[Openswan Users] IPsec SA expired (LATEST!)
Patrick Naubert
patrickn at xelerance.com
Wed Sep 10 08:49:02 EDT 2014
Rescued from the Spam bucket. Please remember to subscribe to the mailing list before posting to it.
From: Rajat <rajpatel at redhat.com>
Subject: IPsec SA expired (LATEST!)
Date: September 10, 2014 at 3:00:08 AM GMT-4
To: users at lists.openswan.org
Hello Userlist,
Facing issues with openswan server between cisco:
openswan-2.6.32-27.el6.x86_64 Thu 06 Mar 2014 12:03:44 PM IS
Sep 10 10:18:59 spapps pluto[12282]: "spapps_prod" #103: IPsec SA expired (LATEST!)
Today in the morning vpn connection was estabished
log snip
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: initiating Main Mode
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: ignoring Vendor ID payload [FRAGMENTATION c0000000]
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-05
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: STATE_MAIN_I2: sent MI2, expecting MR2
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: received Vendor ID payload [Cisco-Unity]
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: received Vendor ID payload [XAUTH]
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: ignoring unknown Vendor ID payload [83d93dbbc95eb7adf066f2cdcd851c11]
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: ignoring Vendor ID payload [Cisco VPN 3000 Series]
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: I will NOT send an initial contact payload
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: Not sending INITIAL_CONTACT
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: STATE_MAIN_I3: sent MI3, expecting MR3
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: received Vendor ID payload [Dead Peer Detection]
Sep 10 09:48:17 spapps pluto[12282]: | protocol/port in Phase 1 ID Payload is 17/0. accepted with port_floating NAT-T
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: Main mode peer ID is ID_IPV4_ADDR: '202.53.165.130'
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1536}
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #103: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW+SAREFTRACK {using isakmp#102 msgid:6ee2899e proposal=AES(12)_128-SHA1(2)_160 pfsgroup=OAKLEY_GROUP_MODP1536}
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #103: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #103: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xc3a510dd <0x398ce7f5 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}
Sep 10 09:53:09 spapps su: pam_unix(su-l:session): session closed for user root
Sep 10 09:53:09 spapps sshd[13399]: pam_unix(sshd:session): session closed for user sysad
then after 30 min i got following messsage in the log
Sep 10 10:18:39 spapps pluto[12282]: "spapps_prod" #102: received Delete SA payload: replace IPSEC State #103 in 10 seconds
Sep 10 10:18:39 spapps pluto[12282]: "spapps_prod" #102: received and ignored informational message
Sep 10 10:18:39 spapps pluto[12282]: "spapps_prod" #102: received Delete SA payload: deleting ISAKMP State #102
Sep 10 10:18:39 spapps pluto[12282]: packet from 202.53.165.130:4500: received and ignored informational message
Sep 10 10:18:49 spapps pluto[12282]: "spapps_prod" #104: initiating Main Mode
Sep 10 10:18:59 spapps pluto[12282]: "spapps_prod" #103: IPsec SA expired (LATEST!)
Sep 10 10:19:27 spapps sshd[7944]: Accepted password for sysad from 172.20.214.152 port 60081 ssh2
after that i am trying to form the vpn which is not happen
Sep 10 10:20:50 spapps pluto[12282]: "spapps_prod" #104: deleting state (STATE_MAIN_I1)
Sep 10 10:21:01 spapps pluto[12282]: "spapps_prod" #105: initiating Main Mode
Sep 10 10:21:24 spapps sshd[8075]: Accepted password for sysad from 172.20.214.152 port 53828 ssh2
Sep 10 10:21:24 spapps sshd[8075]: pam_unix(sshd:session): session opened for user sysad by (uid=0)
Sep 10 10:21:44 spapps sshd[8101]: Accepted password for idxmgr from 172.20.16.131 port 49233 ssh2
Sep 10 10:21:44 spapps sshd[8101]: pam_unix(sshd:session): session opened for user idxmgr by (uid=0)
Sep 10 10:22:13 spapps sudo: sysad : TTY=pts/8 ; PWD=/home/sysadmin ; USER=root ; COMMAND=/bin/su -
Sep 10 10:22:13 spapps su: pam_unix(su-l:session): session opened for user root by sysad(uid=0)
Sep 10 10:25:00 spapps pluto[12282]: "spapps_prod": terminating SAs using this connection
-------- Original Message --------
Subject: openswan
Date: Wed, 10 Sep 2014 05:46:06 +0000
From: Umesh Susvirkar <ususvirkar at nse.co.in>
To: Rajat <rajpatel at redhat.com>
CC: INFRA-SA <infrasa at nse.co.in>
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: initiating Main Mode
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: ignoring Vendor ID payload [FRAGMENTATION c0000000]
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-05
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: STATE_MAIN_I2: sent MI2, expecting MR2
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: received Vendor ID payload [Cisco-Unity]
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: received Vendor ID payload [XAUTH]
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: ignoring unknown Vendor ID payload [83d93dbbc95eb7adf066f2cdcd851c11]
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: ignoring Vendor ID payload [Cisco VPN 3000 Series]
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: I will NOT send an initial contact payload
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: Not sending INITIAL_CONTACT
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: STATE_MAIN_I3: sent MI3, expecting MR3
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: received Vendor ID payload [Dead Peer Detection]
Sep 10 09:48:17 spapps pluto[12282]: | protocol/port in Phase 1 ID Payload is 17/0. accepted with port_floating NAT-T
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: Main mode peer ID is ID_IPV4_ADDR: '202.53.165.130'
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #102: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1536}
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #103: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW+SAREFTRACK {using isakmp#102 msgid:6ee2899e proposal=AES(12)_128-SHA1(2)_160 pfsgroup=OAKLEY_GROUP_MODP1536}
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #103: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Sep 10 09:48:17 spapps pluto[12282]: "spapps_prod" #103: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xc3a510dd <0x398ce7f5 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}
Sep 10 09:53:09 spapps su: pam_unix(su-l:session): session closed for user root
Sep 10 09:53:09 spapps sshd[13399]: pam_unix(sshd:session): session closed for user sysad
Sep 10 10:18:39 spapps pluto[12282]: "spapps_prod" #102: received Delete SA payload: replace IPSEC State #103 in 10 seconds
Sep 10 10:18:39 spapps pluto[12282]: "spapps_prod" #102: received and ignored informational message
Sep 10 10:18:39 spapps pluto[12282]: "spapps_prod" #102: received Delete SA payload: deleting ISAKMP State #102
Sep 10 10:18:39 spapps pluto[12282]: packet from 202.53.165.130:4500: received and ignored informational message
Sep 10 10:18:49 spapps pluto[12282]: "spapps_prod" #104: initiating Main Mode
Sep 10 10:18:59 spapps pluto[12282]: "spapps_prod" #103: IPsec SA expired (LATEST!)
Sep 10 10:19:27 spapps sshd[7944]: Accepted password for sysad from 172.20.214.152 port 60081 ssh2
Sep 10 10:20:50 spapps pluto[12282]: "spapps_prod" #104: deleting state (STATE_MAIN_I1)
Sep 10 10:21:01 spapps pluto[12282]: "spapps_prod" #105: initiating Main Mode
Sep 10 10:21:24 spapps sshd[8075]: Accepted password for sysad from 172.20.214.152 port 53828 ssh2
Sep 10 10:21:24 spapps sshd[8075]: pam_unix(sshd:session): session opened for user sysad by (uid=0)
Sep 10 10:21:44 spapps sshd[8101]: Accepted password for idxmgr from 172.20.16.131 port 49233 ssh2
Sep 10 10:21:44 spapps sshd[8101]: pam_unix(sshd:session): session opened for user idxmgr by (uid=0)
Sep 10 10:22:13 spapps sudo: sysad : TTY=pts/8 ; PWD=/home/sysadmin ; USER=root ; COMMAND=/bin/su -
Sep 10 10:22:13 spapps su: pam_unix(su-l:session): session opened for user root by sysad(uid=0)
Sep 10 10:25:00 spapps pluto[12282]: "spapps_prod": terminating SAs using this connection
Sep 10 10:25:00 spapps pluto[12282]: "spapps_prod" #105: deleting state (STATE_MAIN_I1)
Sep 10 10:25:01 spapps pluto[12282]: "spapps_prod" #106: initiating Main Mode
Regards
Umesh Susvirkar
Email: ususvirkar at nse.co.in
Mobile: 9869628048
Landline: 022-26598100,Extn: 21036
Disclaimer note on content of this message including enclosure(s)and attachments(s): The contents of this e-mail are the privileged and confidential material of National Stock Exchange of India Limited (NSE). The information is solely intended for the individual/entity it is addressed to. If you are not the intended recipient of this message, please be aware that you are not authorized in any which way whatsoever to read, forward, print, retain, copy or disseminate this message or any part of it. If you have received this e-mail in error, we would request you to please notify the sender immediately by return e-mail and delete it from your computer. This e-mail message including attachment(s), if any, is believed to be free of any virus and NSE is not responsible for any loss or damage arising in any way from its use.
--
Best Regards,
Rajat Patel
Red Hat India Pvt. Ltd.
A-201, 2nd Floor, Supreme Business Park
Supreme City, Hiranandani Gardens
Powai, Mumbai - 400 076.
+917506272528
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140910/28ad3c3a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Mail Attachment.jpeg
Type: image/jpeg
Size: 4863 bytes
Desc: not available
URL: <http://lists.openswan.org/pipermail/users/attachments/20140910/28ad3c3a/attachment-0001.jpeg>
More information about the Users
mailing list