[Openswan Users] More bizarre ipsec problems; service ipsec stop hangs; random hosts offline; /var/log/secure going nuts...
Paul Wouters
paul at xelerance.com
Mon Jul 19 14:48:13 EDT 2010
On Mon, 19 Jul 2010, Greg Scott wrote:
> Jul 19 11:34:44 audubon-fw1 pluto[1885]: "mn-hq" #182607: max number of retransmissions (2) reached STATE_QUICK_I1. No acceptable
> response to our first Quick Mode message: perhaps peer likes no proposal
>
> Jul 19 11:34:44 audubon-fw1 pluto[1885]: "mn-hq" #182607: starting keying attempt 13 of an unlimited number
>
> Jul 19 11:34:44 audubon-fw1 pluto[1885]: "mn-hq" #198980: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW to replace #182607
> {using isakmp#115214 msgid:bee017dd proposal=defaults pfsgroup=OAKLEY_GROUP_MODP2048}
>
>
>
> Good thing I intervened when I did – take a look at how big /var/log/secure has grown on both sides:
>
>
>
> [root at audubon-fw1 ~]# ls -al /var/log/secure
>
> -rw-------. 1 root root 110850999 Jul 19 12:17 /var/log/secure
Openswan has an exponential backoff method. Are you sure openswan was
generating all that data in the logs?
Paul
More information about the Users
mailing list