[Openswan Users] States of Tunnel Connection

Hammad raohammad at gmail.com
Sat Dec 18 05:29:04 EST 2010 

Hi All,

Just got done with my ipsec tunnel between two hosts (site-to-site) with
following 'ipsec barf' logs. Just for knowledge sharing, are these all six
stages of tunnel creation?
Does it indicate that tunnel is successfully created and ready for use now?

Regards,
Hammad

Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: initiating Main Mode
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: received Vendor ID payload
[Openswan (this version) 2.6.27 ]
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: received Vendor ID payload
[Dead Peer Detection]
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: received Vendor ID payload
[RFC 3947] method set to=109
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: enabling possible
NAT-traversal with method 4
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: transition from state
STATE_MAIN_I1 to state STATE_MAIN_I2
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: STATE_MAIN_I2: sent MI2,
expecting MR2
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: NAT-Traversal: Result using
RFC 3947 (NAT-Traversal): both are NATed
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: transition from state
STATE_MAIN_I2 to state STATE_MAIN_I3
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: STATE_MAIN_I3: sent MI3,
expecting MR3
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: received Vendor ID payload
[CAN-IKEv2]
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: Main mode peer ID is
ID_IPV4_ADDR: '50.16.16.16'
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: transition from state
STATE_MAIN_I3 to state STATE_MAIN_I4
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: STATE_MAIN_I4: ISAKMP SA
established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192
prf=oakley_sha group=modp1536}
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #2: initiating Quick Mode
PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW {using isakmp#1 msgid:9e6d46b2
proposal=defaults pfsgroup=OAKLEY_GROUP_MODP1536}
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #2: transition from
stateSTATE_QUICK_I1to state STATE_QUICK_I2
Dec 18 10:06:58 hostname pluto[25453]: "p2p" #2: STATE_QUICK_I2: sent QI2,
IPsec SA established tunnel mode {ESP=>0xc624ebb7 <0x687fb37b
xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=50.16.217.145:4500 DPD=none}
Dec 18 10:07:13 hostname pluto[25453]: "p2p" #1: ignoring Delete SA payload:
PROTO_IPSEC_ESP SA(0x9facf6d9) not found (maybe expired)
Dec 18 10:07:13 hostname pluto[25453]: "p2p" #1: received and ignored
informational message
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20101218/6d8f3b43/attachment.html

More information about the Users mailing list