<div dir="ltr"><div>Hi All,<br><br>Help required to identify the root cause for "hung state " of the task MODE_CONFIG. As it is evident from the logs , the task MODE_CONFIG is activated but not completed. is However, even when MODE_CONFIG is not completed, the virtual IP has been successfully assigned to the ShrewSoft VPN client. All the tasks which are received/activated after MODE_CONFIG task are getting queued but not getting scheduled.<br><br>Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] queueing MODE_CONFIG task<br>Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] activating new tasks<br>Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] activating MODE_CONFIG task<br>Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] assigning virtual<br>IP %any to peer 'cisco'<br>Sep 24 12:58:15 router6654A1 charon:<info> 15[CFG] proposing traffic<br>selectors for us:<br>Sep 24 12:58:15 router6654A1 charon:<info> 15[CFG] <a href="http://0.0.0.0/0">0.0.0.0/0</a><br>Sep 24 12:58:15 router6654A1 charon:<info> 15[ENC] generating<br>TRANSACTION request 1589939411 [ HASH CPS(ADDR DNS) ]<br>Sep 24 12:58:15 router6654A1 charon:<info> 15[NET] sending packet:<br>from 44.44.44.1[500] to 44.44.44.2[500] (76 bytes)<br>Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] delaying task<br>initiation, TRANSACTION exchange in progress<br><br><br>Below is the output of "ipsec statusall" command which shows that "INFORMATIONAL" tasks are queued.<br> <br> Status of IKE charon daemon (weakSwan 5.3.0, Linux 3.2.54, armv7l):<br> uptime: 22 hours, since Sep 23 14:20:26 2012<br> malloc: sbrk 229376, mmap 0, used 149792, free 79584<br> worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 146<br> loaded plugins: charon xauth-pam aes des sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pgp dnskey pem fips-prf gmp xcbc hmac attr kernel-pfkey kernel-netlink resolve ezvpn socket-default stroke updown xauth-generic unity<br>Virtual IP pools (size/online/offline):<br> 10.0.0.10-10.0.0.100: 91/0/1<br> 111.0.0.10-111.0.0.100: 91/0/1<br>Listening IP addresses:<br> 1.1.1.1<br> 44.44.44.1<br> 192.168.1.1<br> fec0::1<br>Connections:<br>c2s_ShrewSoftSrv: 44.44.44.1...44.44.44.2 IKEv1 Aggressive, dpddelay=40s<br>c2s_ShrewSoftSrv: local: [44.44.44.1] uses pre-shared key authentication<br>c2s_ShrewSoftSrv: remote: [44.44.44.2] uses pre-shared key authentication<br>c2s_ShrewSoftSrv: remote: uses XAuth authentication: any<br>c2s_ShrewSoftSrv: child: <a href="http://0.0.0.0/0">0.0.0.0/0</a> === dynamic TUNNEL, dpdaction=clear<br>Security Associations (1 up, 0 connecting):<br>c2s_ShrewSoftSrv[806]: ESTABLISHED 7 seconds ago, 44.44.44.1[44.44.44.1]...44.44.44.2[44.44.44.2]<br>c2s_ShrewSoftSrv[806]: Remote XAuth identity: cisco<br>c2s_ShrewSoftSrv[806]: IKEv1 SPIs: f21d79575e4df3d3_i aee24673abcc008f_r*, pre-shared key reauthentication in 7 hours<br>c2s_ShrewSoftSrv[806]: IKE proposal: 3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024<br><b><span style="color:rgb(102,0,0)">c2s_ShrewSoftSrv[806]: Tasks queued: INFORMATIONAL</span></b><br>c2s_ShrewSoftSrv{42}: INSTALLED, TUNNEL, reqid 37, ESP SPIs: cc9487a6_i ac159eb3_o<br>c2s_ShrewSoftSrv{42}: 3DES_CBC/HMAC_SHA1_96, 0 bytes_i, 0 bytes_o, rekeying in 4 minutes<br>c2s_ShrewSoftSrv{42}: <a href="http://0.0.0.0/0">0.0.0.0/0</a> === <a href="http://10.0.0.1/32">10.0.0.1/32</a><br><br></div>Help is highly appreciated as I exhausted all my options in identifying the root cause of the problem.<br><div><br>Thanks<br>Chaitanya</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Oct 19, 2016 at 10:16 PM, chaitanya vinnakota <span dir="ltr"><<a href="mailto:chaitanya.sai.v@gmail.com" target="_blank">chaitanya.sai.v@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Noel,<br>
<br>
Thanks for the reply. I posted the wrong strongswan configuration ,<br>
but the DPD issue and reported logs are authentic. The actual<br>
configuration contains "modeconfig=push".<br>
<span class=""><br>
>>The logs indicate that charon delayed the execution of the DPD task because<br>
>>a transaction (mode config) is in progress.<br>
<br>
</span>Strongswan successfully assigned the client proposed IP to the VPN<br>
client. Can modeconfig transaction be in progress even after<br>
successful completion of Quick mode ?<br>
<br>
Is there a way to see which transaction is in progress ?<br>
<br>
Below is the complete log:<br>
<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[NET] received packet:<br>
from 44.44.44.2[500] to 44.44.44.1[500] (512 bytes)<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[ENC] parsed AGGRESSIVE<br>
request 0 [ SA KE No ID V V V V V V V V V V V V V ]<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[CFG] looking for an ike<br>
config for 44.44.44.1...44.44.44.2<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[CFG] candidate:<br>
44.44.44.1...44.44.44.2, prio 3100<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[CFG] configured<br>
proposals: IKE:3DES_CBC/HMAC_SHA1_96/PRF_<wbr>HMAC_SHA1/MODP_1024<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[CFG] proposal matches<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[CFG] found matching ike<br>
config: 44.44.44.1...44.44.44.2 with prio 3100<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] received XAuth vendor ID<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] received<br>
draft-ietf-ipsec-nat-t-ike-00 vendor ID<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[ENC] received unknown<br>
vendor ID: 16:f6:ca:16:e4:a4:06:6d:83:82:<wbr>1a:0f:0a:ea:a8:62<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] received<br>
draft-ietf-ipsec-nat-t-ike-02\<wbr>n vendor ID<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] received<br>
draft-ietf-ipsec-nat-t-ike-03 vendor ID<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] received NAT-T (RFC<br>
3947) vendor ID<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] received<br>
FRAGMENTATION vendor ID<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] received DPD vendor ID<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[ENC] received unknown<br>
vendor ID: 3b:90:31:dc:e4:fc:f8:8b:48:9a:<wbr>92:39:63:dd:0c:49<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[ENC] received unknown<br>
vendor ID: f1:4b:94:b7:bf:f1:fe:f0:27:73:<wbr>b8:c4:9f:ed:ed:26<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[ENC] received unknown<br>
vendor ID: 16:6f:93:2d:55:eb:64:d8:e4:df:<wbr>4f:d3:7e:23:13:f0:d0:fd:84:51<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[ENC] received unknown<br>
vendor ID: 84:04:ad:f9:cd:a0:57:60:b2:ca:<wbr>29:2e:4b:ff:53:7b<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] received Cisco<br>
Unity vendor ID<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] 44.44.44.2 is<br>
initiating a Aggressive Mode IKE_SA<br>
Sep 24 12:58:15 router6654A1 charon:<info> Last message '07[IKE]<br>
44.44.44.2 i' repeated 1 times, supressed by syslog-ng on router6654A1<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] IKE_SA<br>
(unnamed)[806] state change: CREATED => CONNECTING<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[CFG] proposal matches<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[CFG] received proposals:<br>
IKE:3DES_CBC/HMAC_SHA1_96/PRF_<wbr>HMAC_SHA1/MODP_1024<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[CFG] configured<br>
proposals: IKE:3DES_CBC/HMAC_SHA1_96/PRF_<wbr>HMAC_SHA1/MODP_1024<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[CFG] selected proposal:<br>
IKE:3DES_CBC/HMAC_SHA1_96/PRF_<wbr>HMAC_SHA1/MODP_1024<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[CFG] looking for<br>
XAuthInitPSK peer configs matching 44.44.44.1...44.44.44.2[44.44.<wbr>44.2]<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[CFG] candidate<br>
"c2s_ShrewSoftSrv", match: 1/20/3100 (me/other/ike)<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[CFG] selected peer<br>
config "c2s_ShrewSoftSrv"<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] sending XAuth vendor ID<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] sending DPD vendor ID<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] sending Cisco Unity vendor ID<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] sending NAT-T (RFC<br>
3947) vendor ID<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] Searching for PSK<br>
with :my_id,me,other_id,other: '44.44.44.1'[44.44.44.1] -<br>
'44.44.44.2'[44.44.44.2]<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[IKE] Got the shared<br>
secret key 'thisispsk'.<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[ENC] generating<br>
AGGRESSIVE response 0 [ SA KE No ID NAT-D NAT-D HASH V V V V ]<br>
Sep 24 12:58:15 router6654A1 charon:<info> 07[NET] sending packet:<br>
from 44.44.44.1[500] to 44.44.44.2[500] (408 bytes)<br>
Sep 24 12:58:15 router6654A1 charon:<info> 01[NET] received packet:<br>
from 44.44.44.2[500] to 44.44.44.1[500] (100 bytes)<br>
Sep 24 12:58:15 router6654A1 charon:<info> 01[ENC] parsed AGGRESSIVE<br>
request 0 [ HASH NAT-D NAT-D ]<br>
Sep 24 12:58:15 router6654A1 charon:<info> 01[IKE] queueing XAUTH task<br>
Sep 24 12:58:15 router6654A1 charon:<info> 01[IKE] activating new tasks<br>
Sep 24 12:58:15 router6654A1 charon:<info> 01[IKE] activating XAUTH task<br>
Sep 24 12:58:15 router6654A1 charon:<info> 01[ENC] generating<br>
TRANSACTION request 2769998340 [ HASH CPRQ(X_USER X_PWD) ]<br>
Sep 24 12:58:15 router6654A1 charon:<info> 01[NET] sending packet:<br>
from 44.44.44.1[500] to 44.44.44.2[500] (76 bytes)<br>
Sep 24 12:58:15 router6654A1 charon:<info> 08[NET] received packet:<br>
<span class="">from 44.44.44.2[500] to 44.44.44.1[500] (84 bytes)<br>
</span>Sep 24 12:58:15 router6654A1 charon:<info> 08[ENC] parsed<br>
INFORMATIONAL_V1 request 1493163800 [ HASH N(INITIAL_CONTACT) ]<br>
Sep 24 12:58:15 router6654A1 charon:<info> 06[NET] received packet:<br>
<span class="">from 44.44.44.2[500] to 44.44.44.1[500] (84 bytes)<br>
</span>Sep 24 12:58:15 router6654A1 charon:<info> 06[ENC] parsed TRANSACTION<br>
response 2769998340 [ HASH CPRP(X_TYPE X_USER X_PWD) ]<br>
Sep 24 12:58:15 router6654A1 charon:<info> 06[IKE] PAM authentication<br>
has received the connection name 'c2s_ShrewSoftSrv'<br>
Sep 24 12:58:15 router6654A1 charon:<error> PAM _pam_init_handlers: no<br>
default config /etc/pam.d/other<br>
Sep 24 12:58:15 router6654A1 charon:<error> pam_radius_auth: No RADIUS<br>
server found in configuration file /etc/raddb/server<br>
Sep 24 12:58:15 router6654A1 charon:<alert> pam_ldap: missing "host"<br>
in file "/etc/ldap.conf"<br>
Sep 24 12:58:15 router6654A1 charon:<error> pam_krb5(s2s-vpn:auth):<br>
(user cisco) parse_name failed: Configuration file does not specify<br>
default realm<br>
Sep 24 12:58:15 router6654A1 charon:<notice> pam_krb5(s2s-vpn:auth):<br>
authentication failure; logname=cisco uid=0 euid=0 tty= ruser= rhost=<br>
Sep 24 12:58:15 router6654A1 charon:<info> Localdb:user:cisco<br>
authentication sucess<br>
Sep 24 12:58:15 router6654A1 charon:<info> Localdb authorization Sucess<br>
Sep 24 12:58:15 router6654A1 charon:<info> 06[IKE] PAM authentication<br>
of 'cisco' successful<br>
Sep 24 12:58:15 router6654A1 charon:<info> 06[IKE] XAuth<br>
authentication of 'cisco' successful<br>
Sep 24 12:58:15 router6654A1 charon:<info> 06[IKE] reinitiating<br>
already active tasks<br>
Sep 24 12:58:15 router6654A1 charon:<info> 06[IKE] XAUTH task<br>
Sep 24 12:58:15 router6654A1 charon:<info> 06[ENC] generating<br>
TRANSACTION request 1517300843 [ HASH CPS(X_STATUS) ]<br>
Sep 24 12:58:15 router6654A1 charon:<info> 06[NET] sending packet:<br>
from 44.44.44.1[500] to 44.44.44.2[500] (68 bytes)<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[NET] received packet:<br>
from 44.44.44.2[500] to 44.44.44.1[500] (60 bytes)<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[ENC] parsed TRANSACTION<br>
response 1517300843 [ HASH CP ]<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] IKE_SA<br>
c2s_ShrewSoftSrv[806] established between<br>
44.44.44.1[44.44.44.1]...44.<wbr>44.44.2[44.44.44.2]<br>
Sep 24 12:58:15 router6654A1 charon:<info> Last message '15[IKE]<br>
IKE_SA c2s_S' repeated 1 times, supressed by syslog-ng on router6654A1<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] IKE_SA<br>
c2s_ShrewSoftSrv[806] state change: CONNECTING => ESTABLISHED<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] scheduling<br>
reauthentication in 28780s<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] maximum IKE_SA<br>
lifetime 28795s<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] activating new tasks<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] nothing to initiate<br>
Sep 24 12:58:15 router6654A1 charon:<info> 16[NET] received packet:<br>
from 44.44.44.2[500] to 44.44.44.1[500] (148 bytes)<br>
Sep 24 12:58:15 router6654A1 charon:<info> 16[ENC] parsed TRANSACTION<br>
request 3221496499 [ HASH CPRQ(U_SPLITINC U_LOCALLAN U_BANNER<br>
U_SAVEPWD U_NATTPORT VER U_FWTYPE) ]<br>
Sep 24 12:58:15 router6654A1 charon:<info> 16[IKE] processing<br>
UNITY_SPLIT_INCLUDE attribute<br>
Sep 24 12:58:15 router6654A1 charon:<info> 16[IKE] processing<br>
UNITY_LOCAL_LAN attribute<br>
Sep 24 12:58:15 router6654A1 charon:<info> 16[IKE] processing<br>
UNITY_BANNER attribute<br>
Sep 24 12:58:15 router6654A1 charon:<info> 16[IKE] processing<br>
UNITY_SAVE_PASSWD attribute<br>
Sep 24 12:58:15 router6654A1 charon:<info> 16[IKE] processing<br>
UNITY_NATT_PORT attribute<br>
Sep 24 12:58:15 router6654A1 charon:<info> 16[IKE] processing<br>
APPLICATION_VERSION attribute<br>
Sep 24 12:58:15 router6654A1 charon:<info> 16[IKE] processing<br>
UNITY_FW_TYPE attribute<br>
Sep 24 12:58:15 router6654A1 charon:<info> 16[ENC] generating<br>
TRANSACTION response 3221496499 [ HASH CPRP(DNS) ]<br>
Sep 24 12:58:15 router6654A1 charon:<info> 16[NET] sending packet:<br>
from 44.44.44.1[500] to 44.44.44.2[500] (76 bytes)<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] queueing MODE_CONFIG task<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] activating new tasks<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] activating MODE_CONFIG task<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] assigning virtual<br>
IP %any to peer 'cisco'<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[CFG] proposing traffic<br>
selectors for us:<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[CFG] <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a><br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[ENC] generating<br>
TRANSACTION request 1589939411 [ HASH CPS(ADDR DNS) ]<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[NET] sending packet:<br>
from 44.44.44.1[500] to 44.44.44.2[500] (76 bytes)<br>
Sep 24 12:58:15 router6654A1 charon:<info> 15[IKE] delaying task<br>
<span class="">initiation, TRANSACTION exchange in progress<br>
<br>
</span>Sep 24 12:58:17 router6654A1 charon:<info> 10[NET] received packet:<br>
from 44.44.44.2[500] to 44.44.44.1[500] (156 bytes)<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[ENC] parsed QUICK_MODE<br>
request 1840906332 [ HASH SA No ID ID ]<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] looking for a child<br>
config for <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> === <a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a><br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] proposing traffic<br>
selectors for us:<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a><br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] proposing traffic<br>
selectors for other:<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a><br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] candidate<br>
"c2s_ShrewSoftSrv" with prio 5+1<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] found matching<br>
child config "c2s_ShrewSoftSrv" with prio 6<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] selecting traffic<br>
selectors for other:<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] config: <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a>,<br>
received: <a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> => match: <a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a><br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] selecting traffic<br>
selectors for us:<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] config: <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a>,<br>
received: <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> => match: <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a><br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] proposal matches<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] received proposals:<br>
ESP:3DES_CBC/HMAC_SHA1_96/NO_<wbr>EXT_SEQ<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] configured<br>
proposals: ESP:3DES_CBC/HMAC_SHA1_96/NO_<wbr>EXT_SEQ<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] selected proposal:<br>
ESP:3DES_CBC/HMAC_SHA1_96/NO_<wbr>EXT_SEQ<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] changing proposed<br>
traffic selectors for us:<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[CFG] <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a><br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[KNL] got SPI cc9487a6<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[ENC] generating<br>
QUICK_MODE response 1840906332 [ HASH SA No ID ID ]<br>
Sep 24 12:58:17 router6654A1 charon:<info> 10[NET] sending packet:<br>
from 44.44.44.1[500] to 44.44.44.2[500] (172 bytes)<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[NET] received packet:<br>
from 44.44.44.2[500] to 44.44.44.1[500] (156 bytes)<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[ENC] parsed QUICK_MODE<br>
request 3245992495 [ HASH SA No ID ID ]<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[CFG] proposing traffic<br>
selectors for us:<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[CFG] <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a><br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[CHD] using 3DES_CBC<br>
for encryption<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[CHD] using<br>
HMAC_SHA1_96 for integrity<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[CHD] adding inbound ESP SA<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[CHD] SPI 0xcc9487a6,<br>
src 44.44.44.2 dst 44.44.44.1<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] deleting SAD entry<br>
with SPI cc9487a6<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] deleted SAD entry<br>
with SPI cc9487a6<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] adding SAD entry<br>
with SPI cc9487a6 and reqid {37}<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] using encryption<br>
algorithm 3DES_CBC with key size 192<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] using integrity<br>
algorithm HMAC_SHA1_96 with key size 160<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[CHD] adding outbound ESP SA<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[CHD] SPI 0xac159eb3,<br>
src 44.44.44.1 dst 44.44.44.2<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] adding SAD entry<br>
with SPI ac159eb3 and reqid {37}<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] using encryption<br>
algorithm 3DES_CBC with key size 192<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] using integrity<br>
algorithm HMAC_SHA1_96 with key size 160<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] adding policy<br>
<a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> === <a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> out<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] adding policy<br>
<a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> === <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> in<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] getting a local<br>
address in traffic selector <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a><br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] using host %any<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] using 44.44.44.2 as<br>
nexthop to reach <a href="http://44.44.44.2/32" rel="noreferrer" target="_blank">44.44.44.2/32</a><br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] 44.44.44.1 is on<br>
interface eth2<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] installing route:<br>
<a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> via 44.44.44.2 src %any dev eth2<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] getting iface index for eth2<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] adding policy<br>
<a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> === <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> fwd<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] policy <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a><br>
=== <a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> out already exists, increasing refcount<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] updating policy<br>
<a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> === <a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> out<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] policy <a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a><br>
=== <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> in already exists, increasing refcount<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] updating policy<br>
<a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> === <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> in<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] getting a local<br>
address in traffic selector <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a><br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] using host %any<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] using 44.44.44.2 as<br>
nexthop to reach <a href="http://44.44.44.2/32" rel="noreferrer" target="_blank">44.44.44.2/32</a><br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] 44.44.44.1 is on<br>
interface eth2<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] policy <a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a><br>
=== <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> fwd already exists, increasing refcount<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] updating policy<br>
<a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> === <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> fwd<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[IKE] CHILD_SA<br>
c2s_ShrewSoftSrv{42} established with SPIs cc9487a6_i ac159eb3_o and<br>
TS <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> === <a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a><br>
Sep 24 12:58:17 router6654A1 charon:<info> Last message '14[IKE]<br>
CHILD_SA c2s' repeated 1 times, supressed by syslog-ng on router6654A1<br>
Sep 24 12:58:17 router6654A1 charon:<info> 14[KNL] 44.44.44.1 is on<br>
interface eth2<br>
Sep 24 12:58:17 router6654A1 charon:<info> 06[NET] received packet:<br>
from 44.44.44.2[500] to 44.44.44.1[500] (52 bytes)<br>
Sep 24 12:58:17 router6654A1 charon:<info> 06[ENC] parsed QUICK_MODE<br>
request 1840906332 [ HASH ]<br>
Sep 24 12:58:17 router6654A1 charon:<info> 06[IKE] sa payload missing<br>
Sep 24 12:58:17 router6654A1 charon:<info> 06[IKE] queueing INFORMATIONAL task<br>
Sep 24 12:58:17 router6654A1 charon:<info> 06[IKE] delaying task<br>
<span class="">initiation, TRANSACTION exchange in progress<br>
</span>root@router6654A1:~# Sep 24 12:58:22 router6654A1 charon:<info><br>
15[NET] received packet: from 44.44.44.2[500] to 44.44.44.1[500] (156<br>
bytes)<br>
Sep 24 12:58:22 router6654A1 charon:<info> 15[ENC] invalid HASH_V1<br>
payload length, decryption failed?<br>
Sep 24 12:58:22 router6654A1 charon:<info> 15[ENC] Invalid HASH or PSK!<br>
Sep 24 12:58:22 router6654A1 charon:<info> 15[ENC] could not decrypt payloads<br>
Sep 24 12:58:22 router6654A1 charon:<info> 15[IKE] message parsing failed<br>
Sep 24 12:58:22 router6654A1 charon:<info> 15[ENC] generating<br>
INFORMATIONAL_V1 request 2833253916 [ HASH N(PLD_MAL) ]<br>
Sep 24 12:58:22 router6654A1 charon:<info> 15[NET] sending packet:<br>
from 44.44.44.1[500] to 44.44.44.2[500] (68 bytes)<br>
Sep 24 12:58:22 router6654A1 charon:<info> 15[IKE] QUICK_MODE request<br>
with message ID 3245992495 processing failed<br>
Status of IKE charon daemon (weakSwan 5.3.0, Linux 3.2.54, armv7l):<br>
loaded plugins: charon xauth-pam aes des sha1 sha2 md5 random nonce<br>
x509 revocation constraints pubkey pkcs1 pgp dnskey pem fips-prf gmp<br>
xcbc hmac attr kernel-pfkey kernel-netlink resolve ezvpn<br>
socket-default stroke updown xauth-generic unity<br>
Sep 24 12:58:23 router6654A1 charon:<info> 14[CFG] proposing traffic<br>
selectors for us:<br>
Sep 24 12:58:23 router6654A1 charon:<info> 14[CFG] <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a><br>
Sep 24 12:58:23 router6654A1 charon:<info> 14[CFG] proposing traffic<br>
selectors for other:<br>
Sep 24 12:58:23 router6654A1 charon:<info> 14[CFG] dynamic<br>
Sep 24 12:58:23 router6654A1 charon:<info> 14[KNL] querying SAD entry<br>
with SPI cc9487a6<br>
Sep 24 12:58:23 router6654A1 charon:<info> 14[KNL] querying SAD entry<br>
with SPI ac159eb3<br>
Sep 24 12:58:27 router6654A1 charon:<info> 06[NET] received packet:<br>
from 44.44.44.2[500] to 44.44.44.1[500] (156 bytes)<br>
Sep 24 12:58:27 router6654A1 charon:<info> 06[ENC] invalid HASH_V1<br>
payload length, decryption failed?<br>
Sep 24 12:58:27 router6654A1 charon:<info> 06[ENC] Invalid HASH or PSK!<br>
Sep 24 12:58:27 router6654A1 charon:<info> 06[ENC] could not decrypt payloads<br>
Sep 24 12:58:27 router6654A1 charon:<info> 06[IKE] message parsing failed<br>
Sep 24 12:58:27 router6654A1 charon:<info> 06[ENC] generating<br>
INFORMATIONAL_V1 request 1550766054 [ HASH N(PLD_MAL) ]<br>
Sep 24 12:58:27 router6654A1 charon:<info> 06[NET] sending packet:<br>
from 44.44.44.1[500] to 44.44.44.2[500] (68 bytes)<br>
Sep 24 12:58:27 router6654A1 charon:<info> 06[IKE] QUICK_MODE request<br>
with message ID 3245992495 processing failed<br>
root@router6654A1:~# Sep 24 12:58:30 router6654A1 charon:<info><br>
13[NET] received packet: from 44.44.44.2[500] to 44.44.44.1[500] (84<br>
bytes)<br>
Sep 24 12:58:30 router6654A1 charon:<info> 13[ENC] parsed<br>
INFORMATIONAL_V1 request 1159572671 [ HASH N(DPD) ]<br>
Sep 24 12:58:30 router6654A1 charon:<info> 13[IKE] queueing ISAKMP_DPD task<br>
Sep 24 12:58:30 router6654A1 charon:<info> 13[IKE] delaying task<br>
<span class="">initiation, TRANSACTION exchange in progress<br>
</span>Sep 24 12:58:32 router6654A1 charon:<info> 09[NET] received packet:<br>
from 44.44.44.2[500] to 44.44.44.1[500] (156 bytes)<br>
Sep 24 12:58:32 router6654A1 charon:<info> 09[ENC] invalid HASH_V1<br>
payload length, decryption failed?<br>
Sep 24 12:58:32 router6654A1 charon:<info> 09[ENC] Invalid HASH or PSK!<br>
Sep 24 12:58:32 router6654A1 charon:<info> 09[ENC] could not decrypt payloads<br>
Sep 24 12:58:32 router6654A1 charon:<info> 09[IKE] message parsing failed<br>
Sep 24 12:58:32 router6654A1 charon:<info> 09[ENC] generating<br>
INFORMATIONAL_V1 request 1517996381 [ HASH N(PLD_MAL) ]<br>
Sep 24 12:58:32 router6654A1 charon:<info> 09[NET] sending packet:<br>
from 44.44.44.1[500] to 44.44.44.2[500] (68 bytes)<br>
Sep 24 12:58:32 router6654A1 charon:<info> 09[IKE] QUICK_MODE request<br>
with message ID 3245992495 processing failed<br>
Sep 24 12:58:45 router6654A1 charon:<info> 15[NET] received packet:<br>
<span class="">from 44.44.44.2[500] to 44.44.44.1[500] (84 bytes)<br>
</span>Sep 24 12:58:45 router6654A1 charon:<info> 15[ENC] parsed<br>
INFORMATIONAL_V1 request 143823582 [ HASH N(DPD) ]<br>
Sep 24 12:58:45 router6654A1 charon:<info> 15[IKE] queueing ISAKMP_DPD task<br>
Sep 24 12:58:45 router6654A1 charon:<info> 15[IKE] delaying task<br>
<span class="">initiation, TRANSACTION exchange in progress<br>
</span>Sep 24 12:58:49 router6654A1 charon:<info> 14[NET] received packet:<br>
<span class="">from 44.44.44.2[500] to 44.44.44.1[500] (84 bytes)<br>
</span>Sep 24 12:58:49 router6654A1 charon:<info> 14[ENC] parsed<br>
INFORMATIONAL_V1 request 547844166 [ HASH N(DPD) ]<br>
Sep 24 12:58:49 router6654A1 charon:<info> 14[IKE] queueing ISAKMP_DPD task<br>
Sep 24 12:58:49 router6654A1 charon:<info> 14[IKE] delaying task<br>
<span class="">initiation, TRANSACTION exchange in progress<br>
</span>Sep 24 12:58:52 router6654A1 charon:<info> 13[NET] received packet:<br>
<span class="">from 44.44.44.2[500] to 44.44.44.1[500] (84 bytes)<br>
</span>Sep 24 12:58:52 router6654A1 charon:<info> 13[ENC] parsed<br>
INFORMATIONAL_V1 request 3233504664 [ HASH N(DPD) ]<br>
Sep 24 12:58:52 router6654A1 charon:<info> 13[IKE] queueing ISAKMP_DPD task<br>
Sep 24 12:58:52 router6654A1 charon:<info> 13[IKE] delaying task<br>
<span class="">initiation, TRANSACTION exchange in progress<br>
Sep 24 12:58:54 router6654A1 charon:<info> 12[NET] received packet:<br>
from 44.44.44.2[500] to 44.44.44.1[500] (84 bytes)<br>
Sep 24 12:58:54 router6654A1 charon:<info> 12[ENC] parsed<br>
INFORMATIONAL_V1 request 3103766190 [ HASH N(DPD) ]<br>
Sep 24 12:58:54 router6654A1 charon:<info> 12[IKE] queueing ISAKMP_DPD task<br>
Sep 24 12:58:54 router6654A1 charon:<info> 12[IKE] delaying task<br>
initiation, TRANSACTION exchange in progress<br>
Sep 24 12:58:55 router6654A1 charon:<info> 07[KNL] querying SAD entry<br>
with SPI cc9487a6<br>
</span><span class="">Sep 24 12:58:56 router6654A1 charon:<info> 01[NET] received packet:<br>
from 44.44.44.2[500] to 44.44.44.1[500] (68 bytes)<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[ENC] parsed<br>
INFORMATIONAL_V1 request 806565993 [ HASH D ]<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[IKE] received DELETE for<br>
ESP CHILD_SA with SPI ac159eb3<br>
</span>Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] querying SAD entry<br>
with SPI cc9487a6<br>
<span class="">Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] querying SAD entry<br>
with SPI ac159eb3<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[IKE] closing CHILD_SA<br>
c2s_ShrewSoftSrv{42} with SPIs cc9487a6_i (0 bytes) ac159eb3_o (0<br>
bytes) and TS <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> === <a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a><br>
Sep 24 12:58:56 router6654A1 charon:<info> Last message '01[IKE]<br>
closing CHIL' repeated 1 times, supressed by syslog-ng on router6654A1<br>
</span>Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] deleting policy<br>
<a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> === <a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> out<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] policy still used<br>
by another CHILD_SA, not removed<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] updating policy<br>
<a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> === <a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> out<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] deleting policy<br>
<a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> === <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> in<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] policy still used<br>
by another CHILD_SA, not removed<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] updating policy<br>
<a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> === <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> in<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] getting a local<br>
address in traffic selector <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a><br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] using host %any<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] using 44.44.44.2 as<br>
nexthop to reach <a href="http://44.44.44.2/32" rel="noreferrer" target="_blank">44.44.44.2/32</a><br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] 44.44.44.1 is on<br>
interface eth2<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] deleting policy<br>
<a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> === <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> fwd<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] policy still used<br>
by another CHILD_SA, not removed<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] updating policy<br>
<a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> === <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> fwd<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] deleting policy<br>
<a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> === <a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> out<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] deleting policy<br>
<a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> === <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> in<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] getting iface index for eth2<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] deleting policy<br>
<a href="http://10.0.0.1/32" rel="noreferrer" target="_blank">10.0.0.1/32</a> === <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a> fwd<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] deleting SAD entry<br>
with SPI cc9487a6<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] deleted SAD entry<br>
with SPI cc9487a6<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] deleting SAD entry<br>
with SPI ac159eb3<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[KNL] deleted SAD entry<br>
with SPI ac159eb3<br>
Sep 24 12:58:56 router6654A1 charon:<info> 01[IKE] delaying task<br>
<span class="">initiation, TRANSACTION exchange in progress<br>
</span>Sep 24 12:58:56 router6654A1 charon:<info> 08[NET] received packet:<br>
<span class="">from 44.44.44.2[500] to 44.44.44.1[500] (84 bytes)<br>
</span>Sep 24 12:58:56 router6654A1 charon:<info> 08[ENC] parsed<br>
INFORMATIONAL_V1 request 1876803221 [ HASH D ]<br>
Sep 24 12:58:56 router6654A1 charon:<info> 08[IKE] received DELETE for<br>
IKE_SA c2s_ShrewSoftSrv[806]<br>
Sep 24 12:58:56 router6654A1 charon:<info> 08[IKE] deleting IKE_SA<br>
c2s_ShrewSoftSrv[806] between<br>
44.44.44.1[44.44.44.1]...44.<wbr>44.44.2[44.44.44.2]<br>
Sep 24 12:58:56 router6654A1 charon:<info> Last message '08[IKE]<br>
deleting IKE' repeated 1 times, supressed by syslog-ng on router6654A1<br>
Sep 24 12:58:56 router6654A1 charon:<info> 08[IKE] IKE_SA<br>
c2s_ShrewSoftSrv[806] state change: ESTABLISHED => DELETING<br>
Sep 24 12:58:56 router6654A1 charon:<info> 08[IKE] IKE_SA<br>
c2s_ShrewSoftSrv[806] state change: DELETING => DELETING<br>
Sep 24 12:58:56 router6654A1 charon:<info> 08[IKE] IKE_SA<br>
c2s_ShrewSoftSrv[806] state change: DELETING => DESTROYING<br>
<br>
<br>
<br>
<br>
Thanks<br>
<span class="HOEnZb"><font color="#888888">Chaitanya<br>
</font></span><div class="HOEnZb"><div class="h5"><br>
<br>
On Wed, Oct 19, 2016 at 9:25 PM, Noel Kuntze <<a href="mailto:noel@familie-kuntze.de">noel@familie-kuntze.de</a>> wrote:<br>
> On 19.10.2016 09:26, chaitanya vinnakota wrote:<br>
>> Sep 24 12:58:54 router6654A1 charon:<info> 12[NET] received packet:<br>
>> from 44.44.44.2[500] to 44.44.44.1[500] (84 bytes)<br>
>> Sep 24 12:58:54 router6654A1 charon:<info> 12[ENC] parsed<br>
>> INFORMATIONAL_V1 request 3103766190 [ HASH N(DPD) ]<br>
>> Sep 24 12:58:54 router6654A1 charon:<info> 12[IKE] queueing ISAKMP_DPD task<br>
>> Sep 24 12:58:54 router6654A1 charon:<info> 12[IKE] delaying task<br>
>> initiation, TRANSACTION exchange in progress<br>
>> Sep 24 12:58:55 router6654A1 charon:<info> 07[KNL] querying SAD entry<br>
>> with SPI cc9487a6<br>
><br>
> In the subject, you're writing about modeconfig=push, but you configured modeconfig=pull.<br>
> Please make sure you configured each side correctly.<br>
><br>
> The logs indicate that charon delayed the execution of the DPD task because<br>
> a transaction (mode config) is in progress.<br>
><br>
> --<br>
><br>
> Mit freundlichen Grüßen/Kind Regards,<br>
> Noel Kuntze<br>
><br>
> GPG Key ID: 0x63EC6658<br>
> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658<br>
><br>
><br>
</div></div></blockquote></div><br></div>