[Openswan Users] VPN - CheckPoint x Openswan IPsec U2.6.14/K2.6.18-128.2.16.v5
Estevao Arndt
earndt at br.lockton.com
Tue Sep 15 14:03:48 EDT 2009
I have a VPN built between CheckPoint x Openswan IPsec
U2.6.14/K2.6.18-128.2.16.v5.
In our tests Linux side can ping through the tunnel, but the Checkpoint
side can not do it. We tried several ways to see where the problem is
but we have not found anything. Can you help us, please?!
See below:
[root at LinuxSide ~]# ipsec auto --status
000
000 "hqgateBrasil-satgateBrasil":
189.39.14.36<189.39.14.36>[+S=C]---189.239.14.33...208.18.15.1---208.18.
15.6<208.18.15.6>[+S=C]; erouted; eroute owner: #4
000 "hqgateBrasil-satgateBrasil": myip=unset; hisip=unset;
000 "hqgateBrasil-satgateBrasil": ike_life: 3600s; ipsec_life: 28800s;
rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
000 "hqgateBrasil-satgateBrasil": policy:
PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW+lKOD+rKOD; prio: 32,32; interface:
eth0;
000 "hqgateBrasil-satgateBrasil": newest ISAKMP SA: #0; newest IPsec
SA: #4;
000 "hqgateBrasil-satnetBrasil":
189.39.14.36<189.39.14.36>[+S=C]---189.39.14.33...208.18.15.1---208.18.1
5.6<208.18.15.6>[+S=C]===192.168.202.0/24; erouted; eroute owner: #9
000 "hqgateBrasil-satnetBrasil": myip=unset; hisip=unset;
000 "hqgateBrasil-satnetBrasil": ike_life: 3600s; ipsec_life: 28800s;
rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
000 "hqgateBrasil-satnetBrasil": policy:
PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW+lKOD+rKOD; prio: 32,24; interface:
eth0;
000 "hqgateBrasil-satnetBrasil": newest ISAKMP SA: #0; newest IPsec
SA: #9;
000 "hqnetBrasil-satgateBrasil":
172.29.144.0/24===189.39.14.36<189.39.14.36>[+S=C]---189.239.14.33...208
.18.15.1---208.18.15.6<208.18.15.6>[+S=C]; erouted; eroute owner: #5
000 "hqnetBrasil-satgateBrasil": myip=unset; hisip=unset;
000 "hqnetBrasil-satgateBrasil": ike_life: 3600s; ipsec_life: 28800s;
rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
000 "hqnetBrasil-satgateBrasil": policy:
PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW+lKOD+rKOD; prio: 24,32; interface:
eth0;
000 "hqnetBrasil-satgateBrasil": newest ISAKMP SA: #0; newest IPsec
SA: #5;
000 "hqnetBrasil-satnetBrasil":
172.29.144.0/24===189.39.14.36<189.39.14.36>[+S=C]---189.39.14.33...208.
18.15.1---208.18.15.6<208.18.15.6>[+S=C]===192.168.202.0/24; erouted;
eroute owner: #8
000 "hqnetBrasil-satnetBrasil": myip=unset; hisip=unset;
000 "hqnetBrasil-satnetBrasil": ike_life: 3600s; ipsec_life: 28800s;
rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
000 "hqnetBrasil-satnetBrasil": policy:
PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW+lKOD+rKOD; prio: 24,24; interface:
eth0;
000 "hqnetBrasil-satnetBrasil": newest ISAKMP SA: #1; newest IPsec SA:
#8;
000 "hqnetBrasil-satnetBrasil": IKE algorithm newest:
3DES_CBC_192-SHA1-MODP1024
000 #4: "hqgateBrasil-satgateBrasil":500 STATE_QUICK_I2 (sent QI2, IPsec
SA established); EVENT_SA_REPLACE in 27327s; newest IPSEC; eroute owner;
isakmp#1; idle; import:admin initiate
000 #4: "hqgateBrasil-satgateBrasil" esp.8bdba7fb at 208.18.15.6
esp.7e29e3a3 at 189.39.14.36 tun.0 at 208.18.15.6 tun.0 at 189.39.14.36 ref=0
refhim=4294901761
000 #9: "hqgateBrasil-satnetBrasil":500 STATE_QUICK_I2 (sent QI2, IPsec
SA established); EVENT_SA_REPLACE in 27523s; newest IPSEC; eroute owner;
isakmp#1; idle; import:admin initiate
000 #9: "hqgateBrasil-satnetBrasil" esp.4578ca86 at 208.18.15.6
esp.5d473da2 at 189.39.14.36 tun.0 at 208.18.15.6 tun.0 at 189.39.14.36 ref=0
refhim=4294901761
000 #5: "hqnetBrasil-satgateBrasil":500 STATE_QUICK_I2 (sent QI2, IPsec
SA established); EVENT_SA_REPLACE in 27652s; newest IPSEC; eroute owner;
isakmp#1; idle; import:admin initiate
000 #5: "hqnetBrasil-satgateBrasil" esp.d2f0bbf7 at 208.18.15.6
esp.9cb5c541 at 189.39.14.36 tun.0 at 208.18.15.6 tun.0 at 189.39.14.36 ref=0
refhim=4294901761
000 #8: "hqnetBrasil-satnetBrasil":500 STATE_QUICK_I2 (sent QI2, IPsec
SA established); EVENT_SA_REPLACE in 27781s; newest IPSEC; eroute owner;
isakmp#1; idle; import:admin initiate
000 #8: "hqnetBrasil-satnetBrasil" esp.98884f15 at 208.18.15.6
esp.766488cb at 189.39.14.36 tun.0 at 208.18.15.6 tun.0 at 189.39.14.36 ref=0
refhim=4294901761
000 #7: "hqnetBrasil-satnetBrasil":500 STATE_QUICK_I2 (sent QI2, IPsec
SA established); EVENT_SA_REPLACE in 27724s; isakmp#1; idle;
import:admin initiate
000 #7: "hqnetBrasil-satnetBrasil" esp.f30f0c13 at 208.18.15.6
esp.fa5ca166 at 189.39.14.36 tun.0 at 208.18.15.6 tun.0 at 189.39.14.36 ref=0
refhim=4294901761
000 #1: "hqnetBrasil-satnetBrasil":500 STATE_MAIN_I4 (ISAKMP SA
established); EVENT_SA_REPLACE in 2565s; newest ISAKMP; nodpd; idle;
import:admin initiate
------------------------------------------------------------------------
------------
Sep 10 17:11:04 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
initiating Main Mode
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
STATE_MAIN_I2: sent MI2, expecting MR2
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
STATE_MAIN_I3: sent MI3, expecting MR3
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
Main mode peer ID is ID_IPV4_ADDR: '208.18.15.6'
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
alloc_bytes1() was mistakenly asked to malloc 0 bytes for st_skey_ar in
duplicate_state, please report to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
alloc_bytes1() was mistakenly asked to malloc 0 bytes for st_skey_er in
duplicate_state, please report to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
alloc_bytes1() was mistakenly asked to malloc 0 bytes for st_skey_pi in
duplicate_state, please report to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
alloc_bytes1() was mistakenly asked to malloc 0 bytes for st_skey_pr in
duplicate_state, please report to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqgateBrasil-satgateBrasil"
#3: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW {using
isakmp#1 msgid:fd483326 proposal=defaults
pfsgroup=OAKLEY_GROUP_MODP1024}
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_ar in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_er in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_pi in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_pr in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satgateBrasil"
#4: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW {using
isakmp#1 msgid:633d23dd proposal=defaults
pfsgroup=OAKLEY_GROUP_MODP1024}
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_ar in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_er in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_pi in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_pr in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW {using
isakmp#1 msgid:e0aac23d proposal=defaults
pfsgroup=OAKLEY_GROUP_MODP1024}
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_ar in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_er in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_pi in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_pr in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #6:
initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW {using
isakmp#1 msgid:026650ae proposal=defaults
pfsgroup=OAKLEY_GROUP_MODP1024}
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_ar in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_er in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_pi in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: alloc_bytes1() was mistakenly
asked to malloc 0 bytes for st_skey_pr in duplicate_state, please report
to dev at openswan.org
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #7:
initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW {using
isakmp#1 msgid:5f60d699 proposal=defaults
pfsgroup=OAKLEY_GROUP_MODP1024}
Sep 10 17:11:05 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
discarding duplicate packet; already STATE_MAIN_I4
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
discarding duplicate packet; already STATE_MAIN_I4
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: ignoring informational payload, type IPSEC_RESPONDER_LIFETIME
msgid=e0aac23d
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqgateBrasil-satgateBrasil"
#3: ignoring informational payload, type IPSEC_RESPONDER_LIFETIME
msgid=fd483326
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode
{ESP=>0x95fdc2bf <0x454be095 xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none
DPD=none}
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satgateBrasil"
#4: ignoring informational payload, type IPSEC_RESPONDER_LIFETIME
msgid=633d23dd
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqgateBrasil-satgateBrasil"
#3: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqgateBrasil-satgateBrasil"
#3: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode
{ESP=>0x41b03d94 <0x97df349d xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none
DPD=none}
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #6:
ignoring informational payload, type IPSEC_RESPONDER_LIFETIME
msgid=026650ae
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satgateBrasil"
#4: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satgateBrasil"
#4: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode
{ESP=>0x455ff91c <0xea78525b xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none
DPD=none}
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #7:
ignoring informational payload, type IPSEC_RESPONDER_LIFETIME
msgid=5f60d699
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #6:
transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #6:
STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode
{ESP=>0x5f3c47ff <0x897f8cda xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none
DPD=none}
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #7:
transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #7:
STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode
{ESP=>0x3a0e94ef <0xda5f031f xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none
DPD=none}
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
received 1 malformed payload notifies
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
received 2 malformed payload notifies
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
received 3 malformed payload notifies
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
received 4 malformed payload notifies
Sep 10 17:11:06 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
received 5 malformed payload notifies
Sep 10 17:11:08 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: message ignored because it contains an unexpected payload type
(ISAKMP_NEXT_HASH)
Sep 10 17:11:08 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: sending encrypted notification INVALID_PAYLOAD_TYPE to
208.18.15.6:500
Sep 10 17:11:10 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: message ignored because it contains an unexpected payload type
(ISAKMP_NEXT_HASH)
Sep 10 17:11:10 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: sending encrypted notification INVALID_PAYLOAD_TYPE to
208.18.15.6:500
Sep 10 17:11:12 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: message ignored because it contains an unexpected payload type
(ISAKMP_NEXT_HASH)
Sep 10 17:11:12 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: sending encrypted notification INVALID_PAYLOAD_TYPE to
208.18.15.6:500
Sep 10 17:11:14 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: message ignored because it contains an unexpected payload type
(ISAKMP_NEXT_HASH)
Sep 10 17:11:14 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: sending encrypted notification INVALID_PAYLOAD_TYPE to
208.18.15.6:500
Sep 10 17:11:16 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: message ignored because it contains an unexpected payload type
(ISAKMP_NEXT_HASH)
Sep 10 17:11:16 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: sending encrypted notification INVALID_PAYLOAD_TYPE to
208.18.15.6:500
Sep 10 17:11:18 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: message ignored because it contains an unexpected payload type
(ISAKMP_NEXT_HASH)
Sep 10 17:11:18 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: sending encrypted notification INVALID_PAYLOAD_TYPE to
208.18.15.6:500
Sep 10 17:11:22 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: message ignored because it contains an unexpected payload type
(ISAKMP_NEXT_HASH)
Sep 10 17:11:22 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: sending encrypted notification INVALID_PAYLOAD_TYPE to
208.18.15.6:500
Sep 10 17:11:26 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: message ignored because it contains an unexpected payload type
(ISAKMP_NEXT_HASH)
Sep 10 17:11:26 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: sending encrypted notification INVALID_PAYLOAD_TYPE to
208.18.15.6:500
Sep 10 17:11:30 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: message ignored because it contains an unexpected payload type
(ISAKMP_NEXT_HASH)
Sep 10 17:11:30 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: sending encrypted notification INVALID_PAYLOAD_TYPE to
208.18.15.6:500
Sep 10 17:11:34 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: message ignored because it contains an unexpected payload type
(ISAKMP_NEXT_HASH)
Sep 10 17:11:34 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: sending encrypted notification INVALID_PAYLOAD_TYPE to
208.18.15.6:500
Sep 10 17:11:38 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: message ignored because it contains an unexpected payload type
(ISAKMP_NEXT_HASH)
Sep 10 17:11:38 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: sending encrypted notification INVALID_PAYLOAD_TYPE to
208.18.15.6:500
Sep 10 17:11:44 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
received Delete SA payload: replace IPSEC State #5 in 10 seconds
Sep 10 17:11:44 locktonbrsp pluto[23519]: "hqnetBrasil-satnetBrasil" #1:
received and ignored informational message
Sep 10 17:11:54 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: alloc_bytes1() was mistakenly asked to malloc 0 bytes for st_skey_ar
in duplicate_state, please report to dev at openswan.org
Sep 10 17:11:54 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: alloc_bytes1() was mistakenly asked to malloc 0 bytes for st_skey_er
in duplicate_state, please report to dev at openswan.org
Sep 10 17:11:54 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: alloc_bytes1() was mistakenly asked to malloc 0 bytes for st_skey_pi
in duplicate_state, please report to dev at openswan.org
Sep 10 17:11:54 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#5: alloc_bytes1() was mistakenly asked to malloc 0 bytes for st_skey_pr
in duplicate_state, please report to dev at openswan.org
Sep 10 17:11:54 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#10: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW to
replace #5 {using isakmp#1 msgid:37d11ba5 proposal=defaults
pfsgroup=OAKLEY_GROUP_MODP1024}
Sep 10 17:11:55 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#10: ignoring informational payload, type IPSEC_RESPONDER_LIFETIME
msgid=37d11ba5
Sep 10 17:11:55 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#10: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Sep 10 17:11:55 locktonbrsp pluto[23519]: "hqgateBrasil-satnetBrasil"
#10: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode
{ESP=>0xd2d5c535 <0x77bd51b2 xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none
DPD=none}
----------------------------------------------------
conn hqnetBrasil-satnetBrasil
authby=secret
auto=start
aggrmode=no
type=tunnel
pfs=no
keyexchange=ike
ike=3des-sha1-modp1024
ikelifetime=24h
keylife=1h
rekey=no
auth=esp
Thank you in advance.
Estevao Arndt.
More information about the Users
mailing list