[Openswan Users] Mac OS X can't connect to Openswan server (Linux Kernel 2.6)

Espanola, Arnel aespanola at arts.ucla.edu
Mon Apr 28 18:44:31 EDT 2008


I'm having problem connecting to my openswan server (ver 2.4.5) using my
MAC. I tried from Tiger and Leopard OS X but to no avail. I can connect to
it using PC running XP without problem. I tried looking for a fix over the
internet but I can't find a solution to it. Here's the messages in the vpn
server on both MAC and PC. I hope you can help me figure out what seems to
be causing the problem based on this logs. Thanks.

MAC OS X
--------
Apr 28 14:04:53 vpn pluto[2304]: packet from x.x.x.x:500: received Vendor ID
payload [RFC 3947] method set to=110
Apr 28 14:04:53 vpn pluto[2304]: packet from x.x.x.x:500: received Vendor ID
payload [draft-ietf-ipsec-nat-t-ike] meth=109, but already using method 110
Apr 28 14:04:53 vpn pluto[2304]: packet from x.x.x.x:500: ignoring unknown
Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
Apr 28 14:04:53 vpn pluto[2304]: packet from x.x.x.x:500: ignoring unknown
Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
Apr 28 14:04:53 vpn pluto[2304]: packet from x.x.x.x:500: ignoring unknown
Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
Apr 28 14:04:53 vpn pluto[2304]: packet from x.x.x.x:500: ignoring unknown
Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
Apr 28 14:04:53 vpn pluto[2304]: packet from x.x.x.x:500: ignoring unknown
Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
Apr 28 14:04:53 vpn pluto[2304]: packet from x.x.x.x:500: received Vendor ID
payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method
110
Apr 28 14:04:53 vpn pluto[2304]: packet from x.x.x.x:500: received Vendor ID
payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method
110
Apr 28 14:04:53 vpn pluto[2304]: packet from x.x.x.x:500: received Vendor ID
payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method
110
Apr 28 14:04:53 vpn pluto[2304]: packet from x.x.x.x:500: received Vendor ID
payload [Dead Peer Detection]
Apr 28 14:04:53 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49:
responding to Main Mode from unknown peer x.x.x.x
Apr 28 14:04:53 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Apr 28 14:04:53 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49:
STATE_MAIN_R1: sent MR1, expecting MI2
Apr 28 14:04:53 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49:
NAT-Traversal: Result using 3: no NAT detected
Apr 28 14:04:53 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Apr 28 14:04:53 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49:
STATE_MAIN_R2: sent MR2, expecting MI3
Apr 28 14:04:53 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49: Main
mode peer ID is ID_IPV4_ADDR: 'x.x.x.x'
Apr 28 14:04:53 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49: I did
not send a certificate because I do not have one.
Apr 28 14:04:53 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Apr 28 14:04:53 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
Apr 28 14:04:53 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49:
ignoring informational payload, type IPSEC_INITIAL_CONTACT
Apr 28 14:04:53 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49:
received and ignored informational message
Apr 28 14:04:54 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49: cannot
respond to IPsec SA request because no connection is known for
y.y.y.y:17/1701...x.x.x.x:17/50229
Apr 28 14:04:54 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49: sending
encrypted notification INVALID_ID_INFORMATION to x.x.x.x:500
Apr 28 14:05:04 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49: Quick
Mode I1 message is unacceptable because it uses a previously used Message ID
0xd5b3489a (perhaps this is a duplicated packet)
Apr 28 14:05:04 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49: sending
encrypted notification INVALID_MESSAGE_ID to x.x.x.x:500
Apr 28 14:05:15 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49: Quick
Mode I1 message is unacceptable because it uses a previously used Message ID
0xd5b3489a (perhaps this is a duplicated packet)
Apr 28 14:05:15 vpn pluto[2304]: "roadwarrior-l2tp"[17] x.x.x.x #49: sending
encrypted notification INVALID_MESSAGE_ID to x.x.x.x:500


PC XP
-----
Apr 28 14:11:59 vpn pluto[2304]: packet from x.x.x.x:500: ignoring Vendor ID
payload [MS NT5 ISAKMPOAKLEY 00000004]
Apr 28 14:11:59 vpn pluto[2304]: packet from x.x.x.x:500: ignoring Vendor ID
payload [FRAGMENTATION]
Apr 28 14:11:59 vpn pluto[2304]: packet from x.x.x.x:500: received Vendor ID
payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
Apr 28 14:11:59 vpn pluto[2304]: packet from x.x.x.x:500: ignoring Vendor ID
payload [Vid-Initial-Contact]
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #50:
responding to Main Mode from unknown peer x.x.x.x
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #50:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #50:
STATE_MAIN_R1: sent MR1, expecting MI2
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #50:
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT
detected
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #50:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #50:
STATE_MAIN_R2: sent MR2, expecting MI3
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #50: Main
mode peer ID is ID_IPV4_ADDR: 'x.x.x.x'
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #50: I did
not send a certificate because I do not have one.
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #50:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #50:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #51:
responding to Quick Mode {msgid:a4e15be6}
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #51:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #51:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #51:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Apr 28 14:11:59 vpn pluto[2304]: "roadwarrior-l2tp"[18] x.x.x.x #51:
STATE_QUICK_R2: IPsec SA established {ESP=>0x85e963f7 <0xb55e7810
xfrm=3DES_0-HMAC_MD5 NATD=none DPD=none}

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080428/2cd8f2c6/attachment.html 


More information about the Users mailing list