[Openswan Users] Error ”cannot install eroute” when reconnect from the same IP
yegle
cnyegle at gmail.com
Thu Apr 29 07:27:57 EDT 2010
Hi list,
I found a strange problem and hope someone can give me a hint.
When I connect from a client and then disconnect and reconnect again,I'll
get a "cannot install eroute" error.
I'm using OpenSwan 2.6.25 with kernel 2.6.30.
My ipsec.conf file:
version 2.0
config setup
protostack=netkey
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
nhelpers=0
uniqueids=yes
keep_alive=10
force_keepalive=yes
conn L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
rekey=no
left=72.52.94.226
leftnexthop=%defaultroute
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
#dpdaction=clean
conn block
auto=ignore
conn private
auto=ignore
conn private-or-clear
auto=ignore
conn clear-or-private
auto=ignore
conn clear
auto=ignore
conn packetdefault
auto=ignore
Here's the log file
Apr 29 19:20:02 yegle-OPENVPN pluto[27509]: packet from 114.247.10.74:41620:
received Vendor ID payload [RFC 3947] method set to=109
Apr 29 19:20:02 yegle-OPENVPN pluto[27509]: packet from 114.247.10.74:41620:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
already using method 109
Apr 29 19:20:02 yegle-OPENVPN pluto[27509]: packet from 114.247.10.74:41620:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but
already using method 109
Apr 29 19:20:02 yegle-OPENVPN pluto[27509]: packet from 114.247.10.74:41620:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Apr 29 19:20:02 yegle-OPENVPN pluto[27509]: packet from 114.247.10.74:41620:
ignoring Vendor ID payload [FRAGMENTATION 80000000]
Apr 29 19:20:02 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[1] 114.247.10.74
#1: responding to Main Mode from unknown peer 114.247.10.74
Apr 29 19:20:02 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[1] 114.247.10.74
#1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Apr 29 19:20:02 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[1] 114.247.10.74
#1: STATE_MAIN_R1: sent MR1, expecting MI2
Apr 29 19:20:03 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[1] 114.247.10.74
#1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
Apr 29 19:20:03 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[1] 114.247.10.74
#1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Apr 29 19:20:03 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[1] 114.247.10.74
#1: STATE_MAIN_R2: sent MR2, expecting MI3
Apr 29 19:20:03 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[1] 114.247.10.74
#1: Main mode peer ID is ID_IPV4_ADDR: '172.19.99.97'
Apr 29 19:20:03 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[1] 114.247.10.74
#1: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT"
Apr 29 19:20:03 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#1: deleting connection "L2TP-PSK-NAT" instance with peer 114.247.10.74
{isakmp=#0/ipsec=#0}
Apr 29 19:20:03 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Apr 29 19:20:03 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#1: new NAT mapping for #1, was 114.247.10.74:41620, now 114.247.10.74:41621
Apr 29 19:20:03 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#1: STATE_MAIN_R3: sent MR3, ISAKMP SA established
{auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha
group=modp1024}
Apr 29 19:20:03 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#1: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Apr 29 19:20:03 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#1: ignoring informational payload, type IPSEC_INITIAL_CONTACT
msgid=00000000
Apr 29 19:20:03 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#1: received and ignored informational message
Apr 29 19:20:04 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#1: the peer proposed: X.X.X.226/32:17/1701 -> 172.19.99.97/32:17/0
Apr 29 19:20:04 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#2: responding to Quick Mode proposal {msgid:870162ef}
Apr 29 19:20:04 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#2: us: X.X.X.226<X.X.X.226>[+S=C]:17/1701---X.X.X.225
Apr 29 19:20:04 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#2: them: 114.247.10.74[172.19.99.97,+S=C]:17/0===172.19.99.97/32
Apr 29 19:20:04 yegle-OPENVPN pluto[27509]: | NAT-OA: 32 tunnel: 1
Apr 29 19:20:04 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Apr 29 19:20:04 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#2: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Apr 29 19:20:05 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Apr 29 19:20:05 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#2: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x0940ec9b
<0x4dee268e xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=114.247.10.74:41621DPD=none}
Apr 29 19:20:08 yegle-OPENVPN xl2tpd[11026]: control_finish: Peer requested
tunnel 44319 twice, ignoring second one.
Apr 29 19:20:08 yegle-OPENVPN xl2tpd[11026]: Connection established to
114.247.10.74, 45099. Local: 14238, Remote: 44319 (ref=0/0). LNS session
is 'default'
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: network_thread: select timeout
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: start_pppd: I'm running:
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: "/usr/sbin/pppd"
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: "passive"
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: "-detach"
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: "10.10.0.1:10.10.0.2"
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: "refuse-pap"
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: "auth"
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: "require-chap"
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: "name"
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: "LinuxVPNserver"
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: "debug"
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: "file"
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: "/etc/ppp/options.xl2tpd"
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: "/dev/pts/3"
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: Call established with
114.247.10.74, Local: 18093, Remote: 51911, Serial: 379304230
Apr 29 19:20:09 yegle-OPENVPN pppd[27839]: Plugin
/usr/lib64/pppd/2.4.4/radius.so loaded.
Apr 29 19:20:09 yegle-OPENVPN pppd[27839]: RADIUS plugin initialized.
Apr 29 19:20:09 yegle-OPENVPN pppd[27839]: pppd 2.4.4 started by root, uid 0
Apr 29 19:20:09 yegle-OPENVPN pppd[27839]: using channel 89
Apr 29 19:20:09 yegle-OPENVPN pppd[27839]: Using interface ppp0
Apr 29 19:20:09 yegle-OPENVPN pppd[27839]: Connect: ppp0 <--> /dev/pts/3
Apr 29 19:20:09 yegle-OPENVPN pppd[27839]: sent [LCP ConfReq id=0x1 <mru
1410> <asyncmap 0x0> <auth chap MD5> <magic 0xe3d3d7f> <pcomp> <accomp>]
Apr 29 19:20:09 yegle-OPENVPN pppd[27839]: rcvd [LCP ConfReq id=0x1 <mru
1400> <asyncmap 0x0> <magic 0x423abd5d> <pcomp> <accomp>]
Apr 29 19:20:09 yegle-OPENVPN pppd[27839]: sent [LCP ConfAck id=0x1 <mru
1400> <asyncmap 0x0> <magic 0x423abd5d> <pcomp> <accomp>]
Apr 29 19:20:09 yegle-OPENVPN pppd[27839]: rcvd [LCP ConfAck id=0x1 <mru
1410> <asyncmap 0x0> <auth chap MD5> <magic 0xe3d3d7f> <pcomp> <accomp>]
Apr 29 19:20:09 yegle-OPENVPN pppd[27839]: sent [CHAP Challenge id=0x31
<e16176ad752ff4d96ef727e34b41f3f6b4da049041c02f>, name = "LinuxVPNserver"]
Apr 29 19:20:09 yegle-OPENVPN xl2tpd[11026]: network_thread: select timeout
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: rcvd [CHAP Response id=0x31
<66dc5356ec0b167cf8f29752b77c3f68>, name = "yegle"]
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: sent [CHAP Success id=0x31 ""]
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: sent [IPCP ConfReq id=0x1
<compress VJ 0f 01> <addr 10.10.0.1>]
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: rcvd [CCP ConfReq id=0x1 <deflate
15> <deflate(old#) 15> <bsd v1 15>]
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: Unsupported protocol 'Compression
Control Protocol' (0x80fd) received
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: sent [LCP ProtRej id=0x2 80 fd 01
01 00 0f 1a 04 78 00 18 04 78 00 15 03 2f]
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: rcvd [IPCP ConfReq id=0x1
<compress VJ 0f 01> <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: sent [IPCP ConfNak id=0x1 <addr
10.10.0.2> <ms-dns1 74.82.42.42> <ms-dns3 74.82.42.42>]
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: rcvd [IPCP ConfAck id=0x1
<compress VJ 0f 01> <addr 10.10.0.1>]
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: rcvd [IPCP ConfReq id=0x2
<compress VJ 0f 01> <addr 10.10.0.2> <ms-dns1 74.82.42.42> <ms-dns3
74.82.42.42>]
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: sent [IPCP ConfAck id=0x2
<compress VJ 0f 01> <addr 10.10.0.2> <ms-dns1 74.82.42.42> <ms-dns3
74.82.42.42>]
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: not replacing existing default
route to eth0 [X.X.X.225]
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: Cannot determine ethernet address
for proxy ARP
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: local IP address 10.10.0.1
Apr 29 19:20:10 yegle-OPENVPN pppd[27839]: remote IP address 10.10.0.2
Apr 29 19:20:11 yegle-OPENVPN pppd[27839]: Script /etc/ppp/ip-up started
(pid 27841)
Apr 29 19:20:11 yegle-OPENVPN pppd[27839]: Script /etc/ppp/ip-up finished
(pid 27841), status = 0x0
Apr 29 19:20:17 yegle-OPENVPN pppd[27839]: rcvd [LCP TermReq id=0x2 "User
request"]
Apr 29 19:20:17 yegle-OPENVPN pppd[27839]: LCP terminated by peer (User
request)
Apr 29 19:20:17 yegle-OPENVPN pppd[27839]: Connect time 0.2 minutes.
Apr 29 19:20:17 yegle-OPENVPN pppd[27839]: Sent 2170 bytes, received 4764
bytes.
Apr 29 19:20:17 yegle-OPENVPN pppd[27839]: Script /etc/ppp/ip-down started
(pid 27842)
Apr 29 19:20:17 yegle-OPENVPN pppd[27839]: sent [LCP TermAck id=0x2]
Apr 29 19:20:17 yegle-OPENVPN pppd[27839]: Script /etc/ppp/ip-down finished
(pid 27842), status = 0x0
Apr 29 19:20:17 yegle-OPENVPN xl2tpd[11026]: result_code_avp: avp is
incorrect size. 8 < 10
Apr 29 19:20:17 yegle-OPENVPN xl2tpd[11026]: handle_avps: Bad exit status
handling attribute 1 (Result Code) on mandatory packet.
Apr 29 19:20:17 yegle-OPENVPN xl2tpd[11026]: Trustingly terminating pppd:
sending TERM signal to pid 27839
Apr 29 19:20:17 yegle-OPENVPN pppd[27839]: Modem hangup
Apr 29 19:20:17 yegle-OPENVPN pppd[27839]: Connection terminated.
Apr 29 19:20:17 yegle-OPENVPN pppd[27839]: Exit.
Apr 29 19:20:17 yegle-OPENVPN xl2tpd[11026]: pppd 27839 successfully
terminated
Apr 29 19:20:17 yegle-OPENVPN xl2tpd[11026]: Connection 44319 closed to
114.247.10.74, port 45099 (Result Code: expected at least 10, got 8)
Apr 29 19:20:17 yegle-OPENVPN xl2tpd[11026]: network_thread: select returned
error 9 (Bad file descriptor)
Apr 29 19:20:18 yegle-OPENVPN pluto[27509]: ERROR: asynchronous network
error report on eth0 (sport=4500) for message to 114.247.10.74 port 41621,
complainant 114.247.10.74: Connection refused [errno 111, origin ICMP type 3
code 3 (not authenticated)]
Apr 29 19:20:18 yegle-OPENVPN pluto[27509]: ERROR: asynchronous network
error report on eth0 (sport=4500) for message to 114.247.10.74 port 41621,
complainant 114.247.10.74: Connection refused [errno 111, origin ICMP type 3
code 3 (not authenticated)]
Apr 29 19:20:18 yegle-OPENVPN xl2tpd[11026]: network_thread: select timeout
Apr 29 19:20:19 yegle-OPENVPN pluto[27509]: ERROR: asynchronous network
error report on eth0 (sport=4500) for message to 114.247.10.74 port 41621,
complainant 114.247.10.74: Connection refused [errno 111, origin ICMP type 3
code 3 (not authenticated)]
Apr 29 19:20:19 yegle-OPENVPN xl2tpd[11026]: network_thread: select timeout
Apr 29 19:20:20 yegle-OPENVPN xl2tpd[11026]: network_thread: select timeout
Apr 29 19:20:21 yegle-OPENVPN xl2tpd[11026]: network_thread: select timeout
Apr 29 19:20:22 yegle-OPENVPN pluto[27509]: ERROR: asynchronous network
error report on eth0 (sport=4500) for message to 114.247.10.74 port 41621,
complainant 114.247.10.74: Connection refused [errno 111, origin ICMP type 3
code 3 (not authenticated)]
Apr 29 19:20:22 yegle-OPENVPN xl2tpd[11026]: network_thread: select timeout
Apr 29 19:20:22 yegle-OPENVPN xl2tpd[11026]: Unable to deliver closing
message for tunnel 14238. Destroying anyway.
Apr 29 19:20:23 yegle-OPENVPN pluto[27509]: ERROR: asynchronous network
error report on eth0 (sport=4500) for message to 114.247.10.74 port 41621,
complainant 114.247.10.74: Connection refused [errno 111, origin ICMP type 3
code 3 (not authenticated)]
Apr 29 19:20:23 yegle-OPENVPN pluto[27509]: ERROR: asynchronous network
error report on eth0 (sport=4500) for message to 114.247.10.74 port 41621,
complainant 114.247.10.74: Connection refused [errno 111, origin ICMP type 3
code 3 (not authenticated)]
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: packet from 114.247.10.74:41620:
received Vendor ID payload [RFC 3947] method set to=109
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: packet from 114.247.10.74:41620:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
already using method 109
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: packet from 114.247.10.74:41620:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but
already using method 109
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: packet from 114.247.10.74:41620:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: packet from 114.247.10.74:41620:
ignoring Vendor ID payload [FRAGMENTATION 80000000]
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: responding to Main Mode from unknown peer 114.247.10.74
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: STATE_MAIN_R1: sent MR1, expecting MI2
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: STATE_MAIN_R2: sent MR2, expecting MI3
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: Main mode peer ID is ID_IPV4_ADDR: '172.19.99.97'
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: new NAT mapping for #3, was 114.247.10.74:41620, now 114.247.10.74:41621
Apr 29 19:21:14 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: STATE_MAIN_R3: sent MR3, ISAKMP SA established
{auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha
group=modp1024}
Apr 29 19:21:15 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: ignoring informational payload, type IPSEC_INITIAL_CONTACT
msgid=00000000
Apr 29 19:21:15 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: received and ignored informational message
Apr 29 19:21:16 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: the peer proposed: X.X.X.226/32:17/1701 -> 172.19.99.97/32:17/0
Apr 29 19:21:16 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[3] 114.247.10.74
#4: responding to Quick Mode proposal {msgid:ac7829cf}
Apr 29 19:21:16 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[3] 114.247.10.74
#4: us: X.X.X.226<X.X.X.226>[+S=C]:17/1701---X.X.X.225
Apr 29 19:21:16 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[3] 114.247.10.74
#4: them: 114.247.10.74[172.19.99.97,+S=C]:17/0===172.19.99.97/32
Apr 29 19:21:16 yegle-OPENVPN pluto[27509]: | NAT-OA: 32 tunnel: 1
Apr 29 19:21:16 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[3] 114.247.10.74
#4: cannot install eroute -- it is in use for "L2TP-PSK-NAT"[2]
114.247.10.74 #2
Apr 29 19:21:16 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[3] 114.247.10.74:
deleting connection "L2TP-PSK-NAT" instance with peer 114.247.10.74
{isakmp=#0/ipsec=#0}
Apr 29 19:21:26 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: the peer proposed: X.X.X.226/32:17/1701 -> 172.19.99.97/32:17/0
Apr 29 19:21:26 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[4] 114.247.10.74
#5: responding to Quick Mode proposal {msgid:ac7829cf}
Apr 29 19:21:26 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[4] 114.247.10.74
#5: us: X.X.X.226<X.X.X.226>[+S=C]:17/1701---X.X.X.225
Apr 29 19:21:26 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[4] 114.247.10.74
#5: them: 114.247.10.74[172.19.99.97,+S=C]:17/0===172.19.99.97/32
Apr 29 19:21:26 yegle-OPENVPN pluto[27509]: | NAT-OA: 32 tunnel: 1
Apr 29 19:21:26 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[4] 114.247.10.74
#5: cannot install eroute -- it is in use for "L2TP-PSK-NAT"[2]
114.247.10.74 #2
Apr 29 19:21:26 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[4] 114.247.10.74:
deleting connection "L2TP-PSK-NAT" instance with peer 114.247.10.74
{isakmp=#0/ipsec=#0}
Apr 29 19:21:36 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[2] 114.247.10.74
#3: the peer proposed: X.X.X.226/32:17/1701 -> 172.19.99.97/32:17/0
Apr 29 19:21:36 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[5] 114.247.10.74
#6: responding to Quick Mode proposal {msgid:ac7829cf}
Apr 29 19:21:36 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[5] 114.247.10.74
#6: us: X.X.X.226<X.X.X.226>[+S=C]:17/1701---X.X.X.225
Apr 29 19:21:36 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[5] 114.247.10.74
#6: them: 114.247.10.74[172.19.99.97,+S=C]:17/0===172.19.99.97/32
Apr 29 19:21:36 yegle-OPENVPN pluto[27509]: | NAT-OA: 32 tunnel: 1
Apr 29 19:21:36 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[5] 114.247.10.74
#6: cannot install eroute -- it is in use for "L2TP-PSK-NAT"[2]
114.247.10.74 #2
Apr 29 19:21:36 yegle-OPENVPN pluto[27509]: "L2TP-PSK-NAT"[5] 114.247.10.74:
deleting connection "L2TP-PSK-NAT" instance with peer 114.247.10.74
{isakmp=#0/ipsec=#0}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100429/c12b146d/attachment-0001.html
More information about the Users
mailing list