[Openswan Users] Openswan freezes all system

Marcel de Lima delima_lima at yahoo.com.br
Mon Aug 23 17:28:50 EDT 2010 

Hi everybody.

I'm having a problem with a server opensuse using openswan (last version obtained from official opensuse's repositories). Opensuse 11.3, kernel 2.6.34-12, openswan-2.6.27 (from source site)

When i execute "ipsec setup start" and "ipse auto --up vpn", the system works normally, but, after some hours, all system is freezed. 

I see some informations on messages file, like this:

Aug  2 16:46:27 pluto[3599]: "vpn" #1297: received Delete SA payload: replace IPSEC State #1298 in 10 seconds
Aug  2 16:46:27 pluto[3599]: "vpn" #1297: received and ignored informational message
Aug  2 16:46:27 pluto[3599]: "vpn" #1297: received Delete SA payload: deleting ISAKMP State #1297
Aug  2 16:46:27 pluto[3599]: packet from 200.xxx:500: received and ignored informational message
Aug  2 16:46:30 pluto[3599]: packet from 200.xxx:500: ignoring unknown Vendor ID payload [4f454578616c467b5f6f606d]
Aug  2 16:46:30 pluto[3599]: packet from 200.xxx:500: received Vendor ID payload [Dead Peer Detection]
Aug  2 16:46:30 pluto[3599]: "vpn" #1299: responding to Main Mode
Aug  2 16:46:30 pluto[3599]: "vpn" #1299: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Aug  2 16:46:30 [3599]: "vpn" #1299: STATE_MAIN_R1: sent MR1, expecting MI2
Aug  2 16:46:30 pluto[3599]: "vpn" #1299: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Aug  2 16:46:30 pluto[3599]: "vpn" #1299: STATE_MAIN_R2: sent MR2, expecting MI3
Aug  2 16:46:30 pluto[3599]: "vpn" #1299: Main mode peer ID is ID_FQDN:
Aug  2 16:46:30 pluto[3599]: "vpn" #1299: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Aug  2 16:46:30 pluto[3599]: "vpn" #1299: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}

And that its happens after to make estabilization between servers

Aug  9 14:31:57 kernel: KLIPS mast0: no SA for saref=17
Aug  9 14:31:58 kernel: KLIPS mast0: no SA for saref=17
Aug  9 14:31:59 kernel: KLIPS mast0: no SA for saref=17
Aug  9 14:32:00 kernel: KLIPS mast0: no SA for saref=17
Aug  9 14:32:01 kernel: KLIPS mast0: no SA for saref=17
Aug  9 14:32:02 kernel: KLIPS mast0: no SA for saref=17
Aug  9 14:32:03 kernel: KLIPS mast0: no SA for saref=17
Aug  9 14:32:04 kernel: KLIPS mast0: no SA for saref=17
Aug  9 14:32:05 kernel: KLIPS mast0: no SA for saref=17
Aug  9 14:32:06 kernel: KLIPS mast0: no SA for saref=17
Aug  9 14:32:07 kernel: KLIPS mast0: no SA for saref=17
Aug  9 14:32:07 pluto[7679]: "vpn" #16: received Delete SA(0x15ea5cda) payload: deleting IPSEC State #17
Aug  9 14:32:07 pluto[7679]: "vpn" #16: received Delete SA payload: deleting ISAKMP State #1


Is this some correlation between the freeze and messages?

Tks for attention!

Marcel de Lima
delima_lima at yahoo.com.br
Lpci - Level 2
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100823/a80e3427/attachment.html

More information about the Users mailing list