[Openswan Users] Openswan problem with EC2

Sajith Kalathingal sajith.kalathingal at yahoo.in
Mon Jul 4 09:43:52 EDT 2011 

I'm trying to establish an IPSec connection from my laptop to an ec2 instance using VPC. However I'm getting the following error. Can anyone help me to figure out why this is happening?

EC2 node
----------------------
Jul  4 13:31:30 ip-10-0-0-100 pluto[22644]: "host-to-host" #4: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jul  4 13:31:30 ip-10-0-0-100 pluto[22644]: "host-to-host" #4: STATE_MAIN_R1: sent MR1, expecting MI2
Jul  4 13:31:30 ip-10-0-0-100 pluto[22644]: "host-to-host" #4: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): both are NATed
Jul  4 13:31:30 ip-10-0-0-100 pluto[22644]: "host-to-host" #4: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jul  4 13:31:30 ip-10-0-0-100 pluto[22644]: "host-to-host" #4: STATE_MAIN_R2: sent MR2, expecting MI3
Jul  4 13:31:30 ip-10-0-0-100 pluto[22644]: "host-to-host" #4: Main mode peer ID is ID_IPV4_ADDR: 'x.x.x.x'
Jul  4 13:31:30 ip-10-0-0-100 pluto[22644]: "host-to-host" #4: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jul  4 13:31:30 ip-10-0-0-100 pluto[22644]: "host-to-host" #4: new NAT mapping for #4, was x.x.x.x:500, now x.x.x.x:4500
Jul  4 13:31:30 ip-10-0-0-100 pluto[22644]: "host-to-host" #4: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_md5 group=modp1536}
Jul  4 13:31:31 ip-10-0-0-100 pluto[22644]: "host-to-host" #3: discarding duplicate packet; already STATE_MAIN_I3
Jul  4 13:31:40 ip-10-0-0-100 pluto[22644]: "host-to-host" #4: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Jul  4 13:31:51 ip-10-0-0-100 pluto[22644]: "host-to-host" #3: discarding duplicate packet; already STATE_MAIN_I3

Laptop
-------

Jul  4 15:35:22 host pluto[16783]: "host-to-host" #10: initiating Main Mode to replace #8
Jul  4 15:35:22 host pluto[16783]: "host-to-host" #10: ignoring unknown Vendor ID payload [4f4568794c64414365636661]
Jul  4 15:35:22 host pluto[16783]: "host-to-host" #10: received Vendor ID payload [Dead Peer Detection]
Jul  4 15:35:22 host pluto[16783]: "host-to-host" #10: received Vendor ID payload [RFC 3947] method set to=109
Jul  4 15:35:22 host pluto[16783]: "host-to-host" #10: enabling possible NAT-traversal with method 4
Jul  4 15:35:22 host pluto[16783]: "host-to-host" #10: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jul  4 15:35:22 host pluto[16783]: "host-to-host" #10: STATE_MAIN_I2: sent MI2, expecting MR2
Jul  4 15:35:22 host pluto[16783]: "host-to-host" #10: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): both are NATed
Jul  4 15:35:22 host pluto[16783]: "host-to-host" #10: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jul  4 15:35:22 host pluto[16783]: "host-to-host" #10: STATE_MAIN_I3: sent MI3, expecting MR3

More information about the Users mailing list