[Openswan Users] Reports of IPSEC tunnels going offline with 2.6.28

Greg Scott GregScott at Infrasupport.com
Thu Sep 9 01:05:41 EDT 2010


The phone rang today with a customer talking about tunnel problems and
the only cure was a reboot.   This one has two sites, Iowa, named HQ and
Minnesota, named MN.  Both sites are already running 2.6.28.  

 

Looking at /var/log/secure - it looks like a problem started on Sep 8
around 27 minutes after midnight.  The systems at both sites are running
ntp, so both clocks are synchronized.  At 00:26:44, both HQ and MN
report an SA established.   At 00:27:14, HQ starts reporting
"Informational Exchange message must be encrypted" and MN reports a
malformed payload.   This repeats a few times until 00:37:54, when MN
reports "too many (17) malformed payloads. Deleting state".  After that,
several messages on both sides with initiate on demand errors.  Around
09:26:00, the folks at the MN site rebooted the MN firewall.  After
that, the tunnel came back as normal.   This customer has reported this
happening at least twice in the past few days.  Again, this is with
2.6.28 at both sites.  

 

Could this be a hardware problem?

 

I'll paste in extracts from /var/log/secure below.  Public IP Addresses
disguised.

 

MN site:

 

Sep  8 00:23:34 MN-fw1 pluto[2192]: "mn-hq" #440: STATE_MAIN_I4: ISAKMP
SA established {auth=OAKLEY_RSA_

SIG cipher=aes_128 prf=oakley_sha group=modp2048}

Sep  8 00:25:34 MN-fw1 pluto[2192]: "mn-hq" #441: initiating Quick Mode
RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKE

v2ALLOW to replace #429 {using isakmp#440 msgid:c03bde2c
proposal=defaults pfsgroup=OAKLEY_GROUP_MODP204

8}

Sep  8 00:26:04 MN-fw1 pluto[2192]: "mn-hq" #441: ERROR: netlink
response for Add SA esp.c7d28cc6 at 3.4.

177.201 included errno 3: No such process

Sep  8 00:26:14 MN-fw1 pluto[2192]: "mn-hq" #441: discarding duplicate
packet; already STATE_QUICK_I1

Sep  8 00:26:34 MN-fw1 pluto[2192]: "mn-hq" #441: discarding duplicate
packet; already STATE_QUICK_I1

Sep  8 00:26:44 MN-fw1 pluto[2192]: "mn-hq" #441: max number of
retransmissions (2) reached STATE_QUICK_

I1

Sep  8 00:26:44 MN-fw1 pluto[2192]: "mn-hq" #441: starting keying
attempt 2 of an unlimited number

Sep  8 00:26:44 MN-fw1 pluto[2192]: "mn-hq" #442: initiating Quick Mode
RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKE

v2ALLOW to replace #441 {using isakmp#440 msgid:54f2144a
proposal=defaults pfsgroup=OAKLEY_GROUP_MODP204

8}

Sep  8 00:26:44 MN-fw1 pluto[2192]: "mn-hq" #442: transition from state
STATE_QUICK_I1 to state STATE_QU

ICK_I2

Sep  8 00:26:44 MN-fw1 pluto[2192]: "mn-hq" #442: STATE_QUICK_I2: sent
QI2, IPsec SA established tunnel

mode {ESP=>0xdf3128a4 <0x00f94364 xfrm=AES_128-HMAC_SHA1 NATOA=none
NATD=none DPD=none}

Sep  8 00:27:14 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:27:14 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:27:14 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:27:14 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:27:14 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:27:54 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:27:54 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:27:54 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:27:54 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:27:54 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:28:34 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:28:34 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:28:34 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:28:34 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:28:34 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:29:14 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:29:14 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:29:14 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:29:14 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:29:14 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:29:54 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:29:54 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:29:54 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:29:54 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:29:54 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:30:34 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:30:34 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:30:34 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:30:34 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:30:34 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:31:14 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:31:14 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:31:14 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:31:14 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:31:14 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:31:54 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:31:54 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:31:54 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:31:54 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:31:54 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:32:34 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:32:34 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:32:34 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:32:34 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:32:34 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:33:14 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:33:14 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:33:14 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:33:14 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:33:14 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:33:54 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:33:54 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:33:54 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:33:54 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:33:54 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:34:34 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:34:34 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:34:34 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:34:34 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:34:34 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:35:14 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:35:14 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:35:14 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:35:14 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:35:14 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:35:54 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:35:54 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:35:54 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:35:54 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:35:54 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:36:34 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:36:34 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:36:34 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:36:34 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:36:34 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:37:14 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:37:14 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:37:14 MN-fw1 pluto[2192]: | payload malformed after IV

Sep  8 00:37:14 MN-fw1 pluto[2192]: |   c5 15 27 ac  8e a4 30 b7  af 3f
05 d3  57 e3 9b 0a

Sep  8 00:37:14 MN-fw1 pluto[2192]: "mn-hq" #440: sending notification
PAYLOAD_MALFORMED to 1.2.252.17

8:500

Sep  8 00:37:54 MN-fw1 pluto[2192]: "mn-hq" #440: byte 2 of ISAKMP Hash
Payload must be zero, but is not

Sep  8 00:37:54 MN-fw1 pluto[2192]: "mn-hq" #440: malformed payload in
packet

Sep  8 00:37:54 MN-fw1 pluto[2192]: "mn-hq" #440: too many (17)
malformed payloads. Deleting state

Sep  8 00:37:54 MN-fw1 pluto[2192]: packet from 1.2.252.178:500:
Informational Exchange is for an unkn

own (expired?) SA with MSGID:0xb184d99e

Sep  8 00:38:34 MN-fw1 pluto[2192]: packet from 1.2.252.178:500: Quick
Mode message is for a non-exist

ent (expired?) ISAKMP SA

Sep  8 00:39:41 MN-fw1 pluto[2192]: packet from 1.2.252.178:500:
Informational Exchange is for an unkn

own (expired?) SA with MSGID:0xa56d2416

Sep  8 08:26:44 MN-fw1 pluto[2192]: "mn-hq" #442: IPsec SA expired
(LATEST!)

Sep  8 08:26:44 MN-fw1 pluto[2192]: "mn-hq" #442: down-client output:
Running mn-updown

Sep  8 08:26:44 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.219:49178 to 10.0.0.1:3389 proto=6

 state: fos_start because: acquire

Sep  8 08:26:44 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.63:2860 to 10.0.0.2:80 proto=6 sta

te: fos_start because: acquire

Sep  8 08:26:46 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.54:1025 to 10.0.0.13:161 proto=17

state: fos_start because: acquire

Sep  8 08:26:47 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.217:1029 to 10.0.0.13:161 proto=17

 state: fos_start because: acquire

Sep  8 08:26:49 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.1:3333 to 10.0.0.2:1026 proto=6 st

ate: fos_start because: acquire

Sep  8 08:26:50 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.220:1040 to 10.0.0.11:161 proto=17

 state: fos_start because: acquire

Sep  8 08:26:55 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.55:1038 to 10.0.0.11:161 proto=17

state: fos_start because: acquire

Sep  8 08:27:08 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.120:3000 to 10.0.0.120:3000 proto=

17 state: fos_start because: acquire

Sep  8 08:27:11 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.217:1029 to 10.0.0.16:161 proto=17

 state: fos_start because: acquire

Sep  8 08:27:13 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.219:52757 to 10.0.0.2:53 proto=17

state: fos_start because: acquire

Sep  8 08:27:14 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.1:445 to 10.0.0.56:1061 proto=6 st

ate: fos_start because: acquire

Sep  8 08:27:15 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.220:1040 to 10.0.0.13:161 proto=17

 state: fos_start because: acquire

Sep  8 08:27:20 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.55:1038 to 10.0.0.13:161 proto=17

state: fos_start because: acquire

Sep  8 08:27:21 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.1:3332 to 10.0.0.2:1026 proto=6 st

ate: fos_start because: acquire

Sep  8 08:27:22 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.54:58655 to 10.0.0.2:53 proto=17 s

tate: fos_start because: acquire

Sep  8 08:27:24 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.63:2894 to 10.0.0.2:80 proto=6 sta

te: fos_start because: acquire

Sep  8 08:27:29 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.219:50048 to 10.0.0.1:3389 proto=6

 state: fos_start because: acquire

Sep  8 08:27:35 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.217:1029 to 10.0.0.19:161 proto=17

 state: fos_start because: acquire

Sep  8 08:27:39 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.220:1040 to 10.0.0.16:161 proto=17

 state: fos_start because: acquire

Sep  8 08:27:41 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.54:1025 to 10.0.0.13:161 proto=17

state: fos_start because: acquire

Sep  8 08:27:44 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.55:1038 to 10.0.0.18:161 proto=17

state: fos_start because: acquire

Sep  8 08:27:52 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.217:53072 to 10.0.0.2:53 proto=17

state: fos_start because: acquire

Sep  8 08:27:55 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.63:2895 to 10.0.0.2:80 proto=6 sta

te: fos_start because: acquire

Sep  8 08:27:57 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.1:8 to 10.0.0.2:0 proto=1 state: f

os_start because: acquire

Sep  8 08:27:57 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.52:1054 to 10.0.0.1:3389 proto=6 s

tate: fos_start because: acquire

Sep  8 08:28:02 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.219:50050 to 10.0.0.1:3389 proto=6

 state: fos_start because: acquire

Sep  8 08:28:03 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.220:1040 to 10.0.0.18:161 proto=17

 state: fos_start because: acquire

Sep  8 08:28:09 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.120:3000 to 10.0.0.120:3000 proto=

17 state: fos_start because: acquire

Sep  8 08:28:12 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.55:1040 to 10.0.0.1:3389 proto=6 s

tate: fos_start because: acquire

Sep  8 08:28:27 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.220:1040 to 10.0.0.19:161 proto=17

 state: fos_start because: acquire

Sep  8 08:28:28 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.63:2897 to 10.0.0.2:80 proto=6 sta

te: fos_start because: acquire

Sep  8 08:28:29 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.217:1029 to 10.0.0.13:161 proto=17

 state: fos_start because: acquire

Sep  8 08:28:36 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.54:1025 to 10.0.0.13:161 proto=17

state: fos_start because: acquire

Sep  8 08:28:38 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.55:1038 to 10.0.0.11:161 proto=17

state: fos_start because: acquire

Sep  8 08:28:41 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.219:50056 to 10.0.0.1:3389 proto=6

 state: fos_start because: acquire

Sep  8 08:28:44 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.55:1480 to 10.0.0.1:3389 proto=6 s

tate: fos_start because: acquire

Sep  8 08:28:54 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.217:1029 to 10.0.0.16:161 proto=17

 state: fos_start because: acquire

Sep  8 08:28:58 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.63:2898 to 10.0.0.2:80 proto=6 sta

te: fos_start because: acquire

Sep  8 08:28:59 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.121:7107 to 10.0.0.121:4029 proto=

6 state: fos_start because: acquire

Sep  8 08:29:03 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.55:1038 to 10.0.0.13:161 proto=17

state: fos_start because: acquire

Sep  8 08:29:10 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.120:3000 to 10.0.0.120:3000 proto=

17 state: fos_start because: acquire

Sep  8 08:29:14 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.219:50057 to 10.0.0.1:3389 proto=6

 state: fos_start because: acquire

Sep  8 08:29:17 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.55:1482 to 10.0.0.1:3389 proto=6 s

tate: fos_start because: acquire

Sep  8 08:29:18 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.217:1029 to 10.0.0.19:161 proto=17

 state: fos_start because: acquire

Sep  8 08:29:20 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.1:56102 to 10.0.0.2:53 proto=17 st

--More--(53%)

.

.

.

Sep  8 09:25:24 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.55:1038 to 10.0.0.11:161 proto=17

state: fos_start because: acquire

Sep  8 09:25:25 MN-fw1 sshd[1540]: Received signal 15; terminating.

Sep  8 09:25:26 MN-fw1 pluto[2192]: initiate on demand from
192.168.0.54:1025 to 10.0.0.13:161 proto=17

state: fos_start because: acquire

Sep  8 09:25:30 MN-fw1 pluto[2192]: shutting down

Sep  8 09:25:30 MN-fw1 pluto[2192]: forgetting secrets

Sep  8 09:25:30 MN-fw1 pluto[2192]: "mn-hq": deleting connection

Sep  8 09:25:30 MN-fw1 pluto[2192]: "mn-hq" #180: deleting state
(STATE_MAIN_I2)

Sep  8 09:25:30 MN-fw1 pluto[2192]: "mn-hq": unroute-client output:
Running mn-updown

Sep  8 09:25:30 MN-fw1 pluto[2192]: "mn-hq": unroute-client output:
/usr/local/lib/ipsec/_updown.netkey:

 doroute `ip route del 10.0.0.0/24 via 3.4.177.202 dev br0 ' failed
(RTNETLINK answers: No such proces

s)

Sep  8 09:25:30 MN-fw1 pluto[2192]: shutting down interface lo/lo
::1:500

Sep  8 09:25:30 MN-fw1 pluto[2192]: shutting down interface lo/lo
127.0.0.1:4500

Sep  8 09:25:30 MN-fw1 pluto[2192]: shutting down interface lo/lo
127.0.0.1:500

Sep  8 09:25:30 MN-fw1 pluto[2192]: shutting down interface eth2/eth2
192.168.253.1:4500

Sep  8 09:25:30 MN-fw1 pluto[2192]: shutting down interface eth2/eth2
192.168.253.1:500

Sep  8 09:25:30 MN-fw1 pluto[2192]: shutting down interface eth3/eth3
10.10.10.70:4500

Sep  8 09:25:30 MN-fw1 pluto[2192]: shutting down interface eth3/eth3
10.10.10.70:500

Sep  8 09:25:30 MN-fw1 pluto[2192]: shutting down interface br0/br0
192.168.0.10:4500

Sep  8 09:25:30 MN-fw1 pluto[2192]: shutting down interface br0/br0
192.168.0.10:500

Sep  8 09:25:30 MN-fw1 pluto[2192]: shutting down interface br0/br0
3.4.177.201:4500

Sep  8 09:25:30 MN-fw1 pluto[2192]: shutting down interface br0/br0
3.4.177.201:500

Sep  8 09:26:53 MN-fw1 runuser: pam_unix(runuser:session): session
opened for user root by (uid=0)

Sep  8 09:26:53 MN-fw1 runuser: pam_unix(runuser:session): session
closed for user root

Sep  8 09:26:56 MN-fw1 ipsec__plutorun: Starting Pluto subsystem...

Sep  8 09:26:56 MN-fw1 pluto[1486]: nss directory plutomain:
/etc/ipsec.d

Sep  8 09:26:56 MN-fw1 pluto[1486]: NSS Initialized

Sep  8 09:26:56 MN-fw1 pluto[1486]: Starting Pluto (Openswan Version
2.6.28; Vendor ID OEQ{O\177nez{CQ)

pid:1486

Sep  8 09:26:56 MN-fw1 pluto[1486]: Non-fips mode set in
/proc/sys/crypto/fips_enabled

Sep  8 09:26:56 MN-fw1 pluto[1486]: SAref support [disabled]: Protocol
not available

Sep  8 09:26:56 MN-fw1 pluto[1486]: SAbind support [disabled]: Protocol
not available

Sep  8 09:26:56 MN-fw1 pluto[1486]: Setting NAT-Traversal port-4500
floating to on

Sep  8 09:26:56 MN-fw1 pluto[1486]:    port floating activation criteria
nat_t=1/port_float=1

Sep  8 09:26:56 MN-fw1 pluto[1486]:    NAT-Traversal support  [enabled]

Sep  8 09:26:56 MN-fw1 pluto[1486]: 1 bad entries in virtual_private -
none loaded

Sep  8 09:26:56 MN-fw1 pluto[1486]: ike_alg_register_enc(): Activating
OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0

)

Sep  8 09:26:56 MN-fw1 pluto[1486]: ike_alg_register_enc(): Activating
OAKLEY_TWOFISH_CBC: Ok (ret=0)

Sep  8 09:26:56 MN-fw1 pluto[1486]: ike_alg_register_enc(): Activating
OAKLEY_SERPENT_CBC: Ok (ret=0)

Sep  8 09:26:56 MN-fw1 pluto[1486]: ike_alg_register_enc(): Activating
OAKLEY_AES_CBC: Ok (ret=0)

Sep  8 09:26:56 MN-fw1 pluto[1486]: ike_alg_register_enc(): Activating
OAKLEY_BLOWFISH_CBC: Ok (ret=0)

Sep  8 09:26:56 MN-fw1 pluto[1486]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_512: Ok (ret=0)

Sep  8 09:26:56 MN-fw1 pluto[1486]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_256: Ok (ret=0)

Sep  8 09:26:56 MN-fw1 pluto[1486]: no helpers will be started, all
cryptographic operations will be don

e inline

Sep  8 09:26:56 MN-fw1 pluto[1486]: Using Linux 2.6 IPsec interface code
on 2.6.33.5-112.fc13.i686.PAE (

experimental code)

Sep  8 09:26:56 MN-fw1 sshd[1515]: Server listening on 0.0.0.0 port 22.

Sep  8 09:26:56 MN-fw1 sshd[1515]: Server listening on :: port 22.

Sep  8 09:26:57 MN-fw1 pluto[1486]: ike_alg_register_enc(): Activating
aes_ccm_8: Ok (ret=0)

Sep  8 09:26:57 MN-fw1 pluto[1486]: ike_alg_add(): ERROR: Algorithm
already exists

Sep  8 09:26:57 MN-fw1 pluto[1486]: ike_alg_register_enc(): Activating
aes_ccm_12: FAILED (ret=-17)

Sep  8 09:26:57 MN-fw1 pluto[1486]: ike_alg_add(): ERROR: Algorithm
already exists

Sep  8 09:26:57 MN-fw1 pluto[1486]: ike_alg_register_enc(): Activating
aes_ccm_16: FAILED (ret=-17)

Sep  8 09:26:57 MN-fw1 pluto[1486]: ike_alg_add(): ERROR: Algorithm
already exists

Sep  8 09:26:57 MN-fw1 pluto[1486]: ike_alg_register_enc(): Activating
aes_gcm_8: FAILED (ret=-17)

Sep  8 09:26:57 MN-fw1 pluto[1486]: ike_alg_add(): ERROR: Algorithm
already exists

Sep  8 09:26:57 MN-fw1 pluto[1486]: ike_alg_register_enc(): Activating
aes_gcm_12: FAILED (ret=-17)

Sep  8 09:26:57 MN-fw1 pluto[1486]: ike_alg_add(): ERROR: Algorithm
already exists

Sep  8 09:26:57 MN-fw1 pluto[1486]: ike_alg_register_enc(): Activating
aes_gcm_16: FAILED (ret=-17)

Sep  8 09:26:57 MN-fw1 pluto[1486]: myid malformed: empty string ""

Sep  8 09:26:57 MN-fw1 pluto[1486]: Changed path to directory
'/etc/ipsec.d/cacerts'

Sep  8 09:26:57 MN-fw1 pluto[1486]: Changed path to directory
'/etc/ipsec.d/aacerts'

Sep  8 09:26:57 MN-fw1 pluto[1486]: Changed path to directory
'/etc/ipsec.d/ocspcerts'

Sep  8 09:26:57 MN-fw1 pluto[1486]: Changing to directory
'/etc/ipsec.d/crls'

Sep  8 09:26:57 MN-fw1 pluto[1486]:   Warning: empty directory

Sep  8 09:26:57 MN-fw1 pluto[1486]: added connection description "mn-hq"

Sep  8 09:26:57 MN-fw1 pluto[1486]: listening for IKE messages

Sep  8 09:26:57 MN-fw1 pluto[1486]: NAT-Traversal: Trying new style
NAT-T

Sep  8 09:26:57 MN-fw1 pluto[1486]: NAT-Traversal: ESPINUDP(1) setup
failed for new style NAT-T family I

Pv4 (errno=19)

Sep  8 09:26:57 MN-fw1 pluto[1486]: NAT-Traversal: Trying old style
NAT-T

Sep  8 09:26:57 MN-fw1 pluto[1486]: adding interface eth3/eth3
10.10.10.70:500

Sep  8 09:26:57 MN-fw1 pluto[1486]: adding interface eth3/eth3
10.10.10.70:4500

Sep  8 09:26:57 MN-fw1 pluto[1486]: adding interface eth2/eth2
192.168.253.1:500

Sep  8 09:26:57 MN-fw1 pluto[1486]: adding interface eth2/eth2
192.168.253.1:4500

Sep  8 09:26:57 MN-fw1 pluto[1486]: adding interface eth1/eth1
192.168.0.10:500

Sep  8 09:26:57 MN-fw1 pluto[1486]: adding interface eth1/eth1
192.168.0.10:4500

Sep  8 09:26:57 MN-fw1 pluto[1486]: adding interface eth0/eth0
3.4.177.201:500

Sep  8 09:26:57 MN-fw1 pluto[1486]: adding interface eth0/eth0
3.4.177.201:4500

Sep  8 09:26:57 MN-fw1 pluto[1486]: adding interface lo/lo 127.0.0.1:500

Sep  8 09:26:57 MN-fw1 pluto[1486]: adding interface lo/lo
127.0.0.1:4500

Sep  8 09:26:57 MN-fw1 pluto[1486]: adding interface lo/lo ::1:500

Sep  8 09:26:57 MN-fw1 pluto[1486]: loading secrets from
"/etc/ipsec.secrets"

Sep  8 09:26:57 MN-fw1 pluto[1486]: loading secrets from
"/etc/ipsec.d/hostkey.secrets"

Sep  8 09:26:57 MN-fw1 pluto[1486]: loaded private key for keyid:
PPK_RSA:AQOwd0G2W

Sep  8 09:26:57 MN-fw1 pluto[1486]: "mn-hq": prepare-client output:
Running mn-updown

Sep  8 09:26:57 MN-fw1 pluto[1486]: "mn-hq": prepare-client output:
Cannot find device "br0"

Sep  8 09:26:57 MN-fw1 pluto[1486]: "mn-hq": prepare-client command
exited with status 255

Sep  8 09:26:57 MN-fw1 pluto[1486]: "mn-hq": route-client output:
Running mn-updown

Sep  8 09:26:57 MN-fw1 pluto[1486]: "mn-hq": route-client output:
RTNETLINK answers: Network is unreacha

ble

Sep  8 09:26:57 MN-fw1 pluto[1486]: "mn-hq": route-client output: Cannot
find device "br0"

Sep  8 09:26:57 MN-fw1 pluto[1486]: "mn-hq": route-client command exited
with status 255

Sep  8 09:26:57 MN-fw1 pluto[1486]: "mn-hq": down-client output: Running
mn-updown

Sep  8 09:26:57 MN-fw1 pluto[1486]: "mn-hq": down-client output: Cannot
find device "br0"

Sep  8 09:26:57 MN-fw1 pluto[1486]: "mn-hq": down-client command exited
with status 255

Sep  8 09:26:57 MN-fw1 pluto[1486]: "mn-hq" #1: initiating Main Mode

Sep  8 09:26:57 MN-fw1 pluto[1486]: ERROR: "mn-hq" #1: sendto on eth0 to
1.2.252.178:500 failed in mai

n_outI1. Errno 101: Network is unreachable

Sep  8 09:27:00 MN-fw1 pluto[1486]: shutting down

Sep  8 09:27:00 MN-fw1 pluto[1486]: forgetting secrets

Sep  8 09:27:00 MN-fw1 pluto[1486]: "mn-hq": deleting connection

Sep  8 09:27:00 MN-fw1 pluto[1486]: "mn-hq" #1: deleting state
(STATE_MAIN_I1)

Sep  8 09:27:00 MN-fw1 pluto[1486]: shutting down interface lo/lo
::1:500

Sep  8 09:27:00 MN-fw1 pluto[1486]: shutting down interface lo/lo
127.0.0.1:4500

Sep  8 09:27:00 MN-fw1 pluto[1486]: shutting down interface lo/lo
127.0.0.1:500

Sep  8 09:27:00 MN-fw1 pluto[1486]: shutting down interface eth0/eth0
3.4.177.201:4500

Sep  8 09:27:00 MN-fw1 pluto[1486]: shutting down interface eth0/eth0
3.4.177.201:500

Sep  8 09:27:00 MN-fw1 pluto[1486]: shutting down interface eth1/eth1
192.168.0.10:4500

Sep  8 09:27:00 MN-fw1 pluto[1486]: shutting down interface eth1/eth1
192.168.0.10:500

Sep  8 09:27:00 MN-fw1 pluto[1486]: shutting down interface eth2/eth2
192.168.253.1:4500

Sep  8 09:27:00 MN-fw1 pluto[1486]: shutting down interface eth2/eth2
192.168.253.1:500

Sep  8 09:27:00 MN-fw1 pluto[1486]: shutting down interface eth3/eth3
10.10.10.70:4500

Sep  8 09:27:00 MN-fw1 pluto[1486]: shutting down interface eth3/eth3
10.10.10.70:500

Sep  8 09:27:02 MN-fw1 ipsec__plutorun: Starting Pluto subsystem...

Sep  8 09:27:02 MN-fw1 pluto[2173]: nss directory plutomain:
/etc/ipsec.d

Sep  8 09:27:02 MN-fw1 pluto[2173]: NSS Initialized

Sep  8 09:27:02 MN-fw1 pluto[2173]: Starting Pluto (Openswan Version
2.6.28; Vendor ID OEQ{O\177nez{CQ)

pid:2173

Sep  8 09:27:02 MN-fw1 pluto[2173]: Non-fips mode set in
/proc/sys/crypto/fips_enabled

Sep  8 09:27:02 MN-fw1 pluto[2173]: SAref support [disabled]: Protocol
not available

Sep  8 09:27:02 MN-fw1 pluto[2173]: SAbind support [disabled]: Protocol
not available

Sep  8 09:27:02 MN-fw1 pluto[2173]: Setting NAT-Traversal port-4500
floating to on

Sep  8 09:27:02 MN-fw1 pluto[2173]:    port floating activation criteria
nat_t=1/port_float=1

Sep  8 09:27:02 MN-fw1 pluto[2173]:    NAT-Traversal support  [enabled]

Sep  8 09:27:02 MN-fw1 pluto[2173]: 1 bad entries in virtual_private -
none loaded

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_register_enc(): Activating
OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0

)

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_register_enc(): Activating
OAKLEY_TWOFISH_CBC: Ok (ret=0)

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_register_enc(): Activating
OAKLEY_SERPENT_CBC: Ok (ret=0)

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_register_enc(): Activating
OAKLEY_AES_CBC: Ok (ret=0)

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_register_enc(): Activating
OAKLEY_BLOWFISH_CBC: Ok (ret=0)

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_512: Ok (ret=0)

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_256: Ok (ret=0)

Sep  8 09:27:02 MN-fw1 pluto[2173]: no helpers will be started, all
cryptographic operations will be don

e inline

Sep  8 09:27:02 MN-fw1 pluto[2173]: Using Linux 2.6 IPsec interface code
on 2.6.33.5-112.fc13.i686.PAE (

experimental code)

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_register_enc(): Activating
aes_ccm_8: Ok (ret=0)

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_add(): ERROR: Algorithm
already exists

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_register_enc(): Activating
aes_ccm_12: FAILED (ret=-17)

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_add(): ERROR: Algorithm
already exists

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_register_enc(): Activating
aes_ccm_16: FAILED (ret=-17)

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_add(): ERROR: Algorithm
already exists

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_register_enc(): Activating
aes_gcm_8: FAILED (ret=-17)

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_add(): ERROR: Algorithm
already exists

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_register_enc(): Activating
aes_gcm_12: FAILED (ret=-17)

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_add(): ERROR: Algorithm
already exists

Sep  8 09:27:02 MN-fw1 pluto[2173]: ike_alg_register_enc(): Activating
aes_gcm_16: FAILED (ret=-17)

Sep  8 09:27:02 MN-fw1 pluto[2173]: Changed path to directory
'/etc/ipsec.d/cacerts'

Sep  8 09:27:02 MN-fw1 pluto[2173]: Changed path to directory
'/etc/ipsec.d/aacerts'

Sep  8 09:27:02 MN-fw1 pluto[2173]: Changed path to directory
'/etc/ipsec.d/ocspcerts'

Sep  8 09:27:02 MN-fw1 pluto[2173]: Changing to directory
'/etc/ipsec.d/crls'

Sep  8 09:27:02 MN-fw1 pluto[2173]:   Warning: empty directory

Sep  8 09:27:02 MN-fw1 pluto[2173]: added connection description "mn-hq"

Sep  8 09:27:02 MN-fw1 pluto[2173]: listening for IKE messages

Sep  8 09:27:02 MN-fw1 pluto[2173]: NAT-Traversal: Trying new style
NAT-T

Sep  8 09:27:02 MN-fw1 pluto[2173]: NAT-Traversal: ESPINUDP(1) setup
failed for new style NAT-T family I

Pv4 (errno=19)

Sep  8 09:27:02 MN-fw1 pluto[2173]: NAT-Traversal: Trying old style
NAT-T

Sep  8 09:27:02 MN-fw1 pluto[2173]: adding interface br0/br0
3.4.177.201:500

Sep  8 09:27:02 MN-fw1 pluto[2173]: adding interface br0/br0
3.4.177.201:4500

Sep  8 09:27:02 MN-fw1 pluto[2173]: adding interface br0/br0
192.168.0.10:500

Sep  8 09:27:02 MN-fw1 pluto[2173]: adding interface br0/br0
192.168.0.10:4500

Sep  8 09:27:02 MN-fw1 pluto[2173]: adding interface eth3/eth3
10.10.10.70:500

Sep  8 09:27:02 MN-fw1 pluto[2173]: adding interface eth3/eth3
10.10.10.70:4500

Sep  8 09:27:02 MN-fw1 pluto[2173]: adding interface eth2/eth2
192.168.253.1:500

Sep  8 09:27:02 MN-fw1 pluto[2173]: adding interface eth2/eth2
192.168.253.1:4500

Sep  8 09:27:02 MN-fw1 pluto[2173]: adding interface lo/lo 127.0.0.1:500

Sep  8 09:27:02 MN-fw1 pluto[2173]: adding interface lo/lo
127.0.0.1:4500

Sep  8 09:27:02 MN-fw1 pluto[2173]: adding interface lo/lo ::1:500

Sep  8 09:27:02 MN-fw1 pluto[2173]: loading secrets from
"/etc/ipsec.secrets"

Sep  8 09:27:02 MN-fw1 pluto[2173]: loading secrets from
"/etc/ipsec.d/hostkey.secrets"

Sep  8 09:27:02 MN-fw1 pluto[2173]: loaded private key for keyid:
PPK_RSA:AQOwd0G2W

Sep  8 09:27:02 MN-fw1 pluto[2173]: "mn-hq": prepare-client output:
Running mn-updown

Sep  8 09:27:02 MN-fw1 pluto[2173]: "mn-hq": prepare-client output:
RTNETLINK answers: No such file or d

irectory

Sep  8 09:27:02 MN-fw1 pluto[2173]: "mn-hq": prepare-client command
exited with status 2

Sep  8 09:27:02 MN-fw1 pluto[2173]: "mn-hq": route-client output:
Running mn-updown

Sep  8 09:27:03 MN-fw1 pluto[2173]: "mn-hq" #1: initiating Main Mode

Sep  8 09:27:06 MN-fw1 pluto[2173]: ERROR: asynchronous network error
report on br0 (sport=500) for mess

age to 1.2.252.178 port 500, complainant 3.4.177.201: No route to host
[errno 113, origin ICMP type

3 code 1 (not authenticated)]

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #1: received Vendor ID
payload [Openswan (this version) 2.6.

28 ]

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #1: received Vendor ID
payload [Dead Peer Detection]

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #1: received Vendor ID
payload [RFC 3947] method set to=109

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #1: enabling possible
NAT-traversal with method 4

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #1: transition from state
STATE_MAIN_I1 to state STATE_MAIN_

I2

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #1: STATE_MAIN_I2: sent MI2,
expecting MR2

Sep  8 09:27:14 MN-fw1 pluto[2173]: initiate on demand from
192.168.0.219:56222 to 10.0.0.2:53 proto=17

state: fos_start because: acquire

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #1: NAT-Traversal: Result
using RFC 3947 (NAT-Traversal): no

 NAT detected

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #1: transition from state
STATE_MAIN_I2 to state STATE_MAIN_

I3

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #1: STATE_MAIN_I3: sent MI3,
expecting MR3

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #1: received Vendor ID
payload [CAN-IKEv2]

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #1: Main mode peer ID is
ID_FQDN: '@hq.local'

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #1: transition from state
STATE_MAIN_I3 to state STATE_MAIN_

I4

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #1: STATE_MAIN_I4: ISAKMP SA
established {auth=OAKLEY_RSA_SI

G cipher=aes_128 prf=oakley_sha group=modp2048}

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #2: initiating Quick Mode
RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEv2

ALLOW {using isakmp#1 msgid:d173e7ed proposal=defaults
pfsgroup=OAKLEY_GROUP_MODP2048}

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #3: initiating Quick Mode
RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEv2

ALLOW {using isakmp#1 msgid:ebfc7062 proposal=defaults
pfsgroup=OAKLEY_GROUP_MODP2048}

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #2: up-client output:
Running mn-updown

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #2: transition from state
STATE_QUICK_I1 to state STATE_QUIC

K_I2

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #2: STATE_QUICK_I2: sent
QI2, IPsec SA established tunnel mo

de {ESP=>0x3de17b74 <0x5587e847 xfrm=AES_128-HMAC_SHA1 NATOA=none
NATD=none DPD=none}

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #3: transition from state
STATE_QUICK_I1 to state STATE_QUIC

K_I2

Sep  8 09:27:14 MN-fw1 pluto[2173]: "mn-hq" #3: STATE_QUICK_I2: sent
QI2, IPsec SA established tunnel mo

de {ESP=>0x0ac3b910 <0x885ca579 xfrm=AES_128-HMAC_SHA1 NATOA=none
NATD=none DPD=none}

Sep  8 10:10:41 MN-fw1 pluto[2173]: "mn-hq" #4: initiating Main Mode to
replace #1

Sep  8 10:10:41 MN-fw1 pluto[2173]: "mn-hq" #4: received Vendor ID
payload [Openswan (this version) 2.6.

--More--(91%)

 

 

 

HQ site:

 

Sep  8 00:23:34 audubon-fw1 pluto[2248]: "mn-hq" #1351: STATE_MAIN_R3:
sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128
prf=oakle

y_sha group=modp2048}

Sep  8 00:26:04 audubon-fw1 pluto[2248]: "mn-hq" #1351: the peer
proposed: 10.0.0.0/24:0/0 -> 192.168.0.0/24:0/0

Sep  8 00:26:04 audubon-fw1 pluto[2248]: "mn-hq" #1352: responding to
Quick Mode proposal {msgid:c03bde2c}

Sep  8 00:26:04 audubon-fw1 pluto[2248]: "mn-hq" #1352:     us:
10.0.0.0/24===1.2.252.178<1.2.252.178>[@hq.local,+S=C]---1.2.252.190

Sep  8 00:26:04 audubon-fw1 pluto[2248]: "mn-hq" #1352:   them:
3.4.177.202---3.4.177.201<3.4.177.201>[@mn.local,+S=C]===192.168.0.0/24

Sep  8 00:26:04 audubon-fw1 pluto[2248]: "mn-hq" #1352: keeping
refhim=4294901761 during rekey

Sep  8 00:26:04 audubon-fw1 pluto[2248]: "mn-hq" #1352: transition from
state STATE_QUICK_R0 to state STATE_QUICK_R1

Sep  8 00:26:04 audubon-fw1 pluto[2248]: "mn-hq" #1352: STATE_QUICK_R1:
sent QR1, inbound IPsec SA installed, expecting QI2

Sep  8 00:26:44 audubon-fw1 pluto[2248]: "mn-hq" #1351: the peer
proposed: 10.0.0.0/24:0/0 -> 192.168.0.0/24:0/0

Sep  8 00:26:44 audubon-fw1 pluto[2248]: "mn-hq" #1353: responding to
Quick Mode proposal {msgid:54f2144a}

Sep  8 00:26:44 audubon-fw1 pluto[2248]: "mn-hq" #1353:     us:
10.0.0.0/24===1.2.252.178<1.2.252.178>[@hq.local,+S=C]---1.2.252.190

Sep  8 00:26:44 audubon-fw1 pluto[2248]: "mn-hq" #1353:   them:
3.4.177.202---3.4.177.201<3.4.177.201>[@mn.local,+S=C]===192.168.0.0/24

Sep  8 00:26:44 audubon-fw1 pluto[2248]: "mn-hq" #1353: keeping
refhim=4294901761 during rekey

Sep  8 00:26:44 audubon-fw1 pluto[2248]: "mn-hq" #1353: transition from
state STATE_QUICK_R0 to state STATE_QUICK_R1

Sep  8 00:26:44 audubon-fw1 pluto[2248]: "mn-hq" #1353: STATE_QUICK_R1:
sent QR1, inbound IPsec SA installed, expecting QI2

Sep  8 00:26:44 audubon-fw1 pluto[2248]: "mn-hq" #1353: transition from
state STATE_QUICK_R1 to state STATE_QUICK_R2

Sep  8 00:26:44 audubon-fw1 pluto[2248]: "mn-hq" #1353: STATE_QUICK_R2:
IPsec SA established tunnel mode {ESP=>0x00f94364 <0xdf3128a4
xfrm=AES_128-H

MAC_SHA1 NATOA=none NATD=none DPD=none}

Sep  8 00:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:27:54 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:28:34 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:29:15 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:29:54 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:30:34 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:31:14 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:31:54 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:32:34 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:33:14 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:33:54 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:34:34 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:35:15 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:35:54 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:36:34 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:37:14 audubon-fw1 pluto[2248]: "mn-hq" #1351: Informational
Exchange message must be encrypted

Sep  8 00:37:54 audubon-fw1 pluto[2248]: "mn-hq" #1351: received Delete
SA payload: deleting ISAKMP State #1351

Sep  8 00:37:54 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received and ignored informational message

Sep  8 00:39:14 audubon-fw1 pluto[2248]: "mn-hq" #1352: max number of
retransmissions (20) reached STATE_QUICK_R1

Sep  8 00:39:41 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
Informational Exchange is for an unknown (expired?) SA with
MSGID:0xd4010750

Sep  8 08:26:44 audubon-fw1 pluto[2248]: "mn-hq" #1353: IPsec SA expired
(LATEST!)

Sep  8 08:26:44 audubon-fw1 pluto[2248]: "mn-hq" #1353: down-client
output: Running hq-updown

Sep  8 08:26:44 audubon-fw1 pluto[2248]: initiate on demand from
10.0.0.1:3389 to 192.168.0.219:49178 proto=6 state: fos_start because:
acquire

Sep  8 08:26:44 audubon-fw1 pluto[2248]: initiate on demand from
10.0.0.1:3389 to 192.168.0.54:1033 proto=6 state: fos_start because:
acquire

Sep  8 08:26:44 audubon-fw1 pluto[2248]: initiate on demand from
10.0.0.1:3389 to 192.168.0.55:1040 proto=6 state: fos_start because:
acquire

Sep  8 08:26:45 audubon-fw1 pluto[2248]: initiate on demand from
10.0.0.2:1072 to 192.168.0.12:161 proto=17 state: fos_start because:
acquire

--More--(59%)

.

.

.

Sep  8 09:26:45 audubon-fw1 pluto[2248]: initiate on demand from
10.0.0.2:1072 to 192.168.0.12:161 proto=17 state: fos_start because:
acquire

Sep  8 09:26:50 audubon-fw1 pluto[2248]: initiate on demand from
10.0.0.1:1031 to 192.168.0.20:161 proto=17 state: fos_start because:
acquire

Sep  8 09:26:52 audubon-fw1 pluto[2248]: initiate on demand from
10.0.0.1:1031 to 192.168.0.12:161 proto=17 state: fos_start because:
acquire

Sep  8 09:27:05 audubon-fw1 pluto[2248]: initiate on demand from
10.0.0.50:8 to 192.168.0.1:0 proto=1 state: fos_start because: acquire

Sep  8 09:27:06 audubon-fw1 pluto[2248]: initiate on demand from
10.0.0.50:8 to 192.168.0.10:0 proto=1 state: fos_start because: acquire

Sep  8 09:27:07 audubon-fw1 pluto[2248]: initiate on demand from
10.0.0.50:8 to 192.168.0.52:0 proto=1 state: fos_start because: acquire

Sep  8 09:27:13 audubon-fw1 pluto[2248]: initiate on demand from
10.0.0.120:1148 to 192.168.0.122:5000 proto=6 state: fos_start because:
acquire

Sep  8 09:27:14 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [Openswan (this version) 2.6.28 ]

Sep  8 09:27:14 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [Dead Peer Detection]

Sep  8 09:27:14 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [RFC 3947] method set to=109

Sep  8 09:27:14 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but
alr

eady using method 109

Sep  8 09:27:14 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106,
but a

lready using method 109

Sep  8 09:27:14 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
alr

eady using method 109

Sep  8 09:27:14 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1354: responding to
Main Mode

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1354: transition from
state STATE_MAIN_R0 to state STATE_MAIN_R1

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1354: STATE_MAIN_R1:
sent MR1, expecting MI2

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1354: NAT-Traversal:
Result using RFC 3947 (NAT-Traversal): no NAT detected

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1354: transition from
state STATE_MAIN_R1 to state STATE_MAIN_R2

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1354: STATE_MAIN_R2:
sent MR2, expecting MI3

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1354: Main mode peer
ID is ID_FQDN: '@mn.local'

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1354: transition from
state STATE_MAIN_R2 to state STATE_MAIN_R3

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1354: STATE_MAIN_R3:
sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128
prf=oakle

y_sha group=modp2048}

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1354: the peer
proposed: 10.0.0.0/24:0/0 -> 192.168.0.0/24:0/0

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1355: responding to
Quick Mode proposal {msgid:d173e7ed}

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1355:     us:
10.0.0.0/24===1.2.252.178<1.2.252.178>[@hq.local,+S=C]---1.2.252.190

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1355:   them:
3.4.177.202---3.4.177.201<3.4.177.201>[@mn.local,+S=C]===192.168.0.0/24

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1355: transition from
state STATE_QUICK_R0 to state STATE_QUICK_R1

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1355: STATE_QUICK_R1:
sent QR1, inbound IPsec SA installed, expecting QI2

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1354: the peer
proposed: 10.0.0.0/24:0/0 -> 192.168.0.0/24:0/0

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1356: responding to
Quick Mode proposal {msgid:ebfc7062}

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1356:     us:
10.0.0.0/24===1.2.252.178<1.2.252.178>[@hq.local,+S=C]---1.2.252.190

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1356:   them:
3.4.177.202---3.4.177.201<3.4.177.201>[@mn.local,+S=C]===192.168.0.0/24

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1356: transition from
state STATE_QUICK_R0 to state STATE_QUICK_R1

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1356: STATE_QUICK_R1:
sent QR1, inbound IPsec SA installed, expecting QI2

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1355: up-client
output: Running hq-updown

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1355: transition from
state STATE_QUICK_R1 to state STATE_QUICK_R2

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1355: STATE_QUICK_R2:
IPsec SA established tunnel mode {ESP=>0x5587e847 <0x3de17b74
xfrm=AES_128-H

MAC_SHA1 NATOA=none NATD=none DPD=none}

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1356: transition from
state STATE_QUICK_R1 to state STATE_QUICK_R2

Sep  8 09:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1356: STATE_QUICK_R2:
IPsec SA established tunnel mode {ESP=>0x885ca579 <0x0ac3b910
xfrm=AES_128-H

MAC_SHA1 NATOA=none NATD=none DPD=none}

Sep  8 10:10:41 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [Openswan (this version) 2.6.28 ]

Sep  8 10:10:41 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [Dead Peer Detection]

Sep  8 10:10:41 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [RFC 3947] method set to=109

Sep  8 10:10:41 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but
alr

eady using method 109

Sep  8 10:10:41 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106,
but a

lready using method 109

Sep  8 10:10:41 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
alr

eady using method 109

Sep  8 10:10:41 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]

Sep  8 10:10:41 audubon-fw1 pluto[2248]: "mn-hq" #1357: responding to
Main Mode

Sep  8 10:10:41 audubon-fw1 pluto[2248]: "mn-hq" #1357: transition from
state STATE_MAIN_R0 to state STATE_MAIN_R1

Sep  8 10:10:41 audubon-fw1 pluto[2248]: "mn-hq" #1357: STATE_MAIN_R1:
sent MR1, expecting MI2

Sep  8 10:10:41 audubon-fw1 pluto[2248]: "mn-hq" #1357: NAT-Traversal:
Result using RFC 3947 (NAT-Traversal): no NAT detected

Sep  8 10:10:41 audubon-fw1 pluto[2248]: "mn-hq" #1357: transition from
state STATE_MAIN_R1 to state STATE_MAIN_R2

Sep  8 10:10:41 audubon-fw1 pluto[2248]: "mn-hq" #1357: STATE_MAIN_R2:
sent MR2, expecting MI3

Sep  8 10:10:41 audubon-fw1 pluto[2248]: "mn-hq" #1357: Main mode peer
ID is ID_FQDN: '@mn.local'

Sep  8 10:10:41 audubon-fw1 pluto[2248]: "mn-hq" #1357: transition from
state STATE_MAIN_R2 to state STATE_MAIN_R3

Sep  8 10:10:41 audubon-fw1 pluto[2248]: "mn-hq" #1357: STATE_MAIN_R3:
sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128
prf=oakle

y_sha group=modp2048}

Sep  8 10:27:14 audubon-fw1 pluto[2248]: "mn-hq" #1354: received Delete
SA payload: deleting ISAKMP State #1354

Sep  8 10:27:14 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received and ignored informational message

Sep  8 10:54:30 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [Openswan (this version) 2.6.28 ]

Sep  8 10:54:30 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [Dead Peer Detection]

Sep  8 10:54:30 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [RFC 3947] method set to=109

Sep  8 10:54:30 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but
alr

eady using method 109

Sep  8 10:54:30 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106,
but a

lready using method 109

Sep  8 10:54:30 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
alr

eady using method 109

Sep  8 10:54:30 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]

Sep  8 10:54:30 audubon-fw1 pluto[2248]: "mn-hq" #1358: responding to
Main Mode

Sep  8 10:54:30 audubon-fw1 pluto[2248]: "mn-hq" #1358: transition from
state STATE_MAIN_R0 to state STATE_MAIN_R1

Sep  8 10:54:30 audubon-fw1 pluto[2248]: "mn-hq" #1358: STATE_MAIN_R1:
sent MR1, expecting MI2

Sep  8 10:54:30 audubon-fw1 pluto[2248]: "mn-hq" #1358: NAT-Traversal:
Result using RFC 3947 (NAT-Traversal): no NAT detected

Sep  8 10:54:30 audubon-fw1 pluto[2248]: "mn-hq" #1358: transition from
state STATE_MAIN_R1 to state STATE_MAIN_R2

Sep  8 10:54:30 audubon-fw1 pluto[2248]: "mn-hq" #1358: STATE_MAIN_R2:
sent MR2, expecting MI3

Sep  8 10:54:31 audubon-fw1 pluto[2248]: "mn-hq" #1358: Main mode peer
ID is ID_FQDN: '@mn.local'

Sep  8 10:54:31 audubon-fw1 pluto[2248]: "mn-hq" #1358: transition from
state STATE_MAIN_R2 to state STATE_MAIN_R3

Sep  8 10:54:31 audubon-fw1 pluto[2248]: "mn-hq" #1358: STATE_MAIN_R3:
sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128
prf=oakle

y_sha group=modp2048}

Sep  8 11:10:41 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
Informational Exchange is for an unknown (expired?) SA with
MSGID:0x19585286

Sep  8 11:37:19 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [Openswan (this version) 2.6.28 ]

Sep  8 11:37:19 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [Dead Peer Detection]

Sep  8 11:37:19 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [RFC 3947] method set to=109

Sep  8 11:37:19 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but
alr

eady using method 109

Sep  8 11:37:19 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106,
but a

lready using method 109

Sep  8 11:37:19 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
alr

eady using method 109

Sep  8 11:37:19 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]

Sep  8 11:37:19 audubon-fw1 pluto[2248]: "mn-hq" #1359: responding to
Main Mode

Sep  8 11:37:19 audubon-fw1 pluto[2248]: "mn-hq" #1359: transition from
state STATE_MAIN_R0 to state STATE_MAIN_R1

Sep  8 11:37:19 audubon-fw1 pluto[2248]: "mn-hq" #1359: STATE_MAIN_R1:
sent MR1, expecting MI2

Sep  8 11:37:19 audubon-fw1 pluto[2248]: "mn-hq" #1359: NAT-Traversal:
Result using RFC 3947 (NAT-Traversal): no NAT detected

Sep  8 11:37:19 audubon-fw1 pluto[2248]: "mn-hq" #1359: transition from
state STATE_MAIN_R1 to state STATE_MAIN_R2

Sep  8 11:37:19 audubon-fw1 pluto[2248]: "mn-hq" #1359: STATE_MAIN_R2:
sent MR2, expecting MI3

Sep  8 11:37:19 audubon-fw1 pluto[2248]: "mn-hq" #1359: Main mode peer
ID is ID_FQDN: '@mn.local'

Sep  8 11:37:19 audubon-fw1 pluto[2248]: "mn-hq" #1359: transition from
state STATE_MAIN_R2 to state STATE_MAIN_R3

Sep  8 11:37:19 audubon-fw1 pluto[2248]: "mn-hq" #1359: STATE_MAIN_R3:
sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128
prf=oakle

y_sha group=modp2048}

Sep  8 11:54:31 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
Informational Exchange is for an unknown (expired?) SA with
MSGID:0x014a63ab

Sep  8 12:26:33 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [Openswan (this version) 2.6.28 ]

Sep  8 12:26:33 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [Dead Peer Detection]

Sep  8 12:26:33 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [RFC 3947] method set to=109

Sep  8 12:26:33 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but
alr

eady using method 109

Sep  8 12:26:33 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106,
but a

lready using method 109

Sep  8 12:26:33 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
alr

eady using method 109

Sep  8 12:26:33 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]

Sep  8 12:26:33 audubon-fw1 pluto[2248]: "mn-hq" #1360: responding to
Main Mode

Sep  8 12:26:33 audubon-fw1 pluto[2248]: "mn-hq" #1360: transition from
state STATE_MAIN_R0 to state STATE_MAIN_R1

Sep  8 12:26:33 audubon-fw1 pluto[2248]: "mn-hq" #1360: STATE_MAIN_R1:
sent MR1, expecting MI2

Sep  8 12:26:33 audubon-fw1 pluto[2248]: "mn-hq" #1360: NAT-Traversal:
Result using RFC 3947 (NAT-Traversal): no NAT detected

Sep  8 12:26:34 audubon-fw1 pluto[2248]: "mn-hq" #1360: transition from
state STATE_MAIN_R1 to state STATE_MAIN_R2

Sep  8 12:26:34 audubon-fw1 pluto[2248]: "mn-hq" #1360: STATE_MAIN_R2:
sent MR2, expecting MI3

Sep  8 12:26:34 audubon-fw1 pluto[2248]: "mn-hq" #1360: Main mode peer
ID is ID_FQDN: '@mn.local'

Sep  8 12:26:34 audubon-fw1 pluto[2248]: "mn-hq" #1360: transition from
state STATE_MAIN_R2 to state STATE_MAIN_R3

Sep  8 12:26:34 audubon-fw1 pluto[2248]: "mn-hq" #1360: STATE_MAIN_R3:
sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128
prf=oakle

y_sha group=modp2048}

Sep  8 12:37:19 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
Informational Exchange is for an unknown (expired?) SA with
MSGID:0xe07e38bf

Sep  8 13:14:33 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [Openswan (this version) 2.6.28 ]

Sep  8 13:14:33 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [Dead Peer Detection]

Sep  8 13:14:33 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [RFC 3947] method set to=109

Sep  8 13:14:33 audubon-fw1 pluto[2248]: packet from 3.4.177.201:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but
alr

eady using method 109

--More--(90%)

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100909/e5e95d95/attachment-0001.html 


More information about the Users mailing list