[Openswan Users] Overload during rekey
Roel van Meer
roel.vanmeer at bokxing.nl
Fri Oct 19 08:32:52 EDT 2012
Daniel Cave writes:
> I too have a few Drayteks (mainly 2820's and some older ones) connected
> to the my O/swan box.. One question I have which is probably a 'no' but
> has someone upgraded the firmware on the draytek routers ?
Indeed, that's a no. There was no reason to, everything worked like a charm.
> Can you see anything from the logs on the draytek routers? ( presumably
> you've got a syslog server with the routers sending their messages to it)
Yes, for some.
They don't show much useful info though (at least to my eyes).
> (ive never seen this problem before but it was something which quickly came to mind)
We haven't either, we don't see it on similar other setups. We've done
things this way for years, but it's the first time I see such an acute case
of openswan appendicitis..
Thanks for your response,
Roel
>
> Rgds
> dan
>
> On Oct 19, 2012, at 10:57 AM, Roel van Meer <roel.vanmeer at bokxing.nl> wrote:
>
> Hi list,
>
> I have a problem with an openswan setup that until yesterday has been
> running fine for years. It's a setup with a central openswan server and
> about 80 draytek routers, all with two tunnels. The drayteks initiate the
> connections.
>
> The problem happens during a period in which rekey occurs.
>
> What happens is this:
> 1. An admin restarts the openswan process.
> 2. A few seconds later, we have ~ 160 tunnels, everything working fine.
> 3. About 50 minutes later, the rekeying starts, pluto gets in state 'R'
> continously, tunnels start to break, and everything degrades from there.
>
> The system runs a recent Slackware linux, has an Intel Xeon 2GHz processor,
> 4GB memory, and runs Nagios alongside Openswan, but nothing more.
>
> The system has been in production for more than two years. The last openswan
> restart has been in Juli (everything worked fine then), and since then some
> 5 tunnels have been added.
>
> Can anyone shed some light on this?
>
> Attached is an abbreviated config file, and part of the logfile,
> abbreviated to show only the connections of a single router. If anyone needs
> more information I'd be happy to provide it.
>
> Thank you,
>
> Roel
>
> Additional info:
> I've tried kernels 3.2.18 and 3.4.10 - no difference.
> Kernel 3.2.18 had openswan stack 2.3.37, kernel 3.4.14 has openswan stack
> 2.3.18.
> It's Slackware 13.37, 64 bit, with all updates.
>
> Oct 17 04:42:02 polariseer ipsec__plutorun: Starting Pluto subsystem...
> Oct 17 04:42:02 polariseer pluto[27167]: Starting Pluto (Openswan Version 2.6.38; Vendor ID OEvy\134kgzWq\134s) pid:27167
> Oct 17 04:42:02 polariseer pluto[27167]: LEAK_DETECTIVE support [disabled]
> Oct 17 04:42:02 polariseer pluto[27167]: OCF support for IKE [disabled]
> Oct 17 04:42:02 polariseer pluto[27167]: SAref support [disabled]: Protocol not available
> Oct 17 04:42:02 polariseer pluto[27167]: SAbind support [disabled]: Protocol not available
> Oct 17 04:42:02 polariseer pluto[27167]: NSS support [disabled]
> Oct 17 04:42:02 polariseer pluto[27167]: HAVE_STATSD notification support not compiled in
> Oct 17 04:42:02 polariseer pluto[27167]: Setting NAT-Traversal port-4500 floating to off
> Oct 17 04:42:02 polariseer pluto[27167]: port floating activation criteria nat_t=0/port_float=1
> Oct 17 04:42:02 polariseer pluto[27167]: NAT-Traversal support [disabled]
> Oct 17 04:42:02 polariseer pluto[27167]: using /dev/urandom as source of random entropy
> Oct 17 04:42:02 polariseer pluto[27167]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
> Oct 17 04:42:02 polariseer pluto[27167]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok (ret=0)
> Oct 17 04:42:02 polariseer pluto[27167]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok (ret=0)
> Oct 17 04:42:02 polariseer pluto[27167]: starting up 3 cryptographic helpers
> Oct 17 04:42:02 polariseer pluto[27169]: using /dev/urandom as source of random entropy
> Oct 17 04:42:02 polariseer pluto[27167]: started helper pid=27169 (fd:6)
> Oct 17 04:42:02 polariseer pluto[27167]: started helper pid=27171 (fd:7)
> Oct 17 04:42:02 polariseer pluto[27167]: started helper pid=27172 (fd:8)
> Oct 17 04:42:02 polariseer pluto[27167]: Using KLIPS IPsec interface code on 3.2.18-1
> Oct 17 04:42:02 polariseer pluto[27171]: using /dev/urandom as source of random entropy
> Oct 17 04:42:02 polariseer pluto[27172]: using /dev/urandom as source of random entropy
> Oct 17 04:42:02 polariseer pluto[27167]: added connection description "v20"
> Oct 17 04:42:02 polariseer pluto[27167]: added connection description "v202"
> Oct 17 04:42:02 polariseer pluto[27167]: listening for IKE messages
> Oct 17 04:42:02 polariseer pluto[27167]: adding interface ipsec0/eth1 zz.yyy.xxx.ww:500
> Oct 17 04:42:02 polariseer pluto[27167]: loading secrets from "/etc/ipsec.secrets"
> Oct 17 04:42:03 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 04:42:03 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 04:42:03 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 04:42:03 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 04:42:03 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 04:42:03 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 04:42:03 polariseer pluto[27167]: "v20" #56: responding to Main Mode
> Oct 17 04:42:03 polariseer pluto[27167]: "v20" #56: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 04:42:03 polariseer pluto[27167]: "v20" #56: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 04:42:03 polariseer pluto[27167]: "v20" #56: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 04:42:03 polariseer pluto[27167]: "v20" #56: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 04:42:03 polariseer pluto[27167]: "v20" #56: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 04:42:03 polariseer pluto[27167]: "v20" #56: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 04:42:03 polariseer pluto[27167]: "v20" #56: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #56: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #56: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #56: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #56: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #56: Dead Peer Detection (RFC 3706): enabled
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #56: the peer proposed: 10.0.0.0/24:0/0 -> 10.12.13.0/24:0/0
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #76: responding to Quick Mode proposal {msgid:23d43801}
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #76: us: 10.0.0.0/24===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #76: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #76: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #76: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #76: Dead Peer Detection (RFC 3706): enabled
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #76: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 04:42:04 polariseer pluto[27167]: "v20" #76: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0bb <0x8b6d0b5b xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 04:42:05 polariseer pluto[27167]: "v20" #56: the peer proposed: 192.168.0.0/16:0/0 -> 10.12.13.0/24:0/0
> Oct 17 04:42:05 polariseer pluto[27167]: "v202" #127: responding to Quick Mode proposal {msgid:a98c53e1}
> Oct 17 04:42:05 polariseer pluto[27167]: "v202" #127: us: 192.168.0.0/16===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 04:42:05 polariseer pluto[27167]: "v202" #127: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 04:42:05 polariseer pluto[27167]: "v202" #127: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 04:42:05 polariseer pluto[27167]: "v202" #127: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 04:42:05 polariseer pluto[27167]: "v202" #127: Dead Peer Detection (RFC 3706): enabled
> Oct 17 04:42:05 polariseer pluto[27167]: "v202" #127: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 04:42:05 polariseer pluto[27167]: "v202" #127: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0bc <0x8b6d0b70 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:32:09 polariseer pluto[27167]: "v20" #56: the peer proposed: 192.168.0.0/16:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:32:09 polariseer pluto[27167]: "v202" #349: can not start crypto helper: failed to find any available worker
> Oct 17 05:32:09 polariseer pluto[27167]: "v202" #349: message in state STATE_QUICK_R0 ignored due to cryptographic overload
> Oct 17 05:32:09 polariseer pluto[27167]: "v20" #56: the peer proposed: 10.0.0.0/24:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:32:09 polariseer pluto[27167]: "v20" #352: can not start crypto helper: failed to find any available worker
> Oct 17 05:32:09 polariseer pluto[27167]: "v20" #352: message in state STATE_QUICK_R0 ignored due to cryptographic overload
> Oct 17 05:32:10 polariseer pluto[27167]: "v20" #56: the peer proposed: 10.0.0.0/24:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:32:10 polariseer pluto[27167]: "v20" #423: responding to Quick Mode proposal {msgid:14650951}
> Oct 17 05:32:10 polariseer pluto[27167]: "v20" #423: us: 10.0.0.0/24===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:32:10 polariseer pluto[27167]: "v20" #423: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:32:10 polariseer pluto[27167]: "v20" #423: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:32:10 polariseer pluto[27167]: "v20" #56: the peer proposed: 192.168.0.0/16:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:32:10 polariseer pluto[27167]: "v202" #424: responding to Quick Mode proposal {msgid:dd2ccb09}
> Oct 17 05:32:10 polariseer pluto[27167]: "v202" #424: us: 192.168.0.0/16===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:32:10 polariseer pluto[27167]: "v202" #424: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:32:10 polariseer pluto[27167]: "v202" #424: keeping refhim=229 during rekey
> Oct 17 05:32:10 polariseer pluto[27167]: "v202" #424: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:32:10 polariseer pluto[27167]: "v202" #424: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:32:10 polariseer pluto[27167]: "v20" #423: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:32:10 polariseer pluto[27167]: "v20" #423: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:32:10 polariseer pluto[27167]: "v20" #423: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0be <0x8b6d0c16 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:32:11 polariseer pluto[27167]: "v202" #424: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:32:11 polariseer pluto[27167]: "v202" #424: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:32:11 polariseer pluto[27167]: "v202" #424: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0bd <0x8b6d0c17 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:35:23 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 05:35:23 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 05:35:23 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 05:35:23 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 05:35:23 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 05:35:23 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: responding to Main Mode
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 05:35:23 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 05:35:23 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 05:35:23 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 05:35:23 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 05:35:23 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 05:35:23 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: responding to Main Mode
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #569: the peer proposed: 10.0.0.0/24:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #578: responding to Quick Mode proposal {msgid:635a4927}
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #578: us: 10.0.0.0/24===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #578: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #578: keeping refhim=141 during rekey
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #578: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #578: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #570: the peer proposed: 192.168.0.0/16:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:35:23 polariseer pluto[27167]: "v202" #585: responding to Quick Mode proposal {msgid:9b958a75}
> Oct 17 05:35:23 polariseer pluto[27167]: "v202" #585: us: 192.168.0.0/16===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:35:23 polariseer pluto[27167]: "v202" #585: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:35:23 polariseer pluto[27167]: "v202" #585: keeping refhim=229 during rekey
> Oct 17 05:35:23 polariseer pluto[27167]: "v202" #585: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:35:23 polariseer pluto[27167]: "v202" #585: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #578: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #578: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:35:23 polariseer pluto[27167]: "v20" #578: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0bf <0x8b6d0c7d xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:35:23 polariseer pluto[27167]: "v202" #585: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:35:23 polariseer pluto[27167]: "v202" #585: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:35:23 polariseer pluto[27167]: "v202" #585: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0c0 <0x8b6d0c81 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:40:51 polariseer pluto[27167]: "v20" #570: DPD: No response from peer - declaring peer dead
> Oct 17 05:40:51 polariseer pluto[27167]: "v20" #570: DPD: Putting connection into %trap
> Oct 17 05:40:51 polariseer pluto[27167]: "v202" #585: deleting state (STATE_QUICK_R2)
> Oct 17 05:40:51 polariseer pluto[27167]: "v20" #570: deleting state (STATE_MAIN_R3)
> Oct 17 05:40:51 polariseer pluto[27167]: "v20" #578: deleting state (STATE_QUICK_R2)
> Oct 17 05:40:51 polariseer pluto[27167]: "v20" #569: deleting state (STATE_MAIN_R3)
> Oct 17 05:40:51 polariseer pluto[27167]: "v20" #423: deleting state (STATE_QUICK_R2)
> Oct 17 05:40:51 polariseer pluto[27167]: "v20" #76: deleting state (STATE_QUICK_R2)
> Oct 17 05:40:51 polariseer pluto[27167]: "v20" #56: deleting state (STATE_MAIN_R3)
> Oct 17 05:40:51 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x4d422e07
> Oct 17 05:40:51 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x22e67085
> Oct 17 05:40:51 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x3304a8f1
> Oct 17 05:40:51 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x3b0cb0f9
> Oct 17 05:40:52 polariseer pluto[27167]: "v20" #884: initiating Main Mode
> Oct 17 05:40:53 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 05:40:53 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 05:40:53 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 05:40:53 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 05:40:53 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 05:40:53 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: responding to Main Mode
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:40:53 polariseer pluto[27167]: "v20" #932: the peer proposed: 192.168.0.0/16:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:40:53 polariseer pluto[27167]: "v202" #941: responding to Quick Mode proposal {msgid:e46c7d9f}
> Oct 17 05:40:53 polariseer pluto[27167]: "v202" #941: us: 192.168.0.0/16===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:40:53 polariseer pluto[27167]: "v202" #941: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:40:53 polariseer pluto[27167]: "v202" #941: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:40:53 polariseer pluto[27167]: "v202" #941: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:40:53 polariseer pluto[27167]: "v202" #941: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:40:53 polariseer pluto[27167]: "v202" #941: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:40:53 polariseer pluto[27167]: "v202" #941: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0c1 <0x8b6d0d0e xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:41:00 polariseer pluto[27167]: "v20" #932: the peer proposed: 10.0.0.0/24:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:41:00 polariseer pluto[27167]: "v20" #1110: responding to Quick Mode proposal {msgid:ed28a091}
> Oct 17 05:41:00 polariseer pluto[27167]: "v20" #1110: us: 10.0.0.0/24===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:41:00 polariseer pluto[27167]: "v20" #1110: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:41:00 polariseer pluto[27167]: "v20" #1110: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:41:00 polariseer pluto[27167]: "v20" #1110: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:41:00 polariseer pluto[27167]: "v20" #1110: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:41:00 polariseer pluto[27167]: "v20" #1110: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:41:00 polariseer pluto[27167]: "v20" #1110: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0c2 <0x8b6d0d72 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:43:03 polariseer pluto[27167]: "v20" #884: max number of retransmissions (2) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
> Oct 17 05:43:03 polariseer pluto[27167]: "v20" #884: starting keying attempt 2 of at most 3
> Oct 17 05:43:03 polariseer pluto[27167]: "v20" #1128: initiating Main Mode to replace #884
> Oct 17 05:43:26 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 05:43:26 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 05:43:26 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 05:43:26 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 05:43:26 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 05:43:26 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: responding to Main Mode
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1154: the peer proposed: 10.0.0.0/24:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1161: responding to Quick Mode proposal {msgid:b7985be2}
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1161: us: 10.0.0.0/24===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1161: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1161: keeping refhim=1960 during rekey
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1161: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:43:26 polariseer pluto[27167]: "v20" #1161: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1161: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1161: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1161: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0c3 <0x8b6d0d7c xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:43:27 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 05:43:27 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 05:43:27 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 05:43:27 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 05:43:27 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 05:43:27 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1166: responding to Main Mode
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1166: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1166: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1166: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1166: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1166: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1166: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1166: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1166: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1166: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1166: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1166: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:43:27 polariseer pluto[27167]: "v20" #1166: the peer proposed: 192.168.0.0/16:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:43:27 polariseer pluto[27167]: "v202" #1173: responding to Quick Mode proposal {msgid:56504530}
> Oct 17 05:43:27 polariseer pluto[27167]: "v202" #1173: us: 192.168.0.0/16===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:43:27 polariseer pluto[27167]: "v202" #1173: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:43:27 polariseer pluto[27167]: "v202" #1173: keeping refhim=1630 during rekey
> Oct 17 05:43:27 polariseer pluto[27167]: "v202" #1173: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:43:27 polariseer pluto[27167]: "v202" #1173: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:43:27 polariseer pluto[27167]: "v202" #1173: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:43:27 polariseer pluto[27167]: "v202" #1173: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:43:27 polariseer pluto[27167]: "v202" #1173: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0c4 <0x8b6d0d86 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:45:13 polariseer pluto[27167]: "v20" #1128: max number of retransmissions (2) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
> Oct 17 05:45:13 polariseer pluto[27167]: "v20" #1128: starting keying attempt 3 of at most 3
> Oct 17 05:45:13 polariseer pluto[27167]: "v20" #1465: initiating Main Mode to replace #1128
> Oct 17 05:46:51 polariseer pluto[27167]: "v20" #1166: DPD: No response from peer - declaring peer dead
> Oct 17 05:46:51 polariseer pluto[27167]: "v20" #1166: DPD: Putting connection into %trap
> Oct 17 05:46:51 polariseer pluto[27167]: "v20" #1161: deleting state (STATE_QUICK_R2)
> Oct 17 05:46:51 polariseer pluto[27167]: "v20" #1154: deleting state (STATE_MAIN_R3)
> Oct 17 05:46:51 polariseer pluto[27167]: "v20" #1465: deleting state (STATE_MAIN_I1)
> Oct 17 05:46:51 polariseer pluto[27167]: "v202" #1173: deleting state (STATE_QUICK_R2)
> Oct 17 05:46:51 polariseer pluto[27167]: "v20" #1166: deleting state (STATE_MAIN_R3)
> Oct 17 05:46:51 polariseer pluto[27167]: "v20" #1110: deleting state (STATE_QUICK_R2)
> Oct 17 05:46:51 polariseer pluto[27167]: "v20" #932: deleting state (STATE_MAIN_R3)
> Oct 17 05:46:55 polariseer pluto[27167]: "v202" #424: DPD: could not find newest phase 1 state
> Oct 17 05:46:55 polariseer pluto[27167]: "v202" #941: DPD: could not find newest phase 1 state
> Oct 17 05:46:58 polariseer pluto[27167]: "v20" #1490: initiating Main Mode
> Oct 17 05:46:58 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x64126e27
> Oct 17 05:46:58 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x0043cad9
> Oct 17 05:46:58 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 05:46:58 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 05:46:58 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 05:46:58 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 05:46:58 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 05:46:58 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 05:46:58 polariseer pluto[27167]: "v20" #1554: responding to Main Mode
> Oct 17 05:46:58 polariseer pluto[27167]: "v20" #1554: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:46:58 polariseer pluto[27167]: "v20" #1554: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:46:58 polariseer pluto[27167]: "v20" #1554: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 05:46:58 polariseer pluto[27167]: "v20" #1554: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 05:46:58 polariseer pluto[27167]: "v20" #1554: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1554: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1554: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1554: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1554: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1554: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1554: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1554: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1554: the peer proposed: 10.0.0.0/24:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1567: responding to Quick Mode proposal {msgid:67187c45}
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1567: us: 10.0.0.0/24===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1567: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1567: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1567: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1567: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1567: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:46:59 polariseer pluto[27167]: "v20" #1567: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0c5 <0x8b6d0e1e xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:47:01 polariseer pluto[27167]: "v20" #1554: the peer proposed: 192.168.0.0/16:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:47:01 polariseer pluto[27167]: "v202" #1643: responding to Quick Mode proposal {msgid:3258a642}
> Oct 17 05:47:01 polariseer pluto[27167]: "v202" #1643: us: 192.168.0.0/16===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:47:01 polariseer pluto[27167]: "v202" #1643: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:47:01 polariseer pluto[27167]: "v202" #1643: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:47:01 polariseer pluto[27167]: "v202" #1643: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:47:01 polariseer pluto[27167]: "v202" #1643: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:47:01 polariseer pluto[27167]: "v202" #1643: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:47:01 polariseer pluto[27167]: "v202" #1643: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0c6 <0x8b6d0e46 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:48:53 polariseer pluto[27167]: "v20" #1490: max number of retransmissions (2) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
> Oct 17 05:48:53 polariseer pluto[27167]: "v20" #1490: starting keying attempt 2 of at most 3
> Oct 17 05:48:53 polariseer pluto[27167]: "v20" #1837: initiating Main Mode to replace #1490
> Oct 17 05:51:01 polariseer pluto[27167]: "v20" #1554: DPD: No response from peer - declaring peer dead
> Oct 17 05:51:01 polariseer pluto[27167]: "v20" #1554: DPD: Putting connection into %trap
> Oct 17 05:51:01 polariseer pluto[27167]: "v202" #1643: deleting state (STATE_QUICK_R2)
> Oct 17 05:51:01 polariseer pluto[27167]: "v20" #1567: deleting state (STATE_QUICK_R2)
> Oct 17 05:51:01 polariseer pluto[27167]: "v20" #1554: deleting state (STATE_MAIN_R3)
> Oct 17 05:51:01 polariseer pluto[27167]: "v20" #1837: deleting state (STATE_MAIN_I1)
> Oct 17 05:51:11 polariseer pluto[27167]: "v20" #1904: initiating Main Mode
> Oct 17 05:51:11 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x2ff17784
> Oct 17 05:51:11 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x1cc61bc5
> Oct 17 05:51:13 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 05:51:13 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 05:51:13 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 05:51:13 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 05:51:13 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 05:51:13 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: responding to Main Mode
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 05:51:13 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 05:51:13 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 05:51:13 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 05:51:13 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 05:51:13 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 05:51:13 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: responding to Main Mode
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2049: the peer proposed: 192.168.0.0/16:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:51:13 polariseer pluto[27167]: "v202" #2064: responding to Quick Mode proposal {msgid:935df11b}
> Oct 17 05:51:13 polariseer pluto[27167]: "v202" #2064: us: 192.168.0.0/16===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:51:13 polariseer pluto[27167]: "v202" #2064: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:51:13 polariseer pluto[27167]: "v202" #2064: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:51:13 polariseer pluto[27167]: "v202" #2064: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2051: the peer proposed: 10.0.0.0/24:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2066: responding to Quick Mode proposal {msgid:cb983369}
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2066: us: 10.0.0.0/24===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2066: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2066: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:51:13 polariseer pluto[27167]: "v20" #2066: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:51:14 polariseer pluto[27167]: "v202" #2064: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:51:14 polariseer pluto[27167]: "v202" #2064: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:51:14 polariseer pluto[27167]: "v202" #2064: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0c7 <0x8b6d0ed6 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:51:14 polariseer pluto[27167]: "v20" #2066: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:51:14 polariseer pluto[27167]: "v20" #2066: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:51:14 polariseer pluto[27167]: "v20" #2066: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0c8 <0x8b6d0ed8 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:52:41 polariseer pluto[27167]: "v20" #1904: max number of retransmissions (2) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
> Oct 17 05:52:41 polariseer pluto[27167]: "v20" #1904: starting keying attempt 2 of at most 3
> Oct 17 05:52:41 polariseer pluto[27167]: "v20" #2256: initiating Main Mode to replace #1904
> Oct 17 05:53:14 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 05:53:14 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 05:53:14 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 05:53:14 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 05:53:14 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 05:53:14 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: responding to Main Mode
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 05:53:14 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 05:53:14 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 05:53:14 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 05:53:14 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 05:53:14 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 05:53:14 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2414: responding to Main Mode
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2414: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2414: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2414: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2414: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2414: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2414: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2414: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2414: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2414: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2414: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2414: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2414: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2412: the peer proposed: 10.0.0.0/24:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2444: responding to Quick Mode proposal {msgid:a8f795d2}
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2444: us: 10.0.0.0/24===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2444: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2444: keeping refhim=3097 during rekey
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2444: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:53:14 polariseer pluto[27167]: "v20" #2444: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:53:15 polariseer pluto[27167]: "v20" #2414: the peer proposed: 192.168.0.0/16:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:53:15 polariseer pluto[27167]: "v202" #2451: responding to Quick Mode proposal {msgid:e032d620}
> Oct 17 05:53:15 polariseer pluto[27167]: "v202" #2451: us: 192.168.0.0/16===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:53:15 polariseer pluto[27167]: "v202" #2451: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:53:15 polariseer pluto[27167]: "v202" #2451: keeping refhim=3089 during rekey
> Oct 17 05:53:15 polariseer pluto[27167]: "v202" #2451: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:53:15 polariseer pluto[27167]: "v202" #2451: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:53:15 polariseer pluto[27167]: "v20" #2444: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:53:15 polariseer pluto[27167]: "v20" #2444: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:53:15 polariseer pluto[27167]: "v20" #2444: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0c9 <0x8b6d0f76 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:53:15 polariseer pluto[27167]: "v202" #2451: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:53:15 polariseer pluto[27167]: "v202" #2451: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:53:15 polariseer pluto[27167]: "v202" #2451: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0ca <0x8b6d0f7d xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:55:24 polariseer pluto[27167]: "v20" #2256: max number of retransmissions (2) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
> Oct 17 05:55:24 polariseer pluto[27167]: "v20" #2256: starting keying attempt 3 of at most 3
> Oct 17 05:55:24 polariseer pluto[27167]: "v20" #2518: initiating Main Mode to replace #2256
> Oct 17 05:57:24 polariseer pluto[27167]: "v20" #2414: DPD: No response from peer - declaring peer dead
> Oct 17 05:57:24 polariseer pluto[27167]: "v20" #2414: DPD: Putting connection into %trap
> Oct 17 05:57:24 polariseer pluto[27167]: "v202" #2451: deleting state (STATE_QUICK_R2)
> Oct 17 05:57:24 polariseer pluto[27167]: "v20" #2414: deleting state (STATE_MAIN_R3)
> Oct 17 05:57:24 polariseer pluto[27167]: "v20" #2049: deleting state (STATE_MAIN_R3)
> Oct 17 05:57:24 polariseer pluto[27167]: "v20" #2518: deleting state (STATE_MAIN_I1)
> Oct 17 05:57:24 polariseer pluto[27167]: "v20" #2444: deleting state (STATE_QUICK_R2)
> Oct 17 05:57:24 polariseer pluto[27167]: "v20" #2412: deleting state (STATE_MAIN_R3)
> Oct 17 05:57:24 polariseer pluto[27167]: "v20" #2066: deleting state (STATE_QUICK_R2)
> Oct 17 05:57:24 polariseer pluto[27167]: "v20" #2051: deleting state (STATE_MAIN_R3)
> Oct 17 05:57:24 polariseer pluto[27167]: "v202" #2064: DPD: could not find newest phase 1 state
> Oct 17 05:57:28 polariseer pluto[27167]: "v20" #2575: initiating Main Mode
> Oct 17 05:57:28 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x29478400
> Oct 17 05:57:31 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 05:57:31 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 05:57:31 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 05:57:31 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 05:57:31 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 05:57:31 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: responding to Main Mode
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 05:57:31 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 05:57:31 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 05:57:31 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 05:57:31 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 05:57:31 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 05:57:31 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: responding to Main Mode
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2763: the peer proposed: 10.0.0.0/24:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2776: responding to Quick Mode proposal {msgid:71614307}
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2776: us: 10.0.0.0/24===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2776: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2776: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2776: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2764: the peer proposed: 192.168.0.0/16:0/0 -> 10.12.13.0/24:0/0
> Oct 17 05:57:31 polariseer pluto[27167]: "v202" #2780: responding to Quick Mode proposal {msgid:a89b8250}
> Oct 17 05:57:31 polariseer pluto[27167]: "v202" #2780: us: 192.168.0.0/16===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 05:57:31 polariseer pluto[27167]: "v202" #2780: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 05:57:31 polariseer pluto[27167]: "v202" #2780: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 05:57:31 polariseer pluto[27167]: "v202" #2780: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2776: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2776: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:57:31 polariseer pluto[27167]: "v20" #2776: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0cb <0x8b6d0fd2 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:57:31 polariseer pluto[27167]: "v202" #2780: Dead Peer Detection (RFC 3706): enabled
> Oct 17 05:57:31 polariseer pluto[27167]: "v202" #2780: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 05:57:31 polariseer pluto[27167]: "v202" #2780: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0cc <0x8b6d0fd4 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 05:59:10 polariseer pluto[27167]: "v20" #2575: max number of retransmissions (2) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
> Oct 17 05:59:10 polariseer pluto[27167]: "v20" #2575: starting keying attempt 2 of at most 3
> Oct 17 05:59:10 polariseer pluto[27167]: "v20" #2908: initiating Main Mode to replace #2575
> Oct 17 06:00:41 polariseer pluto[27167]: "v20" #2908: max number of retransmissions (2) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
> Oct 17 06:00:41 polariseer pluto[27167]: "v20" #2908: starting keying attempt 3 of at most 3
> Oct 17 06:00:41 polariseer pluto[27167]: "v20" #2977: initiating Main Mode to replace #2908
> Oct 17 06:00:55 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 06:00:55 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 06:00:55 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 06:00:55 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 06:00:55 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 06:00:55 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: responding to Main Mode
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 06:00:55 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
> Oct 17 06:00:55 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947] meth=115, but port floating is off
> Oct 17 06:00:55 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
> Oct 17 06:00:55 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
> Oct 17 06:00:55 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
> Oct 17 06:00:55 polariseer pluto[27167]: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: responding to Main Mode
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: OAKLEY_GROUP 1 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: STATE_MAIN_R1: sent MR1, expecting MI2
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: STATE_MAIN_R2: sent MR2, expecting MI3
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: Dead Peer Detection (RFC 3706): enabled
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: Main mode peer ID is ID_IPV4_ADDR: 'aaa.bbb.ccc.ddd'
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1024}
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: Dead Peer Detection (RFC 3706): enabled
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3069: the peer proposed: 192.168.0.0/16:0/0 -> 10.12.13.0/24:0/0
> Oct 17 06:00:55 polariseer pluto[27167]: "v202" #3078: responding to Quick Mode proposal {msgid:0fb0f37a}
> Oct 17 06:00:55 polariseer pluto[27167]: "v202" #3078: us: 192.168.0.0/16===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 06:00:55 polariseer pluto[27167]: "v202" #3078: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 06:00:55 polariseer pluto[27167]: "v202" #3078: keeping refhim=3955 during rekey
> Oct 17 06:00:55 polariseer pluto[27167]: "v202" #3078: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 06:00:55 polariseer pluto[27167]: "v202" #3078: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3071: the peer proposed: 10.0.0.0/24:0/0 -> 10.12.13.0/24:0/0
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3084: responding to Quick Mode proposal {msgid:48ec35c8}
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3084: us: 10.0.0.0/24===zz.yyy.xxx.ww<zz.yyy.xxx.ww>
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3084: them: aaa.bbb.ccc.ddd<aaa.bbb.ccc.ddd>===10.12.13.0/24
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3084: keeping refhim=3947 during rekey
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3084: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3084: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> Oct 17 06:00:55 polariseer pluto[27167]: "v202" #3078: Dead Peer Detection (RFC 3706): enabled
> Oct 17 06:00:55 polariseer pluto[27167]: "v202" #3078: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 06:00:55 polariseer pluto[27167]: "v202" #3078: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0cd <0x8b6d101e xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3084: Dead Peer Detection (RFC 3706): enabled
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3084: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 17 06:00:55 polariseer pluto[27167]: "v20" #3084: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7e08e0ce <0x8b6d1022 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
> Oct 17 06:04:16 polariseer pluto[27167]: "v20" #2977: max number of retransmissions (2) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
> Oct 17 06:05:44 polariseer pluto[27167]: "v20" #3071: DPD: No response from peer - declaring peer dead
> Oct 17 06:05:44 polariseer pluto[27167]: "v20" #3071: DPD: Putting connection into %trap
> Oct 17 06:05:44 polariseer pluto[27167]: "v20" #3069: deleting state (STATE_MAIN_R3)
> Oct 17 06:05:44 polariseer pluto[27167]: "v20" #3084: deleting state (STATE_QUICK_R2)
> Oct 17 06:05:44 polariseer pluto[27167]: "v20" #3071: deleting state (STATE_MAIN_R3)
> Oct 17 06:05:44 polariseer pluto[27167]: "v20" #2764: deleting state (STATE_MAIN_R3)
> Oct 17 06:05:44 polariseer pluto[27167]: "v20" #2776: deleting state (STATE_QUICK_R2)
> Oct 17 06:05:44 polariseer pluto[27167]: "v20" #2763: deleting state (STATE_MAIN_R3)
> Oct 17 06:06:11 polariseer pluto[27167]: "v202" #3078: DPD: could not find newest phase 1 state
> Oct 17 06:06:11 polariseer pluto[27167]: "v202" #2780: DPD: could not find newest phase 1 state
> version 2.0
> config setup
> interfaces="ipsec0=eth1"
> virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.0.0.0/24,%v4:!10.10.0.0/16
> oe=off
> protostack=klips
> dumpdir=/var/run/pluto/
>
>
> conn v20
> right=aaa.bbb.ccc.ddd
> rightsubnet=10.12.13.1/24
> also=general-amsterdam
>
> conn v202
> right=aaa.bbb.ccc.ddd
> rightsubnet=10.12.13.1/24
> also=extra-amsterdam
>
> conn general
> type=tunnel
> left=zz.yyy.xxx.ww
> leftsubnet=10.0.0.0/24
> authby=secret
> pfs=yes
> ike=3des
> keyingtries=3
> dpddelay=30
> dpdtimeout=150
> dpdaction=hold
>
> conn general-amsterdam
> also=general
> auto=add
> rekey=no
>
> conn extra-amsterdam
> type=tunnel
> left=zz.yyy.xxx.ww
> leftsubnet=192.168.0.0/16
> authby=secret
> pfs=yes
> ike=aes
> dpddelay=30
> dpdtimeout=150
> dpdaction=hold
> auto=add
> keyingtries=3
> rekey=no
>
> _______________________________________________
> Users at lists.openswan.org
> https://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list