<div dir="ltr"><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:rgb(51,0,153)">Hi, <br><br></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:rgb(51,0,153)">I have router which as strongswan ipsec remote access vpn configuration.<br></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:rgb(51,0,153)">I am able to connect from the windows7 which is behind nat to this vpn device and traffic is also working.<br><br></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:rgb(51,0,153)">The problem comes when reapply vpn config on edit.<br></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:rgb(51,0,153)"> This includes the following steps:<br></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:rgb(51,0,153)">1. Down the L2TP connection.<br></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:rgb(51,0,153)">2. Reload the config.<br><br></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:rgb(51,0,153)">During this process vpn connection is disconnected and IPSEC SA established. Windows7 vpn connection is trying to connect (after some time out) and connection is failed to come up.<br><br></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:rgb(51,0,153)">Can some please help me on this. Is this problem from strongswan or client issue.<br><br></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:rgb(51,0,153)">After the config reapply:<br><span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">root@r-94-QA:~# ipsec status</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">000 "L2TP-PSK": 10.147.52.107[10.147.52.107]:17/1701---10.147.52.1...%any[%any]:17/%any==={<a href="http://10.0.0.0/8">10.0.0.0/8</a>}; unrouted; eroute owner: #0</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">000 "L2TP-PSK":   newest ISAKMP SA: #0; newest IPsec SA: #0;</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">000</span>
<br><br></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:rgb(51,0,153)">Please find the below logs: ipsec version 4.5.2<br><span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">root@r-94-QA:~# tail -f /var/log/auth.log</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:40:53 r-94-QA sudo: pam_unix(sudo:session): session closed for user root</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:40:53 r-94-QA pluto[18446]: "L2TP-PSK": deleting connection</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:40:53 r-94-QA pluto[18446]: added connection description "L2TP-PSK"</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:40:53 r-94-QA pluto[18446]: interface ppp0 deactivated</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:40:53 r-94-QA pluto[18446]: 10.1.2.1 disappeared from ppp0</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:40:53 r-94-QA pluto[18446]: forgetting secrets</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:40:53 r-94-QA pluto[18446]: loading secrets from "/etc/ipsec.secrets"</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:40:53 r-94-QA pluto[18446]: loading secrets from "/var/lib/strongswan/ipsec.conf.inc"</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:40:53 r-94-QA pluto[18446]: loading secrets from "/etc/ipsec.d/ipsec.any.secrets"</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:40:53 r-94-QA pluto[18446]:   loaded PSK secret for %any</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal"></span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal"></span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:4500">10.147.52.104:4500</a>: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:4500">10.147.52.104:4500</a>: received Vendor ID payload [RFC 3947]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:4500">10.147.52.104:4500</a>: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:4500">10.147.52.104:4500</a>: ignoring Vendor ID payload [FRAGMENTATION]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:4500">10.147.52.104:4500</a>: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:4500">10.147.52.104:4500</a>: ignoring Vendor ID payload [Vid-Initial-Contact]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:4500">10.147.52.104:4500</a>: ignoring Vendor ID payload [IKE CGA version 1]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: "L2TP-PSK"[1] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #5: responding to Main Mode from unknown peer <a href="http://10.147.52.104:4500">10.147.52.104:4500</a></span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: "L2TP-PSK"[1] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #5: NAT-Traversal: Result using RFC 3947: peer is NATed</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: "L2TP-PSK"[1] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #5: Peer ID is ID_IPV4_ADDR: '10.1.1.170'</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: "L2TP-PSK"[2] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #5: deleting connection "L2TP-PSK" instance with peer 10.147.52.104 {isakmp=#0/ipsec=#0}</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: "L2TP-PSK"[2] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #5: sent MR3, ISAKMP SA established</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: "L2TP-PSK"[2] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #6: NAT-Traversal: received 2 NAT-OA. using first, ignoring others</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: "L2TP-PSK"[2] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #6: responding to Quick Mode</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:41:29 r-94-QA pluto[18446]: "L2TP-PSK"[2] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #6: IPsec SA established {ESP=>0xe5c71196 <0xc37b45df NATOA=10.1.1.170}</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:42:01 r-94-QA CRON[18888]: pam_unix(cron:session): session opened for user root by (uid=0)</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:42:01 r-94-QA CRON[18888]: pam_unix(cron:session): session closed for user root</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:14 r-94-QA sshd[18932]: Accepted publickey for root from 169.254.0.1 port 34840 ssh2</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:14 r-94-QA sshd[18932]: pam_unix(sshd:session): session opened for user root by (uid=0)</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:14 r-94-QA sshd[18932]: pam_unix(sshd:session): session closed for user root</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:14 r-94-QA sshd[18940]: Accepted publickey for root from 169.254.0.1 port 34841 ssh2</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:14 r-94-QA sshd[18940]: pam_unix(sshd:session): session opened for user root by (uid=0)</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:14 r-94-QA sshd[18940]: pam_unix(sshd:session): session closed for user root</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:500">10.147.52.104:500</a>: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:500">10.147.52.104:500</a>: received Vendor ID payload [RFC 3947]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:500">10.147.52.104:500</a>: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:500">10.147.52.104:500</a>: ignoring Vendor ID payload [FRAGMENTATION]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:500">10.147.52.104:500</a>: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:500">10.147.52.104:500</a>: ignoring Vendor ID payload [Vid-Initial-Contact]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: packet from <a href="http://10.147.52.104:500">10.147.52.104:500</a>: ignoring Vendor ID payload [IKE CGA version 1]</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: "L2TP-PSK"[3] 10.147.52.104 #7: responding to Main Mode from unknown peer 10.147.52.104</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: "L2TP-PSK"[3] 10.147.52.104 #7: NAT-Traversal: Result using RFC 3947: peer is NATed</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: "L2TP-PSK"[3] 10.147.52.104 #7: Peer ID is ID_IPV4_ADDR: '10.1.1.170'</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: "L2TP-PSK"[4] 10.147.52.104 #7: deleting connection "L2TP-PSK" instance with peer 10.147.52.104 {isakmp=#0/ipsec=#0}</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: | NAT-T: new mapping <a href="http://10.147.52.104:500/4500">10.147.52.104:500/4500</a>)</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: "L2TP-PSK"[4] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #7: sent MR3, ISAKMP SA established</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: "L2TP-PSK"[4] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #8: NAT-Traversal: received 2 NAT-OA. using first, ignoring others</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: "L2TP-PSK"[4] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #8: responding to Quick Mode</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:41 r-94-QA pluto[18446]: "L2TP-PSK"[4] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #8: cannot install eroute -- it is in use for "L2TP-PSK"[2] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #6</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:42 r-94-QA pluto[18446]: "L2TP-PSK"[4] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:42 r-94-QA pluto[18446]: "L2TP-PSK"[4] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #7: sending encrypted notification INVALID_MESSAGE_ID to <a href="http://10.147.52.104:4500">10.147.52.104:4500</a></span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:44 r-94-QA pluto[18446]: "L2TP-PSK"[4] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:44 r-94-QA pluto[18446]: "L2TP-PSK"[4] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #7: sending encrypted notification INVALID_MESSAGE_ID to <a href="http://10.147.52.104:4500">10.147.52.104:4500</a></span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:48 r-94-QA pluto[18446]: "L2TP-PSK"[4] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)</span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:48 r-94-QA pluto[18446]: "L2TP-PSK"[4] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #7: sending encrypted notification INVALID_MESSAGE_ID to <a href="http://10.147.52.104:4500">10.147.52.104:4500</a></span><br>
<span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Nov 19 11:43:56 r-94-QA pluto[18446]: "L2TP-PSK"[4] <a href="http://10.147.52.104:4500">10.147.52.104:4500</a> #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)<br><br></span></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:rgb(51,0,153)"><span style="font-family:Arial;font-style:normal;font-weight:normal;font-size:13px;line-height:normal;font-size-adjust:none;font-stretch:normal;font-variant:normal">Thanks,<br>Jayapal</span> <br></div></div>