[Openswan Users] States of Tunnel Connection

Paul Wouters paul at xelerance.com
Sat Dec 18 13:43:37 EST 2010 

On Sat, 18 Dec 2010, Hammad wrote:

> Just got done with my ipsec tunnel between two hosts (site-to-site) with following 'ipsec barf' logs. Just for knowledge
> sharing, are these all six stages of tunnel creation?
> Does it indicate that tunnel is successfully created and ready for use now?

Yes, upto the "IPsec SA established tunnel mode".

The two log lines after that is you receiving a request to terminate a tunnel you already
terminated (prob you did a restart on one end)

Paul

> Regards,
> Hammad
> 
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: initiating Main Mode
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: received Vendor ID payload [Openswan (this version) 2.6.27 ]
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: received Vendor ID payload [Dead Peer Detection]
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: received Vendor ID payload [RFC 3947] method set to=109
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: enabling possible NAT-traversal with method 4
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: STATE_MAIN_I2: sent MI2, expecting MR2
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): both are NATed
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: STATE_MAIN_I3: sent MI3, expecting MR3
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: received Vendor ID payload [CAN-IKEv2]
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: Main mode peer ID is ID_IPV4_ADDR: '50.16.16.16'
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
> cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #2: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW {using
> isakmp#1 msgid:9e6d46b2 proposal=defaults pfsgroup=OAKLEY_GROUP_MODP1536}
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #2: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
> Dec 18 10:06:58 hostname pluto[25453]: "p2p" #2: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode
> {ESP=>0xc624ebb7 <0x687fb37b xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=50.16.217.145:4500 DPD=none}
> Dec 18 10:07:13 hostname pluto[25453]: "p2p" #1: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x9facf6d9) not found
> (maybe expired)
> Dec 18 10:07:13 hostname pluto[25453]: "p2p" #1: received and ignored informational message
> 
>

More information about the Users mailing list