[Openswan Users] need help about after tcpdump -n -i eth0

Peter McGill petermcgill at goco.net
Fri May 2 09:17:47 EDT 2008 

Keith,

> May  1 11:53:21 localhost pluto[7284]: "testipsec" #4: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x871a36e3 <0xa8b46b75
xfrm=3DES_0-HMAC_MD5 NATD=none DPD=none}

This means your tunnel was started/working, however a few minutes later...

> May  1 11:55:49 localhost pluto[7284]:"testipsec"deleting connection
> May  1 11:55:49 localhost pluto[7284]: "testipsec" #4: deleting state (STATE_QUICK_I2)
> May  1 11:55:49 localhost pluto[7284]: "testipsec"#1: deleting state (STATE_MAIN_I4) 

The connection was deleted. Did you delete it manually?

When watching for esp packets did you send traffic over the tunnel, for example pings?

What is on the other end of the tunnel, Openswan, Cisco...?

Please provide more information on your setup and test method.
ipsec verify > verify.txt
ipsec.conf

Peter McGill
IT Systems Analyst
Gra Ham Energy Limited 

 


________________________________

	From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On Behalf Of yu chen
	Sent: May 2, 2008 7:12 AM
	To: users at openswan.org
	Subject: [Openswan Users] need help about after tcpdump -n -i eth0
	
	
	hello,All
	 
	i made an ipsec tunnel and i got :
	 
	May  1 11:53:21 localhost pluto[7284]: "testipsec"#1: initiating Main Mode
	May  1 11:53:21 localhost pluto[7284]: "testipsec"#1: ignoring unknown Vendor ID payload
[166f932d55eb64d8e4df4fd37e2313f0d0fd84510000000000000000]
	May  1 11:53:21 localhost pluto[7284]: "testipsec" #1: received Vendor ID payload [Dead Peer Detection]
	May  1 11:53:21 localhost pluto[7284]: "testipsec" #1: ignoring Vendor ID payload [HeartBeat Notify 386b0100]
	May  1 11:53:21 localhost pluto[7284]: "testipsec" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
	May  1 11:53:21 localhost pluto[7284]: "testipsec" #1: STATE_MAIN_I2: sent MI2, expecting MR2
	May  1 11:53:21 localhost pluto[7284]: "testipsec" #1: I did not send a certificate because I do not have one.
	May  1 11:53:21 localhost pluto[7284]: "testipsec"#1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
	May  1 11:53:21 localhost pluto[7284]: "testipsec" #1: STATE_MAIN_I3: sent MI3, expecting MR3
	May  1 11:53:21 localhost pluto[7284]: "testipsec"#1: Main mode peer ID is ID_IPV4_ADDR: 'xxx.xxx.xxx.xxx'
	May  1 11:53:21 localhost pluto[7284]: "testipsec"#1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
	May  1 11:53:21 localhost pluto[7284]: "testipsec"#1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
	May  1 11:53:21 localhost pluto[7284]: "testipsec" #4: ignoring informational payload, type IPSEC_RESPONDER_LIFETIME
	May  1 11:53:21 localhost pluto[7284]:"testipsec"#4: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
	May  1 11:53:21 localhost pluto[7284]: "testipsec" #4: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x871a36e3
<0xa8b46b75 xfrm=3DES_0-HMAC_MD5 NATD=none DPD=none}
	May  1 11:55:49 localhost pluto[7284]:"testipsec"deleting connection
	May  1 11:55:49 localhost pluto[7284]: "testipsec" #4: deleting state (STATE_QUICK_I2)
	May  1 11:55:49 localhost pluto[7284]: "testipsec"#1: deleting state (STATE_MAIN_I4)
	
	it means i've successfully set up ipsec tunnel?
	if yes. but why i can not get ESP messages when i am using tcpdump -n -i eth0?
	 
	thank you very much
	 
	Keith Chen
	 

________________________________

	Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
<http://us.rd.yahoo.com/evt=51733/*http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ>

More information about the Users mailing list