07:21:42 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring Vendor ID payload [b8f92b2fa2d3fe5fe158344bda1cc6ae]
Apr 18 07:21:42 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received Vendor ID payload [Dead Peer Detection]
Apr 18 07:21:42 tidaxIpcop pluto[2818]: "fw-fw3" #3: responding to Main Mode
Apr 18 07:21:42 tidaxIpcop pluto[2818]: "fw-fw3" #3: policy does not allow
OAKLEY_RSA_SIG authentication. Attribute OAKLEY_AUTHENTICATION_METHOD
Apr 18 07:21:42 tidaxIpcop pluto[2818]: "fw-fw3" #3: no acceptable Oakley
Transform
Apr 18 07:21:42 tidaxIpcop pluto[2818]: "fw-fw3" #3: sending notification
NO_PROPOSAL_CHOSEN to 212.181.91.211:500
Apr 18 07:22:02 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring Vendor ID payload [b8f92b2fa2d3fe5fe158344bda1cc6ae]
Apr 18 07:22:02 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received Vendor ID payload [Dead Peer Detection]
Apr 18 07:22:02 tidaxIpcop pluto[2818]: "fw-fw3" #4: responding to Main Mode
Apr 18 07:22:02 tidaxIpcop pluto[2818]: "fw-fw3" #4: policy does not allow
OAKLEY_RSA_SIG authentication. Attribute OAKLEY_AUTHENTICATION_METHOD
Apr 18 07:22:02 tidaxIpcop pluto[2818]: "fw-fw3" #4: no acceptable Oakley
Transform
Apr 18 07:22:02 tidaxIpcop pluto[2818]: "fw-fw3" #4: sending notification
NO_PROPOSAL_CHOSEN to 212.181.91.211:500
Apr 18 07:22:07 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:22:07 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:22:42 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring Vendor ID payload [b8f92b2fa2d3fe5fe158344bda1cc6ae]
Apr 18 07:22:42 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received Vendor ID payload [Dead Peer Detection]
Apr 18 07:22:42 tidaxIpcop pluto[2818]: "fw-fw3" #5: responding to Main Mode
Apr 18 07:22:42 tidaxIpcop pluto[2818]: "fw-fw3" #5: policy does not allow
OAKLEY_RSA_SIG authentication. Attribute OAKLEY_AUTHENTICATION_METHOD
Apr 18 07:22:42 tidaxIpcop pluto[2818]: "fw-fw3" #5: no acceptable Oakley
Transform
Apr 18 07:22:42 tidaxIpcop pluto[2818]: "fw-fw3" #5: sending notification
NO_PROPOSAL_CHOSEN to 212.181.91.211:500
Apr 18 07:22:47 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:22:47 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:23:22 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring Vendor ID payload [b8f92b2fa2d3fe5fe158344bda1cc6ae]
Apr 18 07:23:22 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received Vendor ID payload [Dead Peer Detection]
Apr 18 07:23:22 tidaxIpcop pluto[2818]: "fw-fw3" #6: responding to Main Mode
Apr 18 07:23:22 tidaxIpcop pluto[2818]: "fw-fw3" #6: policy does not allow
OAKLEY_RSA_SIG authentication. Attribute OAKLEY_AUTHENTICATION_METHOD
Apr 18 07:23:22 tidaxIpcop pluto[2818]: "fw-fw3" #6: no acceptable Oakley
Transform
Apr 18 07:23:22 tidaxIpcop pluto[2818]: "fw-fw3" #6: sending notification
NO_PROPOSAL_CHOSEN to 212.181.91.211:500
Apr 18 07:23:27 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:23:27 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:23:45 tidaxIpcop ipsec_setup: Stopping Openswan IPsec...
Apr 18 07:23:45 tidaxIpcop pluto[2818]: shutting down
Apr 18 07:23:45 tidaxIpcop pluto[2818]: forgetting secrets
Apr 18 07:23:45 tidaxIpcop pluto[2818]: "fw-fw3": deleting connection
Apr 18 07:23:45 tidaxIpcop pluto[2818]: "fw-fw3" #1: deleting state
(STATE_MAIN_I1)
Apr 18 07:23:45 tidaxIpcop ipsec__plutorun: 104 "fw-fw3" #1: STATE_MAIN_I1:
initiate
Apr 18 07:23:45 tidaxIpcop ipsec__plutorun: 010 "fw-fw3" #1: STATE_MAIN_I1:
retransmission; will wait 20s for response
Apr 18 07:23:45 tidaxIpcop ipsec__plutorun: 010 "fw-fw3" #1: STATE_MAIN_I1:
retransmission; will wait 40s for response
Apr 18 07:23:45 tidaxIpcop ipsec__plutorun: ...could not start conn "fw-fw3"
Apr 18 07:23:45 tidaxIpcop pluto[2818]: shutting down interface ipsec0/eth1
195.178.169.130
Apr 18 07:23:45 tidaxIpcop pluto[2818]: shutting down interface ipsec0/eth1
195.178.169.130
Apr 18 07:23:46 tidaxIpcop kernel: IPSEC EVENT: KLIPS device ipsec0 shut
down.
Apr 18 07:23:46 tidaxIpcop ipsec_setup: ipsec: Device or resource busy
Apr 18 07:23:46 tidaxIpcop ipsec_setup: ...Openswan IPsec stopped
Apr 18 07:23:46 tidaxIpcop ipsec_setup: Starting Openswan IPsec 1.0.10...
Apr 18 07:23:46 tidaxIpcop ipsec_setup: KLIPS debug `none'
Apr 18 07:23:46 tidaxIpcop ipsec_setup: KLIPS ipsec0 on eth1
195.178.169.130/255.255.255.240 broadcast 195.178.169.143
Apr 18 07:23:46 tidaxIpcop ipsec__plutorun: Starting Pluto subsystem...
Apr 18 07:23:46 tidaxIpcop ipsec_setup: ...Openswan IPsec started
Apr 18 07:23:46 tidaxIpcop pluto[3223]: Starting Pluto (Openswan Version
1.0.10)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: including X.509 patch with traffic
selectors (Version 0.9.42)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: including NAT-Traversal patch
(Version 0.6)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: ike_alg_register_enc(): Activating
OAKLEY_AES_CBC: Ok (ret=0)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: ike_alg_register_enc(): Activating
OAKLEY_BLOWFISH_CBC: Ok (ret=0)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: ike_alg_register_enc(): Activating
OAKLEY_CAST_CBC: Ok (ret=0)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: ike_alg_register_enc(): Activating
OAKLEY_SERPENT_CBC: Ok (ret=0)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_256: Ok (ret=0)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_512: Ok (ret=0)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: ike_alg_register_enc(): Activating
OAKLEY_TWOFISH_CBC: Ok (ret=0)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: ike_alg_register_enc(): Activating
OAKLEY_SSH_PRIVATE_65289: Ok (ret=0)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: Changing to directory
'/etc/ipsec.d/cacerts'
Apr 18 07:23:46 tidaxIpcop pluto[3223]: loaded cacert file 'caCert.pem'
(1460 bytes)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: Changing to directory
'/etc/ipsec.d/crls'
Apr 18 07:23:46 tidaxIpcop pluto[3223]: loaded crl file 'cacrl.pem' (682
bytes)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: crl issuer cacert not found
Apr 18 07:23:46 tidaxIpcop pluto[3223]: OpenPGP certificate file
'/etc/pgpcert.pgp' not found
Apr 18 07:23:46 tidaxIpcop pluto[3223]: | from whack: got --esp=3des
Apr 18 07:23:46 tidaxIpcop pluto[3223]: | from whack: got --ike=3des
Apr 18 07:23:46 tidaxIpcop pluto[3223]: loaded host cert file
'/etc/ipsec.d/fw1.tidax.se.pem' (1346 bytes)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: loaded host cert file
'/etc/ipsec.d/fw3.tidax.se.pem' (1346 bytes)
Apr 18 07:23:46 tidaxIpcop pluto[3223]: added connection description
"fw-fw3"
Apr 18 07:23:46 tidaxIpcop pluto[3223]: | from whack: got --esp=3des-sha1!
Apr 18 07:23:46 tidaxIpcop pluto[3223]: | from whack: got
--ike=3des-sha-modp8192,3des-sha-modp6144,3des-sha-modp4096,3des-sha-modp307
2,3des-sha-modp2048,3des-sha-modp1536,3des-sha-modp1024,3des-sha-modp768!
Apr 18 07:23:46 tidaxIpcop pluto[3223]: added connection description
"LidingoFW"
Apr 18 07:23:47 tidaxIpcop pluto[3223]: listening for IKE messages
Apr 18 07:23:47 tidaxIpcop pluto[3223]: adding interface ipsec0/eth1
195.178.150.120
Apr 18 07:23:47 tidaxIpcop pluto[3223]: adding interface ipsec0/eth1
195.178.150.120:4500
Apr 18 07:23:47 tidaxIpcop pluto[3223]: loading secrets from
"/etc/ipsec.secrets"
Apr 18 07:23:47 tidaxIpcop pluto[3223]: loaded private key file
'/etc/ipsec.d/private/fw1Key.pem' (963 bytes)
Apr 18 07:23:47 tidaxIpcop ipsec__plutorun: 022 "LidingoFW": we have no
ipsecN interface for either end of this connection
Apr 18 07:23:47 tidaxIpcop ipsec__plutorun: ...could not route conn
"LidingoFW"
Apr 18 07:23:47 tidaxIpcop pluto[3223]: "fw-fw3" #1: initiating Main Mode
Apr 18 07:23:47 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:23:47 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:23:57 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:23:57 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:24:01 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring Vendor ID payload [b8f92b2fa2d3fe5fe158344bda1cc6ae]
Apr 18 07:24:01 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received Vendor ID payload [Dead Peer Detection]
Apr 18 07:24:01 tidaxIpcop pluto[3223]: "fw-fw3" #2: responding to Main Mode
Apr 18 07:24:01 tidaxIpcop pluto[3223]: "fw-fw3" #2: policy does not allow
OAKLEY_RSA_SIG authentication. Attribute OAKLEY_AUTHENTICATION_METHOD
Apr 18 07:24:01 tidaxIpcop pluto[3223]: "fw-fw3" #2: no acceptable Oakley
Transform
Apr 18 07:24:01 tidaxIpcop pluto[3223]: "fw-fw3" #2: sending notification
NO_PROPOSAL_CHOSEN to 212.181.91.211:500
Apr 18 07:24:17 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:24:17 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:24:42 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring Vendor ID payload [b8f92b2fa2d3fe5fe158344bda1cc6ae]
Apr 18 07:24:42 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received Vendor ID payload [Dead Peer Detection]
Apr 18 07:24:42 tidaxIpcop pluto[3223]: "fw-fw3" #3: responding to Main Mode
Apr 18 07:24:42 tidaxIpcop pluto[3223]: "fw-fw3" #3: policy does not allow
OAKLEY_RSA_SIG authentication. Attribute OAKLEY_AUTHENTICATION_METHOD
Apr 18 07:24:42 tidaxIpcop pluto[3223]: "fw-fw3" #3: no acceptable Oakley
Transform
Apr 18 07:24:42 tidaxIpcop pluto[3223]: "fw-fw3" #3: sending notification
NO_PROPOSAL_CHOSEN to 212.181.91.211:500
Apr 18 07:24:57 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:24:57 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:25:22 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring Vendor ID payload [b8f92b2fa2d3fe5fe158344bda1cc6ae]
Apr 18 07:25:22 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received Vendor ID payload [Dead Peer Detection]
Apr 18 07:25:22 tidaxIpcop pluto[3223]: "fw-fw3" #4: responding to Main Mode
Apr 18 07:25:22 tidaxIpcop pluto[3223]: "fw-fw3" #4: policy does not allow
OAKLEY_RSA_SIG authentication. Attribute OAKLEY_AUTHENTICATION_METHOD
Apr 18 07:25:22 tidaxIpcop pluto[3223]: "fw-fw3" #4: no acceptable Oakley
Transform
Apr 18 07:25:22 tidaxIpcop pluto[3223]: "fw-fw3" #4: sending notification
NO_PROPOSAL_CHOSEN to 212.181.91.211:500
Apr 18 07:25:37 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:25:37 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:26:02 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring Vendor ID payload [b8f92b2fa2d3fe5fe158344bda1cc6ae]
Apr 18 07:26:02 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received Vendor ID payload [Dead Peer Detection]
Apr 18 07:26:02 tidaxIpcop pluto[3223]: "fw-fw3" #5: responding to Main Mode
Apr 18 07:26:02 tidaxIpcop pluto[3223]: "fw-fw3" #5: policy does not allow
OAKLEY_RSA_SIG authentication. Attribute OAKLEY_AUTHENTICATION_METHOD
Apr 18 07:26:02 tidaxIpcop pluto[3223]: "fw-fw3" #5: no acceptable Oakley
Transform
Apr 18 07:26:02 tidaxIpcop pluto[3223]: "fw-fw3" #5: sending notification
NO_PROPOSAL_CHOSEN to 212.181.91.211:500
Apr 18 07:26:02 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
Informational Exchange is for an unknown (expired?) SA
Apr 18 07:26:17 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:26:17 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:26:42 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring Vendor ID payload [b8f92b2fa2d3fe5fe158344bda1cc6ae]
Apr 18 07:26:42 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received Vendor ID payload [Dead Peer Detection]
Apr 18 07:26:42 tidaxIpcop pluto[3223]: "fw-fw3" #6: responding to Main Mode
Apr 18 07:26:42 tidaxIpcop pluto[3223]: "fw-fw3" #6: policy does not allow
OAKLEY_RSA_SIG authentication. Attribute OAKLEY_AUTHENTICATION_METHOD
Apr 18 07:26:42 tidaxIpcop pluto[3223]: "fw-fw3" #6: no acceptable Oakley
Transform
Apr 18 07:26:42 tidaxIpcop pluto[3223]: "fw-fw3" #6: sending notification
NO_PROPOSAL_CHOSEN to 212.181.91.211:500
Apr 18 07:26:57 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:26:57 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:27:22 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring Vendor ID payload [b8f92b2fa2d3fe5fe158344bda1cc6ae]
Apr 18 07:27:22 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received Vendor ID payload [Dead Peer Detection]
Apr 18 07:27:22 tidaxIpcop pluto[3223]: "fw-fw3" #7: responding to Main Mode
Apr 18 07:27:22 tidaxIpcop pluto[3223]: "fw-fw3" #7: policy does not allow
OAKLEY_RSA_SIG authentication. Attribute OAKLEY_AUTHENTICATION_METHOD
Apr 18 07:27:22 tidaxIpcop pluto[3223]: "fw-fw3" #7: no acceptable Oakley
Transform
Apr 18 07:27:22 tidaxIpcop pluto[3223]: "fw-fw3" #7: sending notification
NO_PROPOSAL_CHOSEN to 212.181.91.211:500
Apr 18 07:27:37 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Apr 18 07:27:37 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received and ignored informational message
Apr 18 07:28:02 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
ignoring Vendor ID payload [b8f92b2fa2d3fe5fe158344bda1cc6ae]
Apr 18 07:28:02 tidaxIpcop pluto[3223]: packet from 212.181.91.211:500:
received Vendor ID payload [Dead Peer Detection]
Apr 18 07:28:02 tidaxIpcop pluto[3223]: "fw-fw3" #8: responding to Main Mode
Apr 18 07:28:02 tidaxIpcop pluto[3223]: "fw-fw3" #8: policy does not allow
OAKLEY_RSA_SIG authentication. Attribute OAKLEY_AUTHENTICATION_METHOD
Apr 18 07:28:02 tidaxIpcop pluto[3223]: "fw-fw3" #8: no acceptable Oakley
Transform
Apr 18 07:28:02 tidaxIpcop pluto[3223]: "fw-fw3" #8: sending notification
NO_PROPOSAL_CHOSEN to 212.181.91.211:500
Regards
Kbergros
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070418/6f417650/attachment-0001.html
More information about the Users
mailing list